homelab

I've installed OpenWRT on an Edge router (ERX) and its made me want to custom firmware every piece of networking equipment I own.

I've got an ER4, AP Pro and PlusNet (BT) router lined up but I wondered if it's possible to do anything with the Unifi switch I have? I know there's OpenWRT images for the ToughSwitch line by Ubiquiti but looking at the OpenWRT forums it looks like the Unifi switches are a dead-end.

I've got a craving to hack/customise it but can't find any options.

I am still very much a novice in the self-hosting space, Linux etc. having fairly recently switched from using macOS as my daily driver and not tinkering much at all.

One of the things that often confuses me is networking and making sure my setup is secure. This is currently holding me back from hosting more stuff locally that I would require access to from outside my home, as I am afraid I am doing something that could severely compromise my data. It can sometimes be difficult to follow explanations from more advanced users due to the many different components of networking and security, and different layers of abstraction, which prevents me from following completely. I might understand one particular case, but then be unable to make connections to another one. So I would want to research this more intensively, and ideally I would end up being able to easily understand the data flows - the paths the data takes (e.g. I make a HTTPS request to some server from my laptop, how is that traffic routed correctly through my local area network and later the wide area network), in what forms (i.e. different protocols, encryption layers etc.).

In communities like this, I see there are a lot of very knowledgeable people who maybe could recommended any resources that cover this from the basics and onto more advanced stuff? Maybe a textbook from a university course on ICT that is considered particularly good? A YouTube channel with great explanations and visualizations? I am looking both at home LAN and internet in general. Enterprise level networks are not very interesting to me (at the moment).

Hi everyone! I have a couple of old desktops as servers in my rack. Sometimes , very rarely, I need to use the machines console.

Slide-out rack monitors are incredibly expensive here in Germany, so these are not an option. Next I thought about USB monitors - don these work out of the box with Linux or do the need special drivers? Or would I be better off using KVM over IP? Do you know of other not-so-expensive solutions?

I am currently looking into upgrading storage for my homelab. The two routes I am looking at are grabbing a dell r730 or a disk array. They are both about the same price, but my major purchase concern is heat and noise. My office/homelab is in a 10x10 foot room. I have worked hard to get the sound floor at my desk to be around 44dB, and the temps to top off at 79f, 74 on a good day with the door open. Is a disk array going to add more heat and noise to the room than a dell r730 server running proxmox with trunas?

Hi there peeps,

Currently got an old B250M Performance motherboard, although it does the job im looking to upgrade to something that is AM4 compatible, already bought a wraith stealth cpu cooler for dead cheap second hand.

I'm changing from Debian to Unraid too, mainly using the server as media server, but hosting some other apps too. Only got one ssd, the rest are hdds, so multiple ssd slots are not much of interest for now at least.

Is there anything I should be looking for in a motherboard whilst browsing? Anything that would make it more future proof etc? I don't really know a whole lot about Motherboards.

Appreciate any tips 😇

I have a home network consisting of several raspberry pis, a Roku, and a total of 4 laptops and smartphones.

Currently, I have the ISP provided router/modem in bridge mode which I'll refer to as my modem. This is connected to my own ASUS wireless router/Access Point which I'll refer to as my access point (AP). The AP supports about 900Mbps. I'm fine with this bottleneck for now as I intend to upgrade my AP in the future

My goal here is to purchase a router that supports the 1.5Gbps that's coming from my ISP's modem. I'd like to use it to set up a VLAN and tinker with, with the ability to connect 4 devices in addition to my access point.

The problem I'm facing is that I haven't yet found a router that's <$200CAD which supports 1.5Gbps. There are probably brands I'm unaware of, so would you fine folks be able to recommend me a router?

Does anyone knows why most Epyc CPUs and MB on eBay are shipping from China? Does anyone here has experience buying a used CPU/MB from China?

I've been using a sound bar from Sonos with my TV for several years now, but in an effort to ditch the last appliances that unnecessarily require accounts and internet access, I am looking to ditch it in favor of something that is entirely contained within my own network.

What I think are my requirements:

• No microphone
• Ability to directly play audio from my Android (running Calyx OS), something I cannot do with the Sonos.
• HDMI ARC-connection to TV so that it can be controlled by my remote
• Sound must not be abysmal, but I am no audiophile. Preferably stand-alone without subwoofer
• Maximum 90 cm in length so that it fits under my TV, preferably in black / dark grey with a clean look

So far I've found something like this, which I believe gives me enough flexibility with HDMI ARC, Bluetooth and 3.5mm, even though it comes with a subwoofer: https://www.tcl.com/eu/en/soundbar/p733w

In terms of software, I have long been considering something like balenaSound to replace the Sonos functionality, but I'll soon be setting up Home Assistant to run my lights, and I see that there is a Snapcast integration that might work for me here?

