[Build Log] New Home, New Network and Server Configs

Hello again everyone. I had a previous post blog about my first server build.

[Build Log] Home Lab in a Box (First Time Trying)-x470d4u Proxmox/Tech Blog

I’ve learned a lot, and now I hope to move on and expand on my network infrastructure finally using a wired network! I will be referencing (and pestering) @PhaseLockedLoop and reading his series: Phaselockedloopable- PLL’s continued exploration of networking self hosting and decoupling from big tech. This is a major goal I have. I prefer to have control of my network and data. It may be overkill for a homelab, paranoid, in excess… BUT

1.) I want to learn networking, security, and network management. (I am solid on diagnostics and hardware)

2.) I have nothing really to do being retired (Medically from service) at 39-40

3.) I was a mechanic for years and cant do that anymore (due to physical limitations)

4.) I’d like to find a job in the industry or volunteer my service to someone to keep busy.

5.) I am having a new home built so I was able to get my dream network installed in it, or so I hope.

Here’s the deal, I’m having a new home built from the ground up and finally had some say in interconnectivity of the home and network. Here is a image of the layout of the new home (hopefully forever home lol).

I’ll outline what I am having done in the points below.

  • Here you can see bedroom number 4 is marked with a CC. This will be my “Command Center.”
  • In the small “hallway” to the room, behind the door and in the closet is where I chose to have the Network Panel in stalled.
  • This closet for whatever reason has a exhaust fan and a A/C vent.
  • This should be good for cooling any equipment I put there
  • I can put my 24 port Cisco Managed switch in here which also has 4 10G ports.
  • I had the panel prewired for fiber from the street for when it’s available in my area
  • The whole home is being wired in Cat 6e cabling.
  • Each room has its own ethernet connection (some at elevation with the outlet/cable for TVs for cleanliness and less cable mess)
  • I even had a ethernet wire connected to the front “portico” for a ring device or home made solution

I have a lot of equipment I may re-prioritize or re-use for a different purpose… (again following the lines of @PhaseLockedLoop 's guide)
Lab Equipment-

  • Argon Rasperry Pi 4, 8GB
  • WD My Cloud EX 2 (2 x WD Blue 6TB RAID 1)
  • Protectli “The Vault” FW4B - J3160 @ 1.60GHz (4 cores), 8GB Ram
  • ASROCK DeskMini X300- Ryzen 4650 Pro, 32GB Ram (Also, Daily Driver)
  • Fractal Node 804- Ryzen 2700 (Upgrading to 3700x), ASROCK RACK x470D4U MB, 63GB ECC Ram, GTX 1650 Super, 5 x 6TB Ironwof’s (2x2 Mirrors + hot spare), 10GB SFP+ port
  • Corsair 280x Crystal- Ryzen 3900XT, MSI B550 Mortar MB, 32GB Ripjaws V 3600MHz, RTX 1660 Ti
  • Dell T420 (I converted from a T320 for dual CPU’s)- 2 x Intel® Xeon® CPU E5-2470 v2 @ 2.40GHz, 192 GB Ram ECC DDR3 1333MHz, 6 x 8TB Seagate Exos Drives (3 x 2 by Mirrors- may change?), 2 x 10G SFP+ ***this is a full Noctua Conversion/Enhancement

Gaming Rigs-

  • Phanteks Ethoo Shift X- Ryzen 3600XT, 32 GB Ripjaws 3600MHz, ASUS ROG X570 Itx, RTX 2070 Super (Custom water Cooled: CPU-GPU/Moded Case)
  • Lian LI PC-011AIR- Intel i7-8086K (5GHZ all core/1.26mv varible), MSI Z390 MEG ACE, 32 GB 3200MHz Corsair RGB PRO, RTX 2080Ti, 260GB Optane memory, All NVME/SSD storage, 10GB SFP+ port (custom water cooled: CPU-GPU)

Networking-

  • Cisco SG500-x24 (24 x 1G ports/4 x 10G SFP+) Fully Managed Switch ***Noctua Moded
  • Cisco SG350-10 (10 x 1G) Fully Managed Switch
  • 3 x RT-AX92U, AX6100 Tri-Band WiFi 6 Mesh Router

So, this is my starting point. I will be doing some experimentation on another thread possibly I will post here as I play with software and networking in the apartment. I have a 8-10 month window to fill before the house is done and I can implement. I plan on making a network map and plan in place before I move.

