Logical Network Setup

I’ve never really set up anything more complicated than a couple basic networks before. Couple times I’ve done multi-network datacenter builds with routing and acl’s between them, some multi-site networks with ipsec tunnels, and anything you can think of in AWS, I’ve pretty much done. But, I’ve never had a purpose built “enterprise” physical network to play with. So part of my current project is to dip my toes into that.

In the new house, I’m going to be renting out a couple rooms. Since there’s no sense running multiple Comcast lines to the house (pending a Metronet rollout to the area) I figured I’d build out one network for each of my 3 tenants, plus a separate network for my future wife and I. So, that’s 4 networks to start.

Next up, I’ve got my HomeProd network. Simple enough, that’s where most of my architecture will be. Couple k8s servers, NAS server, bastion, monitoring. Up to 5.

Almost forgot, management vlan. Gotta have somewhere to provision the access points from, control the hypervisors from, and put the PDU/switches/etc. That’s 6.

No network is complete without a guest wifi network, so, 7. All the chromecasts should be on the same network, and those are going to be shared with everyone separate from their personal networks. 8.

Plus a sandboxed, monitored network for IoT, and oh yeah, a couple sandboxes for labs, one with dhcp and one without. And while we’re at it, how about a dedicated lan for lan parties.

All in all, I’m at 12 distinct networks in my home. I think I’ve got the ip space all figured out:

No such thing as overkill if you’re having fun

Alright, cool. Bit much, but it’ll be pretty solid once it’s all in. So now it’s onto the wifi system design.

Hello world!

Fun new rack, fun new project. This blog is going to document my progress, challenges, solutions, and straight up stupidity as I build out my new home network.

My goal with my new homelab is to create an enterprise-grade system for managing workloads in kubernetes using a combination of new and used hardware for under $6000 all up. This has to include some home networking things, like my Plex system (with a kubernetes shim to launch k8s transcoder pods), zfs storage w/ some seriously beefy caching, full monitoring stack using Prometheus and Grafana, and a Steam Cache.

Basically, project structure is going to go as follows:

  1. Relaxation time. As of this post, getting married in a week (and a day), month and a half into a new job, and buying a house in a month and a half. Right now, I’m booked solid.
  2. After all the major wedding stuff is out of the way, I’ll be moving onto planning. I’ve already got 10 networks planned for the new house. Couple of friends and fiancee’s sister are going to be renting rooms from us, and I’d like them to have their very own networks. Add in management, homeProd, my network, IoT sandbox, and the labs, and boom, 10 networks.
    Most of what I need to plan out is the server architecture, dns structure, kubernetes, physical alterations to the house, cooling, etc. I’ll dig into the details in a later post.
  3. Installation. I need to get some cables run, and I need a 240 line to the server room. There’s a perfect little spot in the basement far away from any water lines that would make a perfect place to put my gear. Only problem is, there’s zero power in the room, zero ventilation, and zero data lines. But I have the good fortune to have seen the basement before it had drywall, so I know roughly where everything is and I’ve got a good idea of how I’d like to run cables.
  4. Initial config. Pull out my existing managed switches, set them up with vlans, start configuring pfsense, get wifi all squared away, and set up the ipsec tunnel to my datacenter in Chicago.
  5. Buy the big shit. Going to be picking up a new 32u rack, couple R620’s, a new set of Easystore’s to shuck, do a whitebox build for my new storage array, and pick up some surplus 10/40gig gear. This is gonna hurt my wallet.
  6. Full Monty. While trying to keep my existing network online since I work from home, try to build out the new infra, get it all configured, and build out some automated management so I don’t have to babysit it.

This is going to be a fun ride. Stay tuned.