Are there anyone here who have done something similar and have found setups that work well or that I should stay away from?

Based on an r210 II I'm currently doing up

• Orico HB-325 3.5 to 2.5 inch Hard Drive Caddy - don't even bother. Could be useful in a CRU sled, but I don't have a dell one to hand.
• SilverStone SDP08B 3.5" to 2 x 2.5" Drive Bay Converter Getting better, but all four screws don't align in the dell caddy
• SilverStone SDP08B, 3.5" to 3 x 2.5" Drive Bay Converter Absolutely perfect.

random info I thought may be useful to others

cross-posted from: https://lemmy.ml/post/7036304

I may have the options between two Mikrotik l009 routers or a single rb5009. Which route should I go?

So, this open computer has been my homelab for a good while now, but I desperately want to upgrade it, so please recommend any hardware/upgrades.

Edit: I will use this server primarily as a media server! (shock) Edit2: I'm based in Norther Europe, so Amazon is not an option for me.

Current hardware: /What you see on the picture

• Motherboard: B250M Performance
• GPU: Nvidia GTX 1080 (defect, runs like an airport as soon as it needs to do 'a heavier task')
• CPU: Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz
• CPU Cooler: Some cheap XILENCE fan
• RAM: 16 GB
• PSU: WPM600 Bronze
• Case: Custom company (defo want to replace)
• Storage: 1TB HDD + (2TB HDD but dead)

What I have to spare from previous build;

• GPU: Nvidia GTX 1060
• CPU Cooler: AMD Stock fan (doesn't fit this motherboard)

I've spent far longer than expected to set up an VLAN on my network for IoT devices which I don't want to have access to the internet. I'm running RB4011iGS+ router with RouterOS 6.48.4 and what I thought was a simple change took the whole network down for a while.

Granted, I'm not the most skilled network admin around, but I have built networks in the past and I'm (partly) maintaining them at work, but apparently I'm approaching this somehow from the wrong angle.

The current setup is a single subnet (172.17.0.0/24) where Mikrotik manages firewalling and DHCP without VLAN. WAN side has SPF module for the uplink, couple of bridged ports for that to provide raw internet to my server, some static mappings on the DHCP and things like that, pretty basic stuff. Other hardware includes Unifi access points, manageable switch and various stuff which just connects to the network.

Now, I'd like to add a VLAN (id 20, not that it matters) on the setup so I could have another /24 subnet for IOT devices. What I tought would be enough to take couple of ports from the existing LAN bridge, create a new bridge, set up an VLAN interface with IP, DHCP server and just connect tagged port on my switch, connect laptop for testing for untagged port and configure switch so that I could have another SSID on access points on that VLAN and connect couple of other things directly on the switch.

There's plenty of guides around the net, but when I attempted to follow them I ended up in a situation where untagged port just would not work with ARP. I could dump traffic on my laptop with wireshark and there's ARP 'who-has' requests running, but Mikrotik won't reply on those no matter what I do. Same of course goes with DHCP requests and all traffic in general. My laptop would receive ARP query when attempting to ping it from the router, and laptop would respond, but sniffing traffic from the mikrotik port the reply just disappears somewhere. No matter if I have the switch in between to untag VLAN for the port or directly connecting cable to the mikrotik or even moving the laptop to VLAN20 and using that as a test setup.

What I'm currently assuming is that the problem is with non-tagged "general" network I'm running. As in VLAN20 and VLANnothing somehow are fundamentally incompatible on RouterOS, but that seems kind of backwards.

The end goal would be to have a trunk port on the router and on the switch and distribute VLAN to ports as needed. Or even a port for generic use and another for VLAN networks. Maybe someone here is more experienced with RouterOS and could point me to the right direction?

cross-posted from: https://lemmy.ml/post/6830939

Just bought Cyberpower OR700 1U UPS (20lbs). Will I need rack mount rails to support the back or will the cage nuts at the front be enough to support the UPS?

Hello fellow Homelabbers,

I am in the process of setting up my first homelab and taking my first steps in self-hosting. I got an old pc as a gift from a friend and I want to convert it together with my old pc into 2 2U servers.

But first of all I need an enclosure where these servers and the rest of my equipment can go in. Since this homelab will be located in my flat for the time being, I don’t have a particularly large amount of space for it. I think a size of 15 to 22U would be perfect, also in terms of long-term upgrades.

I have looked around on my local online marketplaces but I am not sure what I should really focus. Since this purchase will literally be the foundation of my future upgrades, I don’t want to rush into anything and would like to ask you homelab veterans for some advice.

