Huff-Net: Part 1

Over this past holiday season, I had the opportunity to rebuild my whole home network from scratch. I want to detail the steps I took to setup the infrastructure to help others in their work and as a reference guide for myself in the future. This will likely be an ongoing process, so I will update in new parts as I make structural changes.

This first part will be mostly describing the choices of hardware and software services I made.

Hardware Selection

As a bit of a power user, I wanted to graduate from the normal consumer products since we had gigabit fiber ran to the house. I also wanted to upgrade the security services offered by the router so I can host more sophisticated services for me and my family in a safe way. This led to looking at enterprise grade networking hardware.

The obvious question is "What about Cisco?" After investigating Cisco's offerings, the amount of freedom that is restricted by licensing and the aggressive pricing scheme turned me away from them almost immediately. I thought more about what kinds of services I wanted in my router and considered for a time using self-hosted services like pfSense and Webmin, but was also turned away from them given that my "server" infrastructure consist of 2 used servers from eBay (a HP ProLiant DL380 Gen8 and a Dell PowerEdge R910) which could decide they want to die at any moment.

This pushed me back into the hardware manufacturer space, but I wanted to avoid the exorbitant pricing of Cisco. Aruba fell into a similar boat as Cisco. Juniper Networks offered some neat tools on top of their platform, but also fell into the "request a quote" level of expensive. I stumbled upon Ubiquiti after some further searching for small business infrastructure. I was quite satisfied with Ubiquiti's price point and quality (per product reviews and media reviews). Ubiquiti also offered some of the neat insights that Juniper had, such as traffic identification and classification and utilization dashboards. Additionally, the level of complexity to start using the firewall appeared to be low, making it easier for a new user, such as myself, to get acquainted with their ecosystem. With my research pointing at Ubiquiti, we made a purchase of the UniFi Dream Machine SE and two U6 long range access points. I'll go into the setup steps for the UniFi hardware in another part, but so far, no complaints.

Software Selection

The objectives I want for my network are as follows:

1. I want to be able to securely access my home network remotely.

2. I want to be able to deploy DNS level ad-blocking for all client devices on my network.

3. I want to be able to be able to stream media content from the network attached storage to other devices on the network.

4. I want to setup all infrastructure in a repeatable, scalable way such that I can experiment without ruining the infrastructure environment.

5. I want to be able to host gaming services when family or friends ask.

To complete my first want, I'll be using a combination of WireGuard and OpenVPN. I will discuss the setup of those services in a later post. To complete my second want, I will be using AdGuard Home, which will be detailed in it's own blog post. For my third want, I'll be using Jellyfin, which will have it's own blog post as well. For my last two wants, they are a bit more vague but capture my general use cases for the infrastructure. They will be detailed briefly here and more specifically in other blog posts.

The current hardware configurations of the HP DL380P lend it to being more of a storage/support server. The Dell R910, with 4 10C/20T processors and 128GB of RAM lends itself to being more compute based. As a result, for my operating systems of the server hardware I own, I'll be using Rocky Linux for the HP server and XCP-ng for the Dell server. My intent is for the HP server to be an iSCSI target for the Dell's virtual machines over a dedicated LACP bond of 3 gigabit NICs. At a later point, I intend to get a second Dell R910 to be used in a compute cluster with the R910 I own now. I will go into detail regarding the setup of Rocky Linux and XCP-ng in their own blog posts.

Feel free to let me know in the comments if you have any recommendations for additional services for a home network, or have best practice guides for any of the services I listed here.