Possible Networking Changes in an All WiFi Environment

Since the retirement village will have only WiFi connection, there will be some things that I will need to add to make the setup easier for the future.  It seems that I will be able to talk between devices over the WiFi network, including all over the campus.  I am counting on this to be able to do some interesting network things.  So there would need to be some of the following developed:

• WiFi Bridge - this will be needed to connect the non-WiFi equipment, like the Edgerouter-12, to the WiFi network
• MQTT Server - this would provide an MQTT instance at the WiFi level on the ER12 router for some automation things
• Home Assistant Server - this would provide an HA instance through the ER12 router
• L2TP IPSec Endpoint - this would provide a connection for my laptops from anywhere in the community through the ER12 router
• Raspberry Pi WiFi Endpoint - L2TP IPSec GRE based endpoint that isolates the Ethernet connection of the RPi from the WiFi portion which runs over the campus WiFi network; it also allows a point to point connection between RPi endpoints with multiple networking protocols running over it on whatever vlans I desire; this might possibly be implemented by an RPi Zero W/USB plug
• Plex Server - this would provide Plex capability through the ER12 router
• NextCloud Server - this would provide file and project services through the ER12 router

Future Rack Setup

Background: I have a distributed HomeLab that I have built up over the years that I had become quite proud of.  It allowed me to move equipment about the house and make changes as I needed as well as include new equipment that I purchase.  This included at least 8 different vlans for different purposes, including separating media and IOT equipment.  Equipment consisted of an Edgerouter-12, M4100-26g switch, five GS108Tv2/v3 managed switches throughout the house, Proxmox server (FX8320 w/16GB), Home assistant server (Zotec Atom D525), Mac Mini server, several Cameras, a couple of Edgerouter-Xs, and several Raspberry Pi’s performing different functions including interfacing a personal weather station.  My main hobbies include working with the RPis and Arduino and doing various networking experiments (I’m an engineer by profession).

That is all changing now that I am downsizing into an apartment in a month.  I’m moving into an environment that has wi-fi only (no Ethernet in the walls, so wi-if bridge for the rack), and no way to change out switches or door locks for automation.  I am limiting myself to the one 15U rack and some plastic tubs for extra electronics to play with.  So, currently the rack contains: an Edgerouter-12, an M4100-26g switch, one GS108Tv2 switch, the Proxmox server, two WD MyCloud NAS, and eight Raspberry Pi’s.  The Proxmox server is in a regular desktop case laying on its side (soon to be put in a 2U case).

Other than rack mounting the Mac Mini, what other things can I set up for both now and in the future?

Project #25 - Changing the HomeLab for Retirement

I need to be able to convert my HomeLab equipment for transfer to the new Retirement apartment. The equipment around the house needs to be put into a rack with extra equipment relegated to some auxiliary tubs.

New Direction - Moving into a Retirement Home

 The more things stay the same, the more they change.  We have recently decided to move into a retirement community near us and have placed a hold on one of the apartments there.  This means a drastic reduction in my home network and what I am able to take with me to the new home.  At this point we are still in the planning stages, but I will be downsizing considerably.  I am not sure what this will mean to all of the activities that I have been involved with over the past several years.

I do know that there is a dramatic difference in networking capabilities where I am moving to versus what I enjoy doing at the moment.  Rest assured, I will be taking my HomeLab with me to the new digs along with a bunch of the electronic gear that I have accumulated over the past several years.  It doesn't make sense to take all of it however.  I have resigned myself to only taking one rack worth of equipment plus four large plastic tubs full of other material.  I have talked myself into this spartan arrangement for any future endeavors.  Where I am going has a lot of activities that will take up my time, and I hope to be able to continue blogging with a purpose.

