For those of you who know of PiAlert or similar projects/forks like NetAlertX, do you know of any that can run without WAN access?

I just got PiAlert running the other day and noticed that it does not update correctly unless it has access to WAN which seems odd, since it's basically just running arp commands within internal IP ranges over specified interfaces.

Edit: Looks like I was just able to modify one function to return a hardcoded value to resolve the need to connect to WAN

My Internet provider just installed a 2,5/1Gbps Internet connection and I've asked the guys to run a couple of their fiber to connect my router (HP Prodesk with OPNsense) to my server. I didn't know that the fiber is single mode and all the SFP+ sold used now seems to be all for multi mode fiber (www.bargainhardware.co.ukfor example). The cable is about 30m, can I use a 810nm SFP+ or is it definitely better to use a 1310nm?

So, I finally got this project (PiAlert) working how I'd like.

It basically uses arp to keep track of devices on your network, and let you know when new ones join. It gives some basic stats like uptime, etc and you can configure a few different notification options to be alerted when a rogue device connects.

Anyways, to get this work on my network involved setting up several network interfaces, as I have quite a few VLANs I'd like to keep an eye on. While everything seems to be working, I feel like I may have created an asymmetric-routing situation, as now when I SSH to the VM hosting this, it will freeze up after a few seconds.

My interfaces look like such. The problem is that I am accessing this VM (hosted on 192.168.1.0/24) from my personal network (192.168.6.0/24). My personal network has access to 192.168.1.0/24 and obviously to it's own subnet, so I think packets are getting confused, as there are multiple routes they can take to this VM.

I believe this is confirmed, because if I disable the entry for 192.168.6.0/24 in my /etc/network/interfaces file, the problem goes away.

How should I handle this? I've tried some simple UFW rules to try to force things to only use the 192.168.1.0/24 interface, but to no avail.

Edit: Sorry for the weird markdown, not sure why it's highlighting keywords

I recently installed an instance of TPot Honeypot, and it looks and feels pretty fantastic.

I haven't opened it up to the whole world, because my goal here was to just have the same ports I expose for my personal projects (game server, matrix chat, wireguard, etc) be exposed to it.

I know this project is a bit overkill for this use case, since it comes with a ton of honeypots that I'm not using, and that I'm essentially trying to make a fancy IDS, however I have a couple questions.

1. Is it possible to add custom ports for honeypots that aren't included in the project? For example, if I have a game running on port 4567 and there is no honeypot for that, I won't see any activity.

2. Is there another (perhaps lighter) Honeypot that you guys would recommend?

Edit: I guess disregard. I realize now that I can't have honeypots running on the same ports as the services in which I'm wanting to monitor. Port forwarding from WAN to multiple devices using the same port won't work

Hi everyone :)

It's time to switch and give my home network a proper minimal hardware upgrade. Right now everything is managed by my ISP's AIO firewall/router combo. Which works okayish, but I'm already doing some firewall/dns/VPN stuff on my minimal spare laptop server to bypass most of my ISP's restrictions. So it's time to get a little bit "crazy" !

While I do have some "power user" knowledge regarding Linux/server/selfhosted services/networking, I'm a bit clueless hardware wise, specially regarding my ISP's 2.5G ethernet port.

I do have a 5giga connection from my Internet provider (Obtic fiber) which is divided into 4 ethernet ports (Eth1 2.5G, Eth2 1G, Eth3 1G, Eth4 0,500G or something in that range). And right now the Eth1 port is connected through an old 1G switch.

1. To take full advantage of my ISP's 2.5G ethernet port do I need a router AND a switch capable of 2.5G througput ? Or only the router and the switch is going to divid it accordingly between all connected devices on a 1G switch?

I'm also looking for some recommendation/personal experience for a router and a switch with a budget of 250e.

First I was interested into a BananaPI as a router, to tinker a bit, but it seems a bit of a hassle to flash it with OpenWRT, then I found an interesting post on Lemmy talking about the Intel N100 Celeron N5105, which looks like more what I'm looking for but I'm not sure ?

2. I have no idea what's the best bet, a SBC (bananapi mini, orange pi, raspberry pi...) a fully fleged router (like TP-Link AX1800 and flash it with opensense/openwrt) or an Intel N100 Celeron N5105 Soft Router ?

The capabilities I'm looking for:

• VLAN capable
• AP VLAN capabable to segment wifi
• Taking advantage of my ISP's 2.5G ethernet port
• Firewall customization capabilities

I have an eye on a managed switch I found on amazon (SODOLA 6 Port 2.5G Web Managed) but I have no idea how reliable they are, I have never heard of SODOLA.

3. Any good recommendation I should look at for a managed switch that would work great with the same capabilities above?

4. Probably last question, is regarding wifi APs. Is it possible to make an access point from my router even tough it hasn't atennas? If I connect an access point directly to my router, will it be capable of giving away wifi connection?

Thanks for reading though, I'm a bit unsure how I should spend my money to have a minimal but reliable/capable homelab setup. Every advice is welcome. But keep in mind, I want to keep it minimal, a good enough routing capbability with intermediate firewall customisation. I'm already hosting a few containers with a spare laptop and the traffic isn't going to be to crazy.

From open bench table : https://openbenchtable.com/

To just sitting on top of a anti static mat...

There are options for how to manage a test computer.

Do you have a preferred case that is portable, stackable, and still easy to work on?

