Having a Mac Mini (MM) Server is actually an advantage at times. In my network, I have a number of VMs that perform different functions that I am playing around with. The trick it would seem is getting useful vlan activity out of it. I am just starting to get the hang of how to set up vlans both in the Mac Mini sense and in the VMWare Fusion sense. The new version of VMWare Fusion will give some added capability that I did not have before. I have some basic functionality in the network that I want to be able to achieve:
1. I want to have some basic functionality in the MM that I don't want anyone else to have access to from my network, e.g. the Win7 VM and some of the programs on the MM.
2. On the other hand, there are some Media applications, e.g. PMS and iTunes, that I need the rest of my network to have access to, across multiple vlans.
3. I have a vlan specific to administration in my network that I want both my MM and my Win7 laptop to have access to (the Win7 laptop only when I am logged on as myself).
4. The MM hosts my VPN and I must control access to my network via specific vlans that can be accessed from the outside.
5. I have the following vlans specific to the MM: Media, Experimental, Personal, and DMZ.
6. I want an Ubuntu/SVN VM to have access to the personal vlan.
7. I want an Ubuntu/XBMC VM to have access to the media vlan.
8. I want an Ubuntu/Robot VM, running Robot Operating System, to have access to the experimental vlan.
9. I want a Trac/SVN VM and an Ubuntu/Drupal VM to have access to the DMZ vlan.
10. Control of #1, #2, and #3 will be routing initiated by an Ubuntu/Router/Switch VM. The preferred router would be a DD-WRT based VM, but I want some basic routing functionality that I can control.
11. Even though I can gain access to the login screens of each of the VMs, I would still like to have the capability of loading a webmin client into each of the Ubuntu based VMs and have access to it via the administrative vlan. Is this even doable?
More on this later.
-- LW
This is a blog mostly about techie things, what I am doing to my apartment network on the cheap, IOT, 3D Printing, Raspberry Pis, Arduinos, ESP32, ESP8266, Home Automation, Personal Weather Stations, Things That Go Bump in the Night, and some side issues that need discussing. Remember, sometimes the journey to an end is as much fun as the goal achieved!
Thursday, November 29, 2012
Wednesday, November 28, 2012
I Have a New Version of VMWare Fusion
Normally I would not talk that much about my VMs, but I just purchased an update to Fusion at a discount of $20 off the normal price. The thing that convinced me to buy it was the way that virtual LANs are created now. When I was using version 4, I was faced with making vlans by modifying some configuration files. Now I can do the same with a GUI interface. In addition, the interface is a little better at relating the internal vlans to external tagged vlans. This will set well with what I ultimately want to do with my home network.
- LW
- LW
Labels:
VMs
Tuesday, November 27, 2012
Have an Apple TV 2 to Try Out
Thanks to my son-in-law's grandfather, I now have an Apple TV 2 to try out for a few days. If you point your browser to http://www.appletvhacks.com, you can find a wealth of information about making this item dance and sing way past what Apple is willing to let you do. It is unfortunate that Apple is making it more and more difficult to use the Apple TV the way that I would like to have it used, namely stream from other than iTunes stuff and allow me access to my HDHomeRun Prime. I am still in the development stages of the home network, mainly because it is fun to do; and one of those things is to replace the Verizon set top boxes with something cheaper. As I get closer to my retirement, I need to be able to reduce costs all the way around. I will keep Verizon's FIOS TV and Internet, but I need to get the cost to go down. Otherwise, I will be in the process of looking for something else to replace it with. Hence, the changes to the network which will include this Apple TV 2. Right now there is no jailbreak for the Apple TV 3, which I have two of in my house.
My game plan is to first jailbreak the Apple TV 2 (which has a 720p output) and attempt to get the streaming that I want to my downstairs HDTV. I plan on connecting Plex Media Server, iTunes, the HDHomeRun Prime, and Netflix as streaming options. What I will probably need to do is setup XBMC on the Apple TV 2 to connect to the HDHRP to complement the capabilities of the device. I have other Apple Products which allow for AirPlay, along with AirParrot which can AirPlay from my Windows 7 laptop. I should be able to have a complete media experience without some of the shortcomings that Apple and Verizon have implemented into their system.
-- LW
My game plan is to first jailbreak the Apple TV 2 (which has a 720p output) and attempt to get the streaming that I want to my downstairs HDTV. I plan on connecting Plex Media Server, iTunes, the HDHomeRun Prime, and Netflix as streaming options. What I will probably need to do is setup XBMC on the Apple TV 2 to connect to the HDHRP to complement the capabilities of the device. I have other Apple Products which allow for AirPlay, along with AirParrot which can AirPlay from my Windows 7 laptop. I should be able to have a complete media experience without some of the shortcomings that Apple and Verizon have implemented into their system.