I would love any advice, fun things to do, services to host etc. Any VLAN advice, suggested use of equipment etc. Just in general discussion about a homelab/ network.

I can be wordy, and I need detailed notes, so if you have questions or are interested in any of this feel free to give me a shout out. I will be reading 6 books covering networking, administration, Linux, and electronics in general.

8 Likes

So this is just me personally. But I would run a couple drops to the garage. Wether for wood working or auto work. Etc.

Also the patio I would put a drop for outdoor access point. And same in places along the ceiling inside. Plan your AP mounts.

And anywhere I planned to put a TV would get at least a quad drop. Otherwise you will end up putting small switches their. Which isn’t a huge deal but just my way of thinking and doing I suppose. At the very least I would do two drops per location into one wall plate.

Another option too is if you use the ubiquiti stuff they make in wall APs that are POE and have a secondary LAN port. That would basically eliminate the need for ceiling drops for APs. At least on the inside.

And if you are wanting any cameras plan their locations and wiring accordingly.

3 Likes

All very good points.

I didn’t include power in particular besides the TV’s. I had the same thoughts on the garage, but also did a dual outlet outside by garage for 120v and 240v incase I get a air compressor in a shed. I had the same thought for electrical at the courtyard and rear of the home so that’s in place. (I even put a outlet by the edge of the front face of the house for Christmas lights and one lower to the ground out front on the same switch lol)

I didnt bother with quad drops because there isn’t too much worry of that being a choke point for bandwidth (but I could be wrong), and if it becomes a problem in the future I can upgrade up to a small 10G switch with the existing wiring. Everything that handles large amounts of bandwidth should be limited to the office. I could be wrong but that’s my thinking.

Wall AP’s are a nogo for the wife, so I will be using the AP’s I have listed in three different areas and those are fairly high power mesh AP’s I have been very happy with so far without much tweaking and offer wifi 6 once they have the wired backhaul.

I also have ethernet drops for security, but I wont post them publicly lol Stupid I know but hey, I like my OPSEC. lol I plan to have a small POE Switch in my office to run those. :slight_smile:

Great thoughts though, I really appreciate it.

2 Likes

Shameless self-plug

Home security and automation thread

So if you want to do everything over Ethernet you can use these

Blue Iris seems to be worth it for cameras. It sucks because it isn’t FOSS and it requires windows but the feature set for the money is unbeatable.

Also, for wireless AP’s you can put them in the ceiling attic space and they will work through the drywall no problem if it is a new construction house if your wife doesn’t want to see any of them.

2 Likes

Ohhhh…nice I will be reviewing all that material as well once settled in the apartment :slight_smile: I also plan to check out stuff by @Biky as well. :slight_smile:

I really need to learn some basics because I am at a loss for a starting point. I have OPNsense (Not configured- So many menus, and I have no idea what they all are), Pi-hole (Basic set up with some block lists added) and a Domain I own (Have done nothing with this)…

“Now what?” is where I’m at with my “Test Network” for the apartment I’m using at the home before we move.

3 Likes

You could run pretty much all of your HA, security, and networking appliances using vm’s on your Dell T420 no problem.

Also, since your server room shares a wall with your office maybe rack mount your desktops and do a LTT style setup.

3 Likes

TBCH, pfSense / OPNsense started pissing me off as of lately with their hand-holding. They have some default rules to allow ipv6 to work. I understand why they’re there, but I think they should be optional, under a checkbox or something (“use / add recommended rules” or something). You can check them by going into SSH or web CLI and typing
pfctl -s rules
and it will show you all kinds of rules, even when you have none added. My next firewall will be OpenBSD. If I am dumb enough to lock myself in, then for smoke’s sake, let me lock myself in. Do as I say, not as I “want,” this is not Windows.

Also, it’s a good opportunity to get more into OpenBSD and basic pf, which I would prefer. I also agree with the default pf behavior of not passing the quick rule and going through all the list of rules. It may be slower when you have lots of rules, but it just makes more sense. The quick option is there for debugging for me (unfortunately that’s not how pfSense works, which is annoying).

