homelab

This is a simple map of our home lab environment:

Main Router 10.50.0.1

  • pfSense 2.3
  • ASUS Rack Mainboard Intel J1900, 4GB RAM, 8GB USB3-Stick (non nanobsd, was deprecated by pfSense)
  • 2 NICs + IPMI Port on 10.50.0.254
  • <10 W power consumption
  • 200 / 100 mBit fiber by local isp
  • TAP VPN-Server
  • TUN VPN Client goldenfrog.com, shared as free wifi FREENET on eth0.250
  • TUN VPN Site2Site Client with friends

3 TP-Link WDR3600 10.50.0.2-4

  • OpenWRT 15.05 Chaos Calmer
  • cheap routers with 2x USB 2.0 Port and fully manageable 5 Port switch
  • 2 Interfaces: LAN and FREENET (eth0.250), all ports are mapped to both interfaces (untagged LAN, tagged VLAN 250)
  • 2,4GHz and 5Ghz wireless channels 1,6,11 / 64, 136, 149
  • reghack2
  • extroot on 10.50.0.4, not really needed
  • standard image with LuCI
  • No WAN, disabled firewall, LAN static address
  • pulseaudio-daemon (own post) for network sinks / multiroom audio

3 TP-Link MR3020 10.50.0.7-9

  • OpenWRT 15.05 Chaos Calmer non-Luci
  • USB-Hub with USB-Audio added on 10.50.0.7
  • extroot 8GB Stick on all
  • ImageBuilder Image. tp-link.mk 3020 line: kmod-usb-core kmod-usb2 -kmod-ledtrig-usbdev block-mount kmod-fs-ext4 kmod-lib-crc32c kmod-crypto-crc32c kmod-usb-storage kmod-usb-storage-extras
  • you don’t need to remove the luci-packages when using ImageBuilder
  • no space left for pulseaudio-daemon without extroot

Main Server chamber 10.50.0.10

  • Debian 8
  • some Z36xx/Z37xx Atom. Really shitty box, uses lots of power for the mainboard (>20W) and only 2x SATA
  • 2x 4TB in RAID1
  • 32GB SSD for system using usb-enclosure
  • Services: Apache2 webserver (hosting this page), shellinabox, webdav fileserver, mpd

Topology helenenhof.org

Network Devices
10.50.0.1 rick.helenenhof.org
10.50.0.2 wdr3600-1.helenenhof.org
10.50.0.3 wdr3600-2.helenenhof.org
10.50.0.4 wdr3600-3.helenenhof.org

10.50.0.7 mr3020-1.helenenhof.org
10.50.0.8 mr3020-2.helenenhof.org
10.50.0.9 mr3020-3.helenenhof.org

Servers
10.50.0.10 chamber.helenenhof.org

Workstations / Laptops / fixed Clients
10.50.0.20/21 rilite(-wifi).helenenhof.org (Elitebook 2540p)
10.50.0.40/41 klapprechner(-wifi).helenenhof.org (Elitebook 2540p)
10.50.0.42 bastelrechner.helenenhof.org (Xubuntu Unity3D Box)
10.50.0.50/51 rilax(-wifi).helenenhof.org (Kodi/Steam Xubuntu Box)

Mobiles / Tablets
10.50.0.85 encheridon.helenenhof.org (iPhone 4S)
10.50.0.95 ritan.helenenhof.org (Motorola Titan)
10.50.0.97 rinux7.helenenhof.org (Nexus 7)
10.50.0.99 kindle.helenenhof.org (Fire TV-Stick)

EC2-Servers TAP VPN
10.50.1.1 ec2rw.helenenhof.org
10.50.1.2 ec2ci.helenenhof.org

Homenet
10.50.100.0-10.50.254.0/16 DHCP

Freenet
10.254.0.0/16 DHCP

There is also the 10.8.0.0/16 for Site2Site VPN exposing 10.0.0.0/16, 10.20.0.0/16, 10.80.0.0/16. I use a name schema like this:
10.8.0.0 VPN Client exposes 10.0.0.0/16 (yes, you can use .0)
10.8.0.20 VPN Client exposes 10.20.0.0/16
10.8.0.50 VPN Client exposes 10.50.0.0/16
10.8.0.101-254 VPN Clients do not expose their LANs

Remember that all traffic goes through the VPN-Server, that’s why i made different Point-to-Point connections between VPN Servers. More on VPN here.

One Reply to “homelab”

Leave a Reply

Your email address will not be published. Required fields are marked *