One of the greatest things about working in IT is that usually you get the enjoyment of bringing your passion home, much to the annoyance of your housemates or other half. I am one of those people.
In my lab I have the following:
- Palo Alto PA-200
- Juniper EX2200-C
- Ruckus R510
- Intel NUC8I5BEH, running Proxmox with 32GB of RAM
- HP 1st Gen Microserver with 5TB of storage, running FreeNAS
- Cyberpower 1500VA UPS
From the list above, you may be able to tell that I am a networking guy. The Palo Alto and Juniper are connected and talk to each other using Open Shortest Path First routing (OSPF). Probably a bit overkill for this setup but I wanted to learn it.
One of Palo’s slightly older (and slower) firewalls but I could not bear to see it sit on the shelf at work any longer. The usual set up happening here. The VM router hands its public IP out as DHCP to the untrust interface and everything internally is NATed through that.
There are a couple of test features enabled here and there, like SSL decryption and threat protection.
One absolute must when setting all of this up is a remote access solution. Thankfully Palo provides GlobalProtect without the need for licensing. I also run a DUO RADIUS server for MFA into the network.
My first proper exposure to managed switches was Juniper so naturally, that is how I think about programming these devices. I suppose you could relate it to learning your first language. Unfortunately is it not the PoE version so I have to make do with some injectors for the APs.
I will never recommend any other wireless provider. I am serious when I say it just works.
When I headed up the IT department at a local sixth form college, we used to have termly meeting with other colleges. All the other colleges used to complain about their Wi-Fi and we would proudly say it is more reliable than our wired service. If that is not an endorsement, I am not sure what is.
Proxmox is a virtualisation distribution using Kernel-based Virtual Machine (KVM) and Linux Containers (LXC). It is pretty easy to set up and get running.
Make sure you don’t fall into the same problem I did when running Proxmox on a headless Intel NUC. Grab yourself one of these, otherwise your host will not boot if you need to restart it remotely.
This is running all the time for DHCP and DNS on my network. I had a free license and couldn’t get the Linux equivalents to properly run dynamic DNS. It also runs a small DynDNS updater program so I can access my network from anywhere in the world.
This collects filebeat data from the Windows Server and syslog messages from all of the network equipment. Do I need to do all of this? Absolutely not but it does make some nice graphs.
Well, it wouldn’t be a home network without Plex would it? NFS mounted to the NAS for plenty of storage.
This is a small container that runs librespeedtest and iperf3 so I can test the speed of my wired, VPN and wireless clients.