and creating an “outside” and inside VLAN with some kind of firewall in between
or getting a more then 2x 1GbE (so at least 2x2.5 GbE) SFP+ capable NIC for an older ITX-Board with an 2. gen i3 and DDR3 RAM and building pfSense on this (or inside an VM on proxmox or something)
what I want/need:
replacing the NAS with something more versatile
replacing the two phillips Hue bulbs with something more open and without some vendors cloud
a good usecase for the former Media-PC (as mentioned in Sidenote: i3 2xxx / 8 GB RAM / one free PCIe (2.0?) x16)
fitting all things better into the Rack (maybe NAS in 19" Case?)
Budget: as low as possible / useful
what stuck most during the last weeks was getting a 2x SFP+ NIC putting it in the PC, installing proxmox and pfSense in an VM
another VM for the NAS with moving the RAID1 HDDs from the old NAS
Other options I consider:
replacing all the TP-Link/Omada with MikroTik or somthing similarly flexible and not to pricy
the APs are going to get Ethernet Outlets, and I will need still 3-4 around the house for good 5Ghz connection in all important rooms plus 2 outside the house for at least 2.4 Ghz connection on the other end of the garden
I take any ideas on how to get a cheap 2xSFP+ NIC or all other possible considerations I maybe missed.
Maybe questions about why I think x or y help me find out what I really want/need and where I should invest more money or can cheap out even more.
So any thoughts welcome
I would separate the firewall/router and rest of the server equipment. A combined router/switch is fine though, as long as you keep track of which ports are your DMZ and which ports go to your house.
You want to have multiple wifi access points, at least two. Use the internal wiring for connecting them.
Finally, don’t make it too complicated. Have your server / network rack in a well-ventilated closet, but do remember a full homelab is pretty dumb if you’re not making use of it most of the time.
As someone who had done both separate boxes for everything and a literal all in one box in the past, I would suggest a compromise…I second the notion to at least separate the router into it’s own box. Virtualize everything else.
Ideally, at least 4 pieces of hardware so you can have redundant gateways and redundant hypervisors (or container platform if you prefer).
Used SFP+ NICS are dirt cheap in the US. Surprised they aren’t at least affordable in the EU. I’d spend a little more on an Intel one though. The Intel drivers get the most love in Linux/BSD, especially older ones.
This is the route I went … I am running everything other than switching on a single server (two actually as I have a backup for the firewall and the storage if needed, limited to 1g networking for cost reasons). I do not virtualize the NAS/SaN but instead use truenas as my bare metal os, on top of which I run the firewall (vyos) and containers.
This allows me to have 10gb routing between VLANs, multiple services running and all on top of zfs that is very easy to back up/fail over. I then run proxmox on my workstation for all my other work and hobbies related needs, running on zfs and backed up to the Nas…
In my experience this is the most economical route to 10gbps Nas and lan routing. 10gbps hardware, especially routers gets very expensive very fast unless you go diy…
If you can live with 1gbps in your internal network, then there’s plenty of options for going all separate functions / mixing between physical and virtual workloads…
thanks for the input. my first takeaways:
Maybe I can prepare my spare PC as a all-in-one Box, but at least routing might be better on a separate box.
The 10GbE Idea is more a kind of “futureproofing” as I am going to run cables to all APs and most rooms I got CAT6A for that so, at least 10GbE is possible when switches get cheaper.
And if I switch to WiFi6 those access points seem to use 2.5GbE most of the time, for this even longer Cat6A runs aren’t a Problem.
Thats an interesting thing, somtimes offers from the US are even with 15-25$ shipping cheaper then local offers (without taking any tarriffs or other import fees in account)
But I’m really not sure if I should “invest” 80€ in an 2xSFP+ card … plus two SFP+ modules or DAC Cables etc.
Maybe I just set an eBay “Alarm” for 10GbE Cards and check during the next weeks/months if I can get a cheap (Intel) Option locally.
After seeing that the Hypervisor in TrueNAS got even better I’m tempted to got that route.
And about the 10GbE overall I think at first I would just want to have an more then 1Gb connection to the ISP for just beeing able to use the full 1000 Mbit/s down / 500 Mbit/s up Link without any bottleneck on my site.
The other Things that would be good for that are 10 GbE to my main PC ans the NAS so I mights even be able to edit podcasts direct on the NAS (not as demanding as editing video, but still…)
If t-mobile is doing the connection in germany the same as the Netherlands. You will have fiber entering your house. And after that your free to do with that what u want. Aldo they suplly a converter to utp. And i have to say i like the backbone they got its quick
The Fibre-Provider is “Deutsche Glasfaser” (translates as “German (Glass)Fibre”) but yeah I already asked at the last information session if I really need to use their “Network Termination” (wich seems just to translate from fibre to copper) and they said, I can use a fibre router, no problem.
The Deutsche Telekom (parent company of T-Mobile) isn’t really active in bringing fibre to the rural areas, just if a local government provides incentives or in more urban areas where they are sure to get many subscribers.
But i’m really looking to do a pf sense build. because its fun and you can do so much more with your network that way. I’m looking around for a fun motherboard on eBay to build that . Or a nice small motherboard with an onboard 4 port nic.
wasn’t here for quite some time. As the Fibre is now at least burried in the street and I really need to prepare the lines inside the House I thought about the Firewall/PFsense Idea again while I stumbled upon this Video:
So now I got one of these thinClients (Futro S920) and i am still looking for a NIC with two SFP(+) ports to get 1Gbit/s in and maybe even more to the server/nas I started this thread about.
The cheapest options for 2-Port SFP(+) NICs I can find in Central Europe are IBM Emulex “Virtual Fabric” Cards or FibreChannel… But I can’t find a clue if one of them might be usable for getting a >1Gbit WAN and LAN-Port for my pfsense installation…
also in-budget would be some Broadcom based NICs but there I’m not sure if they are compatible with pfsense, because I wasn’t able to find them (or Names that start with the same numbers as those on the NICs I found) on the FreeBSD Hardware-Notes they link to: FreeBSD 12.2-RELEASE Hardware Notes | The FreeBSD Project
