Home LAN Projects begin
I have some time to reorganise the DorkiTowers network & server infrastructure usage.
My goal is to upgrade my network monitoring from consumer-grade to something more professional. At the same time, I want to make sure that my servers are running with appropriate components for their tasks.
My current connection to the Internet is through a BT Smart Hub. My broadband contract is for maximum speeds of 300Mbps download & 50Mbps upload (it's been rebranded since my installation, to "BT Ultrafast 250", implying a maximum of 250Mbps download speed), which is fine for now, but it's a consumer device, so automated infrastructure monitoring is limited to scripts running ping, traceroute, speedtest, etc - I can retrieve no data about intrusion detection & prevention, firewall logs, network / broadband usage, etc; I can't download packet capture logs for analysis; I can't monitor link speeds or connection quality; I can't manipulate DNS settings; I can't shape traffic for best online gaming & streaming; in short, it's a consumer device.
My server setup needs refreshing at the same time:
I've always offloaded DNS serving from the above-mentioned router to a server, because I've always preferred public DNS services over ISP-provided DNS. This meant that I needed to stop DHCP serving from the router as well. The last time I upgraded this part of my network was 2011, and after investigating solutions available at that time, I selected Amahi as my home server along with OpenDNS for network-wide DNS-based ad blocking.
As time has progressed since then, I added a Proxmox server, installed a bunch of LXC containers into it for application serving, added & upgraded HDDs, added SSDs, installed a second Proxmox server, added a Zigbee server, etc. Every decision was made with consideration given to minimising server noise and power draw, so the use of a rack mounted server infrastructure would be unwelcome.
Each of my servers was assembled by me. It's not that I don't like pre-built servers, it's just that my considerations aren't mainstream so it's more efficient to build my own. Currently, I have the following server hardware:
Modem & Router:
BT SmartHub
WiFi:
BT Whole Home Wifi, 4 discs
DNS & DHCP provision:
ASRock A300ION Motherboard
2GB DDR3 RAM
128GB SSD
Amahi
Application server:
Gigabyte C1037UN-EU motherboard
16GB DDR3 RAM
240GB SSD
Proxmox
LXC containers:
NodeRED
Website backups
PhantomBot
MySQL
Logitech Media Center
Grafana
Telegraf gateway
MQTT
VMs:
Home Assistant
Application server:
ASRock Fatal1ty AB350 Gaming-ITX/ac Motherboard
AMD Athlon 200GE CPU
16GB DDR4 RAM
128GB nvme SSD
3 x 4TB HDD
Proxmox
LXC containers:
File server
InfluxDB
Zigbee server:
eMachines ER1402 nettop
CC2531 Zigbee dongle
Zigbee2MQTT
Spare:
ASRock A300GC Motherboard
2GB DDR2 RAM
Spare:
ASRock ConRoe 945G-DVI M-ATX Motherboard
Intel Core 2 Duo 6600 CPU
3 GB DDR2 RAM
1TB HDD
Others:
Raspberry Pi 4 4GB1 x BT Whole Home Wifi disc
1 x 1TB 3.5" HDD
1 x 1TB 2.5" SSD
Various x 2.5" HDD
Various x 3.5" 3TB HDD (mostly broken)
PCI NIC card
PCI 4-port USB2 card
WD MyBookWorld 1TB
WD MyBook 10TB
Various MacBook Pro laptops
TBS-6902 DVB-S2 PCIe satellite capture card
Projects:
1. Investigate whether to replace the file server LXC container with a TrueNAS (FreeNAS) VM in that Proxmox machine
1.1 Replace RAID-5 ext4 array with ZFS array
1.2 File server runs Plex Media Server. Where should this application live? On the storage node or in a separate container accessing media via the LAN?
2. Replace the BT SmartHub with a BT Business SmartHub (the BT Business SmartHub has the option to be used as a G.FAST modem, offloading all router and firewall tasks to external devices)
2.1 investigate whether pfSense or OPNsense would be good candidates to install onto either of the A330 machines (extra NIC needed?)
2.2 Replace Amahi DNS & DHCP functionality with *Sense
3. Investigate Wifi & Zigbee networks for interference
3.1 Investigate Zigbee repeaters
3.2 I have Zigbee networks for Zigbee2MQTT, SmartThings, Xiaomi, Tradfri, Hive & Hue. How well do they REALLY co-exist, and can I remove some?
4. Investigate VLANs for separation of server, IoT, guest, workgroup functionality.
4.1 If I look into this, what are the implications for added wifi networks?
5. Investigate additional router functionality.
5.1 VPN
5.2 LDAP
5.3 PiHole or something similar
5.4 Reverse proxy. HA-Proxy is available as an add-on, I don't know about NGINX
5.5 VPN tunnelling - do I have friends who would benefit from linking their LANs together with mine? Perhaps I need a second home with its own LAN to join to this one?
6. Investigate virtualization strategy
6.1 Should I virtualize all my servers in one Proxmox server, or do I still need two of them?
6.2 Cluster the Proxmox? Proxmox clusters use a quorum, so I'd need 3.
6.3 Add a Docker server container for Docker images?
6.4 Are there alternatives to Proxmox? I last investigated VMWare ESXi, various Xen servers and others in 2012
7. I've just been reminded that I want to investigate a couple of other things!
7.1 Smart ceiling fans in the lounge
7.2 A new 65" TV in the lounge, replacing the 48" TV there. The 48" TV to move to the master bedroom, replacing the 42" TV there. The 42" TV to be used as a secondary PC display.
So I have lots to keep me busy for the foreseeable future. I wonder how many of these projects I'll be able to complete before other priorities come along? If I get the chance, I'll update here with progress I make.
