Everything started with the changing of the ISP router to a smarter one. Then some small updates of the network devices such as switches and access points. And now I want to give my home networks core a more professional look as a home network lab.
LAN Architecture
A local Area Network, often named simply LAN, represents an interconnection between several devices limited to a restricted area such as a home, laboratory, or office building. The most commonly used technologies are ethernet, for wired connection, and Wi-Fi, for wireless. Nowadays, new technologies have started to be used in home networks, acquired from enterprise environments. Wired connections at 10 Gb are now affordable as well as new Wi-Fi 6 access points, leading to more stable interconnectivity and high bandwidth.
Typically home-based LAN involves at least a 1Gb connection and multiple devices, furthermore, a lot of IoT devices are now connected to a single router. Then it requires correctly configuring the whole network to avoid problems. In addition, ISP routers and other general cheap routers available in the market are not able to manage such a great number of devices so a custom-made framework could be the best option. Furthermore, it makes it possible to add extra functionalities such as advanced firewall rules, VPN, encryption, and multiple tunneling options.
Standard 19″ rack
All the professional network devices, and a lot of the consumer ones, come in a predefined layout to be included in racks. It is a standardized structure with fixed width and every device can occupy units. The single unit, 1U, with a height of 4.4 cm, is used as a measurement unit for the rack structures. Typically, these structures are used in professional environments and this leads to high-quality requirements and consequently elevated market prices.
Then, I decided to build my own 19″ rack based on my needs. The project starts with two rails recovered from an old small enclosure. I don’t need a completely closed enclosure, so I opted for an open layout as shown in the following animation. This rack is placed in a server room, more realistically a storage room with several computers inside, and then it could be open to guarantee access and airflow.
Customization
The enclosure should accommodate a big 4U server, two 1U switches, two 1U patch panels, one 1U power supply module, and two shelves with several devices. To facilitate the building process I could use wood and then paint it black for a more professional look. Due to the simplicity of material, this is also cheap and easy to build on your own.
It is evident that the rack accommodates a big old server from HP that represent my old backup server. It was really powerful and with a lot of implemented features, like 4-link network connections and SAS drives. However, now it is economically not convenient to maintain it turned on 24/7 and it became old and obsolete.
There is also the core of my LAN such as the main router and the first switch. Another PoE will be added but now it isn’t present. Also, another small switch and an access point are present. Furthermore, the KVM selector allows me to use a single mouse and keyboard for all devices. Every device is powered through a UPS to avoid problems with energy breakouts.
Low energy devices
To maintain local services up 24/7 I opted for several low-consumption devices such as the Raspberry Pi and a mini-computer. I host several local services such as Home Bridge, DNS server, web servers and smart home services that I’ll describe better in further articles.
Mini computers are now one of the best options to maintain active services with small energy requirements. Nowadays, raspberry and other micro-computers reached very high market costs whilst it is possible to find a lot of minicomputers in the secondhand market due to the pandemic smart work increasing, everyone bought a computer and now they are reselling it. I recently bought the Dell Wyse in the figure for less than 50€ it now hosts the majority of my local services.
pfSense
Due to the custom requirements, I use a custom firewall. After several years of testing now I came to a final configuration with pfSesne installed on a dedicated machine with several 1Gb ports. It is open-source software that allows you to build your own advanced firewall really comparable to commercial ones. pfSense has many features allowing the configuration of strong rules and criteria for networking. It allows me to add a second firewall after the ISP’s router and manage my local devices. pfSense is very flexible with the integration of services such as a network antivirus, VPN, intrusion detection, network monitor, and several other features with a user-friendly interface.
With this integration, I have not only a faster internet connection but primarily a more reliable and stable one. Currently, I split the LAN network into three areas. The first one is the properly named LAN representing all the devices such as computers, smartphones, smart TV, smart home accessories, and every device connected to wifi. A second area creates a network completely dedicated to guests to separate extraneous devices from my server and services. Then, a third area is used to connect all the devices that require incoming connects and port forwarding such as alarm systems and security cameras recording.