2 Likes

This may be a project after I am moved… I may be able to some fun stuff with the Shield with a Linux Distro with its own GPU…

https://forums.dolphin-emu.org/Thread-how-to-boot-ubuntu-16-04-on-the-shield-tv-with-x1-gpu-drivers

2 Likes

Okay, first, I absolutely love the floorplan. That 3 car garage is awesome and a master that opens to the patio is sweet!

That closet was born to hold servers.

If you’re going to be running wireless, I would highly recommend planning out your AP placement and making some runs during construction. I had to run cat5 for aps after the fact in my house and it was a nightmare. Also, ceiling mounting APs is a strong recommendation. There’s something about the nice look of em. Here’s the one in my central hallway.

I would also recommend a drop or two in the garage. I use my garage as part workshop, so I keep some electronic stuff in there. If I had more room, my 3d printer stuff would be in there.


Also, seems like this house is at least partially custom? I’m curious what the planning process looked like, would you be willing to write about that a bit?

3 Likes

I really wanted ceiling aps, but wife was entirely against it. So sadly that isn’t on the table. With the three wifi 6 APs I have I should have good enough coverage for the house.

I have just one drop in the garage, but in Arizona… I don’t want electronics in that heat
or fluctuating temps of 20F or more daily.

It’s a semi custom build, get basic floor plans with probably a dozen structural options (IE- bathroom layouts, 3rd car tandem could have been a extra room or change that area to a casita, the den could be enclosed, and a few others. The cabinets, electrical, paint, counters, flooring was all done at the design center. Was there more questions in particular I could help with answering in build choices?

1 Like

Not to rag on your old lady but does she object on ascetic grounds or is she a Luddite? I seem to remember at your old place networking equipment and layout was a problem as well. Having dedicated ceiling mount AP’s will be much better performing and out of the way to where you shouldn’t even notice them.

Regardless, there are really good mesh setups now like the ones you plan on using. I am super jealous that you get a new house built with lots of cat6. I have always had to do my own cable monkeying…

2 Likes

When I will build my house (in the very distant future), I’ll have cables and electrical on the outside of the walls (separated, obviously) for easy maintenance, probably inside PVC cable channels or rather PVC pipes (I like the round aesthetic). I don’t care about AP placements, but I also want easy maintainability and upgradeability. And almost every piece of furniture has to be wall mounted, I hate legs. Also, #floorgang. I want easy maintainability over looks and everything has to be reachable without a ladder, including light bulbs. I will probably aim for a medieval mining tunnel lighting feel. I will try to make it as normal a house as possible, like having white walls, but I want lights on the walls, not on the ceiling, similar to how you’d put torches or candles on walls.

I think my insane vision for my house will really help me when I get old, so I won’t have to lift heavy things, or go up ladders and lose balance and as a bonus, having no legs for my furniture would mean I can easily vacuum underneath them, where the most disgusting things gather (no safe spaces for you, little crawlers). Which also means I can put one of these futuristic automatic cleaner robots on the floor and they won’t have clearance issues going underneath furniture.

I’ve lived most of my life in a house where I had lots of furniture that went completely flat against the floor, making cleaning around them kinda awkward and cleaning behind and underneath them a heavy chore. And all of it was tall, so that you could stuff many things in them, but things inside the upper shelves were hard to impossible to reach even as an adult without using a chair.

So, my caveman brain tells me that this is not a “natural” lifestyle (I’m using natural in strange way, can’t really explain it, hope people get what I mean), so I will try to imitate the lifestyle of our ancestors, by having everything reachable and not have to climb tall trees to collect fruits and nuts. This is not some kind of traditionalist or ancestry-worshiping or primitivistophilia. It’s just an optimization of lifestyle, i.e. making things easy for myself and not require lots of dependence on outside labor or services to do basic things like change a light switch.

Electrical installations tend to fail or require upgrades to lower gauges (thicker wires), which require you to destroy your walls. It may “look good,” but I don’t like destruction, especially if I need to pay in order to redo them (I don’t have carpentry skills, but I will try my best). Also, why destroy a perfectly functioning wall? To me, it feels like we’re living in some kind of broken-window fallacy world. I strongly believe everything from houses, to cars, to home appliances, to electronic gadgets should be made as user-maintainable as possible and require very low skills for repairing.

