WORK IN PROGRESS – Yes I run this network as a hobby and its fun… Here is an explanation of both the Datacenter Network and Home Network. I leave out some details for obvious reasons, but I try to include as much as I can to give you a high-level understanding of the environment. This is my fun!!!
So I have an expensive hobby which I invest in because I love technology, I love what it can do, and I love being able to control my environment, make sure it’s secure, and well its just fun. I do have an Office365 business account which I get at a substantial discount being a former Microsoft Employee and I leverage parts of it, so I’m in the know of how O365 works and I’m able to leverage it, support it, recommend it as needed. I still have a fondness of owning the infrastructure and knowing where my Intellectual Property, Confidential information is at all times. I’m not saying Microsoft or the Government is doing this, but they could be accessing your data in O365, and you would not be the wiser of this occurring. I highly doubt this is the case. However, it’s something to keep the conspiracy theorist talking about. So at the colo, I have a half rack with 20amps of power, a block of IP addresses, three servers, one nas, one switch, and a firewall/router with an annual security service contract on it. Now into the details. I have to take a couple of screenshots. Let’s start with the front side of the rack. Here you can my 3 Lenovo Servers and my QNAP NAS. The Servers are running Windows Hyper-V 2012 R2 each have 1TB SSD drives 3.0 quad-core Xeon procs, and 64GB ram each. Perfect for a small hobby environment. NOTE: you can click on the picture for a larger version if you like. These servers are connected to a PDU at the bottom of the rack and then into the Cisco 3750 switch located on the back of the rack. The Hyper-V is a cluster environment for both guest machines and storage. I choose though to run 95% of my guest machines off of the 1TB SSD drives installed on each Lenovo. I do have a couple VM’s running off of the ISCSI connection back to the NAS. I have about 30+ Virtual Machines running on here for various reasons. For example, I have 2 Windows Domain Controllers, Skype Server, Skype Edge Server, Exchange 2016, FreeBSD Web Server, I’m running a couple VM’s for family members and other than providing them IP addresses and backing up their servers, I have no idea what they are doing on them. VLANS? Yes, I am most definitely running VLANS here. Each port is setup as a trunk and carries the VLANS allowed on that trunk. I know this is a small network, but I still tend to think enterprise. I have more vlans setup here than at home however the primary vlans are in order. I have my public facing vlan, private colo vlan, ISCSI vlan, and a few others for various reasons such as out of band access. For the firewall/router, I am using the SonicWALL. I subscribe to their security services which allow me not to spend a lot of time managing the safety of the infrastructure and focusing more of my time on other items the network needs me for such as maintenance. My home network which is explained below is connected back to this network through a Tunnel connection. I thought about a Site-To-Site VPN but decided for a Tunnel. I prefer tunnel interfaces. I move data back and forth over the tunnel, provide services to home network from infrastructure at the datacenter. For example, I have two domain controllers at the datacenter DC1 and DC2; I also have DC3 located in a VM on my home network as well. I like to run DHCP on all my networks from the primary DC. Windows 2012 has a kind of cool option I’m going to dumb down here, but in a nutshell, it allows you to cluster your DHCP between multiple servers giving you high availability. This was possible before, but its super simple now. I also have the majority of the services I access running in the datacenter Skype, Exchange, VEEAM, etc. My 100Meg symmetric connection just makes it feel like all the infrastructure at the datacenter when accessed from home, is actually at home in the garage and not far away.
When I first moved into my new home in 2016, I knew I needed to completely re-wire the house as it was built before the Internet was a thing. Throughout the house was wired for coax and telco. The coax was coming into the various rooms mostly from the outside. And was RG59 which is a low-grade cheap coax. I ordered up a box of RG6 and a box of CAT6 cable for distribution throughout the house. I wired up every room with a minimum of 1 coax and one ethernet drop. Everything was run throughout the attic space and dropped through the wall with us cutting into the wall, adding a mud-ring connecting the cables to the respective keystone jacks, then connecting the jacks to the wall-plate and affixing the wall-plate to the wall. As you can see, here is a shot of the completed work in my formal dining room. On the top, we have the Cat6 jack, and just below we have the Coax jack. Believe it or not, I use the ethernet jack in my formal dining room a lot more than I anticipated I would use it. When setting up a machine, it’s nice to go in there, setup the machine on the table, plug it into this jack, and get to work setting it up without being tethered to my home office. I did all this because I wanted a central point for all my communication needs. At the time I owned and operated a Datacenter, Managed Services, VoIP, and Internet company. So this original configuration aggregated back to my business and was fully integrated into that business infrastructure. It allowed me to support my clients from my house if I so choose to. I like to think of my home as the offsite Network Operations Center. Since I’m writing this after I sold the business and, the topology changed with the sale of the firm, I’ll focus on its current design and provide the photos that reflect the changes moving forward. Here is a shot of my wall mount rack today. It’s quite larger, can hold more than just network appliances. I have since added additional gear. The patch panel for coax was removed and put in the back of the rack. This rack can open from the front and back which is a nice upgrade. I still have the ethernet patch panel at the top along with a Netgear Smart PoE switch used for smaller PoE switches located throughout the house and POE Wifi AP’s. Below that is a 28 port Cisco switch. Next, we have our DVR for the cameras distributed throughout the perimeter of our house. Moving forward I have a monitor, keyboard mouse combo, and then two Lenovo servers followed by a PDU (Power Distribution Unit) and UPS (Uninterruptible Power Supply). These devices provide the baseline for my home network. I have been a VMWARE user for years, and that was the primary HyperVisor we used at my previous company before selling it. I decided to take the opportunity to invest more personal time in Microsoft’s HyperVisor called Hyper-V. My new network I built was based on Microsoft Hyper-V 2012R2. I have clustered the servers together, and I’m able to move machines back and forth between the Hyper-V Hosts. My connection to the Internet is a FiberOptic 100meg symmetric link with a /29 Static IP block. My firewall is a SonicWALL with the annual security services procured allowing me to focus less on hackers and-and more on the other piece of the network. From there I have a Tunnel back to the datacenter where the rest of my gear is located. I chose a Tunnel over a Site-To-Site VPN. For me I just like the Tunnel. I can add routes in seconds as oppose to building a new network and adding it to the Site-To-Site VPN. VLANS? Yes I use VLANs. I have a few VLANs doing different tasks. Primarily I have a Internet or Public VLAN, I have a private VLAN, and a ISCSI or NAS VLAN. I run jumbo frames on the ISCSI vlan obviously at 9216MTU. For backup, I use VEEAM, AntiVirus, I use VIPRE. For guest machines I have a mix of Windows 2008, Windows 2012 and even a couple Windows 2016 servers in a lab, to FreeBSD 11 which this website is running on, to CentOS 6.5 and 7.0, to Ubuntu and OpenSUSE. I have tried several times to abandon OpenSUSE however, its just a very well, clean looking distribution. Yes it has its quarks and the heavy integration work they did on it can be challenging if you want to do something outside the norm, but for a beginner or someone that just wants a clean looking well dressed Linux Distribution, I recommend OpenSUSE. As of recent, the OpenSUSE is now a snapshot of the commercial version SUSE once again which I believe is a huge plus for any OpenSUSE user.
MORE TO COME SOON…