Finally got around to diagramming my network out. Used the online draw.io site to mock it up quickly. It’s a start.
just my own personal notes that i don't want to forget
Month: September 2016
One of my biggest gripes with Xenserver is the management utility, XenCenter, from Citrix is Windows only. My laptop runs Fedora, with a Windows VM, but I’d prefer a web GUI. Don’t get me wrong, XenCenter is well done and for certain things I still find myself using it.
Then I stumbled upon Xen Orchestra. Initially I tried the appliance, XOA, and watched it mature over a number of months. However, some of the features I wanted to try were limited to the “Premium” version. Then I discovered that the developers want to support little guys like me and provide the full features if you compile from sources. Sweet!
As I stated earlier, I desired different wifi networks depending on how much I trust the device and/or user. More and more things showing up in my house support wifi…that whole Internet-of-things (IoT). The real threat of cryptoware or other malware being brought in by my wife, kids, or guests sent me down this path. And I think it is just cool to do.
I’ve had an Asus RT-N16 802.11n wifi router for years, mostly unused. It is flashed with TomatoUSB firmware already, which exposes many neat tricks. Most of them I don’t need, but a VLAN aware firmware is a must for what I want to do. I could go out and by some cool PoE Ubitquity devices, but that costs $$$….I don’t like spending money. So putting the Asus back into production here we go.
Having been “stuck” with the Verizon provided Actiontec router/firewall since I bought the house, I used my newly acquired Xenserver to virtualize my preferred firewall…pfSense.
.png?itok=XFseGWi-)
I’ve been using pfSense on and off for many years now, but mostly back when I had cable internet. Verizon complicates things. My house came pre-provisioned over coax and I have yet to get around to running a Cat5e cable from the ONT to the area in my basement where I keep my network gear. So I still retain the Actiontec upstream and am effectively double NAT-ed. Since I don’t game or torrent, I’m not concerned right now.
Why Xenserver? I’ve used Esxi, Proxmox, oVirt, and rolled my own hypervisors in the past. Xenserver provides the right blend of features, price (free), and command-line API. It has its quirks (they all do), but they are easily solved.
Having used 6.2 and 6.5 previously, this was my first look at 7.0. The install is the same familiar Redhat-based text mode. During install, I set the management network to NIC0 with static IP. Once installed and rebooted, I installed the latest XenCenter GUI in a Windows 10 VirtualBox VM I keep around for stuff like this and got to setting it up.
After over a decade of limping along with the same ancient Pentium 3 and 4 “servers”, I decided to finally throw some money at the problem. Some of these servers were actually laptops, and the best/most recent machine was a box I built for Mythtv…in 2004. 32-bit, PATA, oh my.
I picked up a Dell Poweredge R710 barebones (dual 870W power supplies, dual heatsinks, PERC 6/i, iDRAC enterprise, no RAM, no CPU) on Ebay then configured it to my liking with other Ebay or Amazon purchases: dual L5640’s, 48GB (6 x 8GB) RAM, H200 RAID card. I started with the LFF model, which supports 6 3.5″ drives in the front hotswap sleds. Since this will be a hyperconverged (computer and storage) host, these will house multi-terabyte HDD’s. More on that later. I can expand the RAM up to 12 (full speed) or 18 sticks if I need to.
As I planned my new home network to include different SSID’s, I needed to implement more than one VLAN and inter-VLAN routing to segregate the traffic. My previous method of uplinking multiple 10/100 and 10/100/1000 consumer 5-port switches to handle all the connections I needed was just not going to work any longer. So I started looking for a Layer 2 managed switch to pair with pfSense (will handle the actual routing and firewalling). I initially wanted an HP 1810 24-port, but all were a big more expensive than I wanted to pay. After looking around on and off, I found a Netgear GS724T v3 on Ebay with all manuals, rack ears, and power cable at a price I couldn’t refuse…..score. I realize this is only a “smart” switch and not a fully managed CLI model, but that is good enough for my needs at home.
© 2024 James Timberlake
Theme by Anders Noren — Up ↑
Recent Comments