In my example with cable channels: want to upgrade from 10G cat6a to 100G fiber? Just take the old cables out, put the fiber in, have a small wirebox near your switch (or inside the rack if you decide to have one, which you should) where you can coil the fiber to make it the exact length to reach the socket and eventually replace the electrical junction boxes’ lids that you (supposedly) cut to put an RJ45 wall socket in, with another cap where you will put the fiber female connector in. Done. No need to bust your walls and try to fish cables through. Eventually have some pipes inside the walls to pass cables through (I’d like to have them near doors and windows frames, because those are places where the walls will have a hole in anyway, it can fit 2 cable channels or PVC pipes easily without breaking your walls.

2 Likes

Yeah, not quite luddite status, but with tech she just expects it to work… Kind of like a vehicle… She puts fuel in and that’s all she worries about. LOL She also doesn’t see its value until she uses it. I introduced her to Plex and DVR for her shows and now if it doesn’t work she wants it fixed ASAP lol. She is also a heavy social media user, so when the internets down she has a fit lol… not usually though, she keeps forgetting to use wifi and kills our data for cell use.

Her objection is strictly ascetic, and I wont win that battle.

She has very different places she likes to spend money… IE best example is jewelry vs I like tech. That’s one place we differ. Still have a ton in common.

@Biky I want your home when I’m old lol.

I also have a home security system (iSmart) I want to integrate with IFTTT or something similar to integrate for a smart home. That’s why I was really interested in @SgtAwesomesauce and @PhaseLockedLoop 's project RPAI: The Raspberry Pi 4 powered all-in-one Home AI Voice Assistant for a smart home system to replace Alexa I use now extensively for reminders, shopping lists, and a number of other things I forget like taking my medications etc when my wife isn’t home to help.

2 Likes

Sorry for the wall-of-text, autism kicked in.

Yeah, definitely replace Alexa. But for home automation, I try to avoid it, it’s just more stuff that can fail, I don’t like adding too much complexity. For security though, I would like to have thick metal doors, chunky locks and some form of “2FA” (more like, 2 locking mechanisms), like an electric lock with a pin code or RFID AND a normal key.

But I have no idea how to implement a secure lock system. I installed lots of Suprema XPass’es on doors. It deters most dumb criminals and curious people, but these things are super easy to “hack.” Just take the RFID reader out, cut the correct wires going in the reader and connect them together and poof, you have current going through the lock, which means the electromagnet gets activated and the lock gets in its unlocked state. Kind of how you see old cars getting started without a key in movies. Same goes for the opposite version of “cut power to unlock,” which is even easier to break through, just cut all the wires. I assume the same goes for other brands of RFID or PIN locks.

To make it more secure, I would probably need to split the reader (Input Device) from the switch / computer unit. I think this should be fairly easy to do actually, you just need a reader that will send the codes to an Arduino. To the Arduino you can connect a simple 3v (or was it 5v? I think it was 3v) relay which will close the circuit between a 12v or 24v power supply (depending on your lock) and the lock, unlocking it.

So if you are smart enough to cut the open the Input Device, you will only have 2 to 4 wires (or a simple RJ45 connector) which won’t do anything except fry the Arduino maybe, which won’t open the door, because you need a certain code (sequence of 1s and 0s). A fuse or a resistor should be placed between the Arduino and the 3v relay switch, to avoid a voltage spike to it in case lots of voltage is sent through the Arduino from the freshly cut Input Device, that could potentially close the circuit for a split second, enough to open the door.

Replace the Arduino with a Pi Zero (or maybe a controller with Zigbee or something) if you want more functionality, like SSHing into it / running a web server, where you can run an unlock script that sends voltage to the relay switch for n seconds. That way, if you don’t have an additional lock, you can unlock the door for your guests from your couch or through the internet, but I find that to be the peak of bugmanism. Just get your ass off your couch and answer the door! Also, if you do decide to go with something like this, have a dedicated UPS for the lock. You don’t want to get locked outside (or even inside if you don’t have alternative ways of opening the door*, which you should) during a blackout.

*An alternative way would be to have a door pull / fixed knob on the outside and a door handle on the inside, so you can just press the handle from the inside to unlock the door, not requiring to use another Input Device (that’s how all the server rooms I did worked).