-- LW
Labels:
Media
Decided to Not Fight It
I decided to not fight the way that Verizon has their ActionTec router set up. What I did was I put a second router behind the ActionTec router. I then made the ActionTec router form a DMZ between it and my current Buffalo router. By doing this, Verizon now has full control of their ActionTec router to do whatever it is that they want to have done. And I can control the inside of my network using my own router.
-- LW
-- LW
Friday, November 16, 2012
Less Than Happy with the New Router
I have installed the new router in my home network. The ActionTec router from Verizon is somewhat of a disappointment, first of all it only has 100MHz Ethernet even though the user manual says it gets 1GHz. Second, it has a port open to the world which from my readings is not there because "Verizon's servers will poll the address and update the software in the router"; it seems to be there because Verizon has a direct connection to a facility down south which is an internal intelligence gathering organization. Not only that but it apparently a web based server, undocumented in the router user manual, which is only protected by username and password. I consider that a security breach into my home network.
I will be attempting to close this port down in the near future. If I am not able to do that, I will be putting all of my network behind my other router and DMZing the connection to it from the ActionTec. If the organization down south needs to see what I have in my network they can contact me directly. Conspiracy theories aside, I just don't trust something that I know nothing about and is well known across the internet. The port is also the same port that is used by at least two botnets for their control. Also the username and password combo is subject to attack. That is why I don't allow management of any router I have directly from an Internet connection. Hopefully Verizon will understand.
Update: [12/2/2012] it would appear that I may be completely wrong here. The ActionTec router has a TR-069 capability which allows it to be controlled as part of a larger scale system for remote management of end-user devices. (see http://en.wikipedia.org/wiki/TR-069)
- LW
I will be attempting to close this port down in the near future. If I am not able to do that, I will be putting all of my network behind my other router and DMZing the connection to it from the ActionTec. If the organization down south needs to see what I have in my network they can contact me directly. Conspiracy theories aside, I just don't trust something that I know nothing about and is well known across the internet. The port is also the same port that is used by at least two botnets for their control. Also the username and password combo is subject to attack. That is why I don't allow management of any router I have directly from an Internet connection. Hopefully Verizon will understand.
Update: [12/2/2012] it would appear that I may be completely wrong here. The ActionTec router has a TR-069 capability which allows it to be controlled as part of a larger scale system for remote management of end-user devices. (see http://en.wikipedia.org/wiki/TR-069)
- LW
Friday, November 9, 2012
Have a new house router from Verizon
Well, Verizon sent me a new ActionTec MI424-WR Rev F router without me asking. Their take was that my previous router (which I don't use at all any more) needed to be upgraded to take advantage of their new capabilities. I read it as "we can control our routers so we can snoop on what you are doing." The ActionTec router has some nice capabilities but with a 4 year old kernel (possible security problem here). The only thing it can do outside of what my current setup can do is that the MOCA connection is built into the router and is version 1.1 (my current MOCA gateway is version 1.0) giving it both a WAN and LAN capability. I was just about to toss it aside when I noticed that I can configure the ports for VLAN access and that has some merit with what I am trying to do. I therefore have been busily modifying the network layout to accomodate the new ActionTec and at the same time do what I want to do with one and only one managed switch. I don't know, maybe it would make life simpler if I had two managed switches here. By making some connection changes I am able to free up some lines on the managed switch and still do what I want. I think that I will try it with the ActionTec in the large bedroom downstairs and trunk it back to the managed switch from the router. That will enable me to designate a couple of the ports for other things. My only issue at this point is that I need to get the coax from one side of the wall to the other in order to accommodate the changes. I think that I also might do something with my current Buffalo router that will give me extra capability to route traffic around the network since it is able to work with tagged vlans. More later.
-- LW
-- LW
Labels:
ActionTec
Friday, November 2, 2012
Power Outage and HTPC
I did manage to loose power for about four hours on Monday night. I know because I was about to turn off the lights at 10 and the lights went out followed by my UPS on the Mac Mini beeping. I turned off the UPS and went to bed and was awoken by the lights coming on in the bedroom. Even though the HTPC was not on a UPS, it did survive the surge coming back on. I did have to restart the WMC however. I will make that the default that launches upon boot-up. I also need to change the HTPC to HDMI 1 so that the Plasma TV is tuned to it by default. These are little things that you don't necessarily think about until something happens to force your hand.
- LW
- LW
Labels:
HTPC
Subscribe to:
Posts (Atom)