Project #24 - Cover the House with WiFi - Implement a WAP in the Basement

There was some discussion about changing up the makeup of our home; during that time I decided to add an additional WiFi capability to the downstairs.  I am still going to accomplish that.  So far:

1. I have done a WiFi survey throughout the house only to discover that there are portions of the house which have only a -80 dBm signal from the WAP in the living room; so an additional WAP would be necessary
2. The WAP that I would use needs to be able to accommodate at least 4 VLAN/SSID combinations; my current WAP is a UniFi AP AC Pro where I am using four SSIDs
3. I have decided that the best WAP to meet the need is the Unifi UAP-IW-HD-US which is an in-wall unit with an additional 4 ports on the bottom that can be used for other things; this unit actually has better range than my current one (but will be mounted under a steel beam which will mess with the signal straight up) and should be able to work seamlessly with the current unit
4. I have purchased the Unifi UAP-IW-HD-US from my local MicroCenter along with a POE+ injector since I do not have POE+ switches
5. I have decided to mount the unit outside the wall with an electrical outlet that mounts to the wall and has sufficient depth to allow an Ethernet cable to come through the side and be attached to the back of the WAP; I also will have the POE+ injector mounted at the same location downstairs 
6. I have moved the current WAP onto my Admin vlan since I consider the WAPs to be part of the network infrastructure; in that way I can close off all connection to the Admin vlan unless I need to change the architecture
7. I have set up a temporary port on my Edgerouter-12 for testing the new WAP prior to changing the connection through my fiber optic cable which currently goes to an old Netgear router and will then be permanent
8. I mounted the UAP-IW-HD on the wall downstairs, mounted a POE+ injector under it, connected Ethernet to my ER-12, and proceeded to check it out
9. I resolved a couple of errors (not being on the same vlan with the controller was one) and then did a wifi survey.  This seems to have cured the problem in the wifi throughout the house.
10. I changed the vlans coming to the family room downstairs so that I can set up the UAP-IW-HD with the same ones plus others so that I have a complete setup.
11. Rebooted the UAP-IW-HD, added a trunk out on port 1, and everything came up just fine.  Project complete.

NetUpdate #01 - Review of the Current State of the Network

 As I sit here, now retired, I have been going over what components my network has and how I want to continue on with this HomeLab hobby.  Whether I want to admit it or not I have decided that making changes to this network is a sort of hobby in and of itself.  I enjoy trying out new things and making changes here and there to better how I use the network.  Since I am now retired, I have time to do things that I have been putting off in the network, i.e. to completion. Currently I have a number of home network things that I want to incorporate, such as:

• Cover the entire house with wifi 
• Bring in a Kanban board to be hosted on my HomeLab, instead of relying on Trello
• Make the Kanban board accessible from the outside by incorporating a VPN into the house
• Further isolate different portions of the network that do not need to be touching each other
• Have some built in redundancy in case things go south in the network
• Work up the security on the HomeLab, including isolation of an Admin vlan for the infrastructure
• Incorporate more Raspberry Pi units into the HomeLab that are on continuously
• Get back into Home Automation
• Get into CI/CD for developing software on the HomeLab
• Go with the Zero Trust Network theme throughout (encryption becomes important now)

These items will of course take time over the next few months and years to come.  I am reasonably happy with how things have turned out so far.

Tips #11 - Shorthand notation for network diagrams

The following are some example rules for diagram shorthand notation.  This was developed to be able to not only indicate where the connections are, but to identify the ports on each end.  Makes it easy to put a wiring list together.

• General Format: {port_from}[What_flow_contains]{port_to}
• Port designation: {device-port}
• {ONT} for Verizon ONT
• {SW1-5} for Switch#1, port 5
• {RT3-2} for Router#3, port 2
• {RT3-W} for Router#3, wan port
• {RPi05-D1} for Raspberry Pi #5, dongle on usb port 1
• {RPi05-E} for Raspberry Pi #5, ethernet port
• {PP1-15} for patch panel #1, port 15
• Flow designation: [non_tagged_vlan/Ttrunk_vlan_list]
• [32] for non-tagged vlan 32
• [T4,6,8] for tagged vlans 4, 6, and 8
• [12/T14,70] for non-tagged vlan 12 with tagged vlans 14 and 70
• [Trunk] for generic <defined elsewhere> trunk with tagged vlans; shorthand