Bonus: you may want an electromagnetic door lock that has an intrusion detection pin. They work by closing / opening a circuit through 2 separate wires, which can be read by a “server” (like the same Arduino, but a Pi 0 would make more sense here), which checks to see if power was sent to the door when it opened. If no power was sent, but the intrusion pin got switched, it means that the door was forcefully open. In the case of the above mentioned door handle, every opening from the inside using the handle would be logged as an intrusion. So you should have an additional push button near the door that you can program the GPIO pins from your server to close the relay switch (run the unlock script), so no false-positive intrusion gets logged and only use the handle when power is cut off.

I should point it out to make it more obvious, but you also need a separate relay that detects when the power was sent to the lock and sends this info to your server. In this case, you would want a 12v / 24v relay (depending on your lock) that you would connect to the 3v relay from the Arduino (on the opposite side, obviously, the one with the door lock), which would close the circuit between 2 other GPIO pins. You read those pins, so when the circuit is closed, it means the door was opened. If you get a reading from the other pins from the intrusion detection circuit, but you don’t also get a reading the pins from the 12v relay, that means the door was forcefully opened.

If you want to do anything with this information other than logging, you can connect an amplifier and a speaker and sound an alarm whenever the door is forcefully open. You can set it to stop after 5-10 minutes or only stop after the push of a (secret) button. Or set booby traps don’t do booby traps, this is illegal pretty much everywhere, I do not advice, nor condone booby traps, please don’t sue me.

An additional classical lock to this kind of a system would not necessarily be more secure, it’s just a (false sense of) security, especially when classical locks can be picked pretty easily in under a minute. But it’s just for my peace of mind, which is more important (however irrational).

I could draw a diagram if you want, just ask. I never used Pi GPIO pins, but I am interested in doing so. Programming the Pi would probably be pretty easy, the code shouldn’t be more than a few dozen lines of $your-preferred-language-here code with a few if statements and some comparisons between the data coming from all the connected GPIO pins.

2 Likes

strange complaint, but okay.

That pretty much covers it, really cool. I imagine it was sort of like specing out a laptop?

That’s fair, I stick my servers in the garage, in San Diego, just because I don’t have a room to dedicate to the noise.

3 Likes

I’ve picked up the project again, a bit, but nothing yet to report. The print I originally made has improper dimensions, so I need to redesign the part to make it a bit taller, or figure out a solution for re-organizing the internal components.

2 Likes

Yes and no.

The architectural decisions are made and set in stone early after signing the contract, so that locks those in on the plans that go for approval of construction. Some builders have no options the house is what it is. This builder had a lot of those options to choose from. IE-My wife wanted the master bath with a free standing tub, but there were options for a walk in shower, or a floor mounted tub and shower.

The real customization comes in the design center which was two parts.

1.) The interior options like cabinets, flooring, countertops, paint, but also useful things like hose bibs in the courtyard front of hose etc. Also, I got a gas stub in the back of the home for either or both a grill and a fireplace. I tried to get things done that in a slab home are very expensive or cost prohibitive with this style of home. If your not familiar its also called a patio home, which is built on a post tension concrete slab, so any plumbing or gas lines etc that run through the floor of the home are not possible or VERY expensive. This was mostly my wife’s area she spent money.

2.) The second part was with the electricians. This was my jam and where I spent money. They break this into two sub plans for the builder. The first is high voltage for things like celing fans, outlets, switches and things like that. The second part is low voltage, this is coax, fiber, ethernet etc. This builder actually let you put things ANYWHERE you want and how you want. It was actually very cool. This way I don’t have to go to the laundry room to check if the internet is down then head to another room to check the router etc. The cat 6e was a upgrade from just cat 5 standard. I think its worth it in the long run. And that closet was just perfect!

I’m really very excited to set it up once I’m there and have a little more knowledge.

2 Likes

Oh, absolutely.


Thanks for the overview, I’m definitely excited to see how this is coming along. I’ve been considering a move to Arizona, glad to see they’re still putting up new houses. The news has been saying there’s not much construction going on due to lumber prices and whatnot.

2 Likes

Oh the complete opposite out here in phx az… the housing market is ridiculously inflated and people are selling their California homes and making CASH offers. Plots and homes can be gone in NO TIME…IE less than 24 hours… its kinda nuts and exspensive out here now. Our home doubled in price in 6 years…so we are cashing in and paying of wife’s student loans and up grading :slight_smile:

2 Likes

Yeah, that’s actually happening here as well for some reason.

800k 1600sqft, gone in 18 hours, cash offer over asking price.

Though it is cooling off a bit lately.

2 Likes