Thanks in advance.

Sorry, I'm not very used with server stuff, if I buy an Intel CPU without an integrated GPU like most Xeon, then I wouldn't have enough pcie lanes for a GPU because all is taken for nvme drives

Specifically, the motherboard ipmi is powered by aspeed ast2500

If I understood right, that chip will act as a 2d basic graphics card that's enough to see what happens that day the server is unresponsive

I don't plan to connect a monitor, it's just that I'm scared if I break truenas and I can't connect via ssh, then I could still see the local screen from the management Page on the browser

So, I just realized that if i use my WAN IP in my browser from within my network, it brings me to my pfsense login page..

At first I panicked thinking this was also accessible externally, but luckily it is not.

I have rules in place to prevent devices from accessing the GUI unless they're part of an alias, however if I access it in this way, it bypasses the check.

Why is my WAN IP resolving to my pfsense login?

Edit: As just about everyone has mentioned, this seems like NAT Reflection, however I have this disabled everywhere I've found. Here is the setting in System>>Advanced>>Firewall & NAT as well as in the individual NAT rules as seen here

Outbound NAT

Port Forwards

Hey all,

I've been using Proxmox for some time and have several VLANs that I use across my VM's.

I have a trunk to my Proxmox server that is tagged with these VLANs, and everything seems to be working as I expect.

The question I have comes from early today when I was adding a new VLAN to my Proxmox server to use in a VM, and noticed that I do not seem to have the actual VLAN ID's like I remembered (maybe this changed between Proxmox VE 7 to 8?) and instead I only have comments here.

When I check the config in shell, I see this, and it appears all VLAN ID's are allowed.

My question is, how can I limit this to only the desired VLAN ID's (100, 200, 300, etc) and not that entire range? Is there a GUI option or should I just modify that config? If I modify the config, do I just enter them comma seperated?

About a year go I bought one of those fanless four port routers. Ordered one with a celeron, they sent me one with an 11th gen i3. Since then, core temps will regularly spike to 100c and it will throttle. Took it apart and found this as a cooling solution, which I’m sure would work fine with a celeron, but they gave me an i3 1115g4, with a base frequency of 3.1ghz, which can’t dump heat into this aluminum slug fast enough. The bios does not let me lower the clocks, or save power anywhere else. My only solution to make this work is to improve the cooling solution.

Would love to do a tower cooler, but can’t find any place that produces one that will fit my mounting holes. Been looking at laptop solutions as well, but again I am running into bracket and mounting problems. Nothing shows dimensions so I don’t waste time and money on solutions that don’t fit.

I have found copper shims, ranging from .3mm to 1.5mm thickness in a 20mmx20mm form. The aluminum slug they used is 45x25x2.73. If I stack these shims with thermal compound in between, would I get better thermal conductivity than just the aluminum slug? Are there any better ideas than what I am coming up with? Would it just be cheaper to buy another router that is cooled correctly?

I currently have several VLANS (management for network devices, iot for smart devices, infra for security cameras and NAS, one for personal devices, anothe for guests, etc.

Currently I'm hosting a game server which is exposed to the outside world and am thinking of adding a couple more similar services.

Is it best practice to put such machines on their own isolated VLAN to minimize their attack surface?

Am gizmo shopping and would like some smart door locks. Figured y’all might have some recommendations on things that play nice with Home Assistant if networked, and generally don’t suck.

Features I think I want (but open to opinions/suggestions):

• physical key backup in addition to numerical keypad
• rfid so we can use our lovely magic rings
• enough distinct keypad codes that 4 family members and maybe half a dozen others can get their own
• not fugly (current door hardware is black)
• cheap enough that I can get 3 of them and still eat this month
• I’m wary of Bluetooth, but that might be a holdover from old versions that used to be insecure af. Not really up on it any more from a security standpoint.

Any of the above can be compromised on if my assumptions are wrong. Open to any suggestions. Thanks in advance!

I have a few VLANs, and in each one I basically have it organized like this:

• Determine whether or not that device will need internet access, and add to an alias if so that will give it port 80, 443 and 123 and whatever else may be needed for wan on that VLAN (for example, ports to connect to blizzard, steam, etc).
• Some devices (like my home assistant server) will get access to specific ports for MQTT, to talk to my LG TV, etc)

Is that best practices, or is it better to basically have each device listed with the specific ports they will need? The only problem I can see with they way I have it now is that some devices that get glommed into the wan alias will also get access to ports they do not need. Eg. A phone that is in the wan alias may also get access to blizzard, steam ports, etc.

Pic

Hey!