My goal is to upgrade my network monitoring from consumer-grade to something more professional. At the same time, I want to make sure that my servers are running with appropriate components for their tasks.
My current connection to the Internet is through a BT Smart Hub. My broadband contract is for maximum speeds of 300Mbps download & 50Mbps upload (it's been rebranded since my installation, to "BT Ultrafast 250", implying a maximum of 250Mbps download speed), which is fine for now, but it's a consumer device, so automated infrastructure monitoring is limited to scripts running ping, traceroute, speedtest, etc - I can retrieve no data about intrusion detection & prevention, firewall logs, network / broadband usage, etc; I can't download packet capture logs for analysis; I can't monitor link speeds or connection quality; I can't manipulate DNS settings; I can't shape traffic for best online gaming & streaming; in short, it's a consumer device.
My server setup needs refreshing at the same time:
I've always offloaded DNS serving from the above-mentioned router to a server, because I've always preferred public DNS services over ISP-provided DNS. This meant that I needed to stop DHCP serving from the router as well. The last time I upgraded this part of my network was 2011, and after investigating solutions available at that time, I selected Amahi as my home server along with OpenDNS for network-wide DNS-based ad blocking.
As time has progressed since then, I added a Proxmox server, installed a bunch of LXC containers into it for application serving, added & upgraded HDDs, added SSDs, installed a second Proxmox server, added a Zigbee server, etc. Every decision was made with consideration given to minimising server noise and power draw, so the use of a rack mounted server infrastructure would be unwelcome.
Each of my servers was assembled by me. It's not that I don't like pre-built servers, it's just that my considerations aren't mainstream so it's more efficient to build my own. Currently, I have the following server hardware:
Modem & Router:
BT SmartHub
WiFi:
BT Whole Home Wifi, 4 discs
DNS & DHCP provision:
ASRock A300ION Motherboard
2GB DDR3 RAM
128GB SSD
Amahi
Application server:
Gigabyte C1037UN-EU motherboard
16GB DDR3 RAM
240GB SSD
Proxmox
LXC containers:
NodeRED
Website backups
PhantomBot
MySQL
Logitech Media Center
Grafana
Telegraf gateway
MQTT
VMs:
Home Assistant
Application server:
ASRock Fatal1ty AB350 Gaming-ITX/ac Motherboard
AMD Athlon 200GE CPU
16GB DDR4 RAM
128GB nvme SSD
3 x 4TB HDD
Proxmox
LXC containers:
File server
InfluxDB
Zigbee server:
eMachines ER1402 nettop
CC2531 Zigbee dongle
Zigbee2MQTT
Spare:
ASRock A300GC Motherboard
2GB DDR2 RAM
Spare:
ASRock ConRoe 945G-DVI M-ATX Motherboard
Intel Core 2 Duo 6600 CPU
3 GB DDR2 RAM
1TB HDD
Others:
Raspberry Pi 4 4GB1 x BT Whole Home Wifi disc
1 x 1TB 3.5" HDD
1 x 1TB 2.5" SSD
Various x 2.5" HDD
Various x 3.5" 3TB HDD (mostly broken)
PCI NIC card
PCI 4-port USB2 card
WD MyBookWorld 1TB
WD MyBook 10TB
Various MacBook Pro laptops
TBS-6902 DVB-S2 PCIe satellite capture card
Projects:
1. Investigate whether to replace the file server LXC container with a TrueNAS (FreeNAS) VM in that Proxmox machine
1.1 Replace RAID-5 ext4 array with ZFS array
1.2 File server runs Plex Media Server. Where should this application live? On the storage node or in a separate container accessing media via the LAN?
2. Replace the BT SmartHub with a BT Business SmartHub (the BT Business SmartHub has the option to be used as a G.FAST modem, offloading all router and firewall tasks to external devices)
2.1 investigate whether pfSense or OPNsense would be good candidates to install onto either of the A330 machines (extra NIC needed?)
2.2 Replace Amahi DNS & DHCP functionality with *Sense
3. Investigate Wifi & Zigbee networks for interference
3.1 Investigate Zigbee repeaters
3.2 I have Zigbee networks for Zigbee2MQTT, SmartThings, Xiaomi, Tradfri, Hive & Hue. How well do they REALLY co-exist, and can I remove some?
4. Investigate VLANs for separation of server, IoT, guest, workgroup functionality.
4.1 If I look into this, what are the implications for added wifi networks?
5. Investigate additional router functionality.
5.1 VPN
5.2 LDAP
5.3 PiHole or something similar
5.4 Reverse proxy. HA-Proxy is available as an add-on, I don't know about NGINX
5.5 VPN tunnelling - do I have friends who would benefit from linking their LANs together with mine? Perhaps I need a second home with its own LAN to join to this one?
6. Investigate virtualization strategy
6.1 Should I virtualize all my servers in one Proxmox server, or do I still need two of them?
6.2 Cluster the Proxmox? Proxmox clusters use a quorum, so I'd need 3.
6.3 Add a Docker server container for Docker images?
6.4 Are there alternatives to Proxmox? I last investigated VMWare ESXi, various Xen servers and others in 2012
7. I've just been reminded that I want to investigate a couple of other things!
7.1 Smart ceiling fans in the lounge
7.2 A new 65" TV in the lounge, replacing the 48" TV there. The 48" TV to move to the master bedroom, replacing the 42" TV there. The 42" TV to be used as a secondary PC display.
So I have lots to keep me busy for the foreseeable future. I wonder how many of these projects I'll be able to complete before other priorities come along? If I get the chance, I'll update here with progress I make.
Comments
Post a Comment