I wanted to secure my Proxy with Crowdsec. I followed this guide here:

https://www.crowdsec.net/blog/crowdsec-with-nginx-proxy-manager

Everything worked fine. But: When i go to the Crowdsec-Controler Server Dashboard, i get a notification that the bouncer for the proxy is "inactive". When i reinstall the bouncers it will be registered, and the bouncer will be online for a certain time. But it seems like its only calling the crowdsec-server ONCE, then going offline.

Has anyone had a similar error and can maybe give me a hint?

Thanks it advance!

Hi, could you help me and recommend a good upgrade for my (dated) home server?

I'm currently running Unraid on an ASRock H97 Pro4 and an Intel Xeon E3-1231 v3, together with 24GB DDR3 RAM, a NVIDIA GTX 960 (for hardware transcoding) and a few old, mismatched HDDs. I chose this hardware mostly, because it was cheap/easy to get or I had it laying around. The server is primarily running Plex and the *arr-Stack, as well as smaller, less demanding applications and is showing it's age. I also want to add a VM for my wife or occasional guests to game on. Because of this, I think it's time for an upgrade, but I'm not really sure, what hardware to choose.

My current requirements would be the following:

• Should be able to run the following applications easily
  • Plex (2-3x 1080p should be enough, but a little bit of overhead can't hurt)
  • Sonarr/Radarr/SABnzbd
  • Tdarr Server + Node to transcode new media in the background; this is mostly for space savings. I'm currently running the node on my gaming PC, but want the server to do this in the background 24/7
  • overhead to do a little bit of tinkering and running smaller applications; I think, most of the load will be from Plex, Tdarr and the other *Arrs
• At least 6 SATA connections OR extra space for an adequate HBA card
  • I want to connect 3-4 Drives and have the possibility of adding some later; Querstion: What drives would you recommend? At least 10GB per drive. Im currently looking at 3x WD Red Plus 10 TB (one as parity).
• 2 M.2 slots
  • a dedicated cache drive (for IO) as well as a drive to put the VMs/Appdata onto; Question: Is this even needed, or would one (bigger) SSD be enough?
• dedicated GPUs for Plex/Tdarr hardware transcoding as well as gaming so I can assign each to the relevant VM (one will probably be windows)
• be future-proof so I don't have to upgrade again in a few years
• adequate power consumption (assuming an idle state without active gaming or transcoding); I also want to reuse the 500W be quiet! Pure Power 11 CM I already got.
• fit in the Fractal Design Define R5
• 1GB ethernet
• be as quiet as possible
  • I already got noctua case fans and will probably throw an NH-D15 on the CPU

I'm especially unsure regarding the choice of Motherboard, CPU and GPU(s). I looked at the X570 FTW WIFI ATX Motherboard with a Ryzen 5800X to get good, future proof processing power and all the features I need, but am absolutely unsure if thats overkill or not. As GPUs I chose two GTX 1660 Super (for now), because I found recommendations for this card for transcoding as well as playing current titles on medium to high settings. Here I'm unsure if it is overkill for transcoding and maybe a bit dated for current gen gaming.

If possible, the parts should be buyable new, as thats way easier for me, than hunting on the used market.

I’m very new to home networking. I’m not new to computers (hardware or software) - but for whatever reason, anything network-related has always been an enigma to me.

That said - I just got a new (to me) server. It’s a beefy one (made a post about it in another community). And so I figured why not just start playing around with Proxmox, learning some new things and spinning up a bunch of random VMs and whatnot.

I figured the first step would be to set up something such that I can connect to my computers from anywhere - and I’ve already done so. For that, I used Tailscale. But my question, I suppose, is now that my computers are on the internet (as in, for real on the internet, through Tailscale) - are there security precautions I have to take now and things I need to be more concerned about? Do I have to set up my own special firewall to make sure I don’t get hacked or something? I am honestly pretty clueless in that whole domain. So… ELI5 what I have to do, security-wise. Any and all help is welcomed and appreciated.

Bonus question: beefy server is beefy (yes yes, lots of power consumption, I’ve already come to terms with it. About 200W idle and should run me ~$40/mo.). Dual 18-core E5-2699 v3s. 768GB of RAM. More SSD storage in both boot drives and storage drives than the average human would use in a thousand years (SAS, SATA, & NVMe). I asked this over on c/piracy - what should I do with it? I’ve put Proxmox on it, and as said above, plan on learning things about VM hosting and different operating systems and whatnot. I’m also planning on hosting my own Jellyfin server. But… what else? Does anyone have any good ideas for any (non-GPU-intensive) things I can do with the server? Anything and everything welcome, lol - I wanna have fun with this thing!

TIA for the responses :)