I've thought about Fractal cases but they are on the bulky side of things. I've thought about a 4U case Silverstone rm44, but then the components are hard to access.. and noise goes up

Hi everybody! For my OPNsense router (on a VM on Proxmox) I need a 2,5Gbe card (to connect to the ONT of my provider); I only have 2 PCIe 3.0 x1 or 1 x4 because the only x16 is for a dual SFP+ fiber card.

Can you suggest me a NIC (I'd prefer to buy used)? Is it better to go with a 2,5 or 10Gbe? The cooler (temperature!) the better. I just need 1 port, if there are 2 it would be better, but the most important thing is the low operating temperature.

Thanks!

A slightly less technical post - these are some things I've learned from having a HomeLab for over a decade.

I have installed Debian with software RAID1 (and installed Proxmox on it) on 2 256GB SSD and I now want to move to 2 500GB SSD, how do I proceed?

Edit: the RAID is of the OS disks.

Hi all, I have a Proxmox server hidden away where it annoys nobody, and a small PC I'm the TV cabinet that I need to turn On/OFF every time I use it and when a movie needs to be transcoded, the fan spins like crazy.

Have anybody tried to use a Windows VM and share the desktop with NDI? In this way I just need an NDI decoder behind the TV and all the job will be done by the server.

Any thoughts about this?

Edit: NDI: Network Device Interface: basically it's an audio/video (and intercom) transmission over IP with low latency. The sender could be an hardware encoder or a software.

I recently discovered Pi Alert (and the various forks of it) and it seems like something that might be useful on my homelab.

I've decided to use this version, and have tried the others as well, but I can't seem to get it to discover things outside of the VLAN that it is installed on.

It is running on a Proxmox VM using a trunk'd interface that has several VLANs available to it. If I SSH into the VM hosting Pi Alert, I am able to ping the devices on the other VLANs without issues, so I know ICMP detection should be working.

Here is the config section. I am using SCAN_SUBNETS = [ '192.168.1.0/24 --interface=ens18', '192.168.2.0/24 --interface=ens18' ] To test 2 of my VLANs, and as mentioned, they are on the same interface, however this does not seem to be working.

Anyone have any suggestions?

cross-posted from: https://lazysoci.al/post/12664364

Everyone was kind enough to ram my brain chock full of knowledge about switches and I came away feeling like I can explain it to other people. (please don't test me on this, I'll fail)

But now I'm trying to figure out how I want my network to look and so it's best I ask the people smarter than me that actually understand what I'm trying to do.

My house is an average sized, end of terrace in a big city and so while I can get decent Internet speeds, I get lots of WiFi signal congestion with neighbours, buildings, etc.

In my present router, which I really need to replace, I have my NAS and cable box plugged in via Ethernet, everything else is connected via WiFi. That's a bunch of phones, a couple laptops, and a couple Raspberry Pi's (including my one with all my home services, like Home Assistant and my Pi-Hole).

The design I'm cooking up, is that my NAS would be on a virtual LAN with no direct access to the Internet, my Raspberry Pis would have Internet access. I don't need to worry about my smart home devices having Internet access since they're all Zigbee devices. But I plan to switch my cable box to an IPTV box and I'm also wanting to get a video doorbell and security camera for the garden, so that's at least three virtual local area networks. Four if I add a guest network.

My questions are really simple ones and you're probably gonna laugh at how stupid they are… can I do this all with a single switch? Do I need a separate access points for each VLAN or can I have multiple vLANs on a single AP? How many ports should I be looking at on my switch? Would four be enough for my set-up? Also managed is best right?

cross-posted from: https://lazysoci.al/post/12597342

Okay, I've been watching lots of YouTube videos about switches and I've just made myself more confused. Managed versus unmanaged seems to be having a GUI versus not having a GUI, but why would anyone want a GUI on a switch? Shouldn't your router do that? Also, a switch is like a tube station for local traffic, essentially an extension lead, so why do some have fans?

My home server is a Proxmox machine with some VM one of which is Open Media Vault from which a Windows PC plays videos to my TV. I want to get rid of the Windows PC and connect the TV directly to the server with an HDMI+USB RJ45 extender, but...how do I get a GUI from it? Is it even possible? I would need to connect to a Windows VM because for what I know Netflix only plays 4K videos with Edge. Thanks!

I want to build a proper server with room for 40+ HDDs to move my media server to and have RAID 1. I know a lot about PCs and software, but when it comes to server hardware I have no clue what I'm doing. How would I go about building a server that has access to 40+ RAID 1'd HDDs?

cross-posted from: https://lazysoci.al/post/12340365

With my Raspberry Pi basically being software/service complete, I'm starting to think more about my router and I need to make sure I'm thinking about this right.

As I envision it, my router would run OpenWRT, Pi-Hole and a VPN. Is that correct or have I got this wrong?

I run a Windows 11 VM on xcp-ng to do testing and Windows specific graphic and video work. I use an old R9 390 in passthrough mode right now but it's running out of steam.

I'm particularly interested in the A380 series of gpus as they have a lot of the modern compute and video encoding features for around $100.

Before I pull the trigger I just wanted to know if anyone has had much experience with ARC GPUs in a VM passthrough scenario. I see in their official docs that resizable BAR is a requirement and I didn't know whether that is handled properly in a virtual environment or on XCP-NG specifically.

Any experience you're willing to share would be most appreciated.

Thanks!

First time posting here, so please lmk if I should format this question differently or ask for this kind of help somewhere else.

What I'm trying to do: Have two WAPs that each have their own DNS servers. One of the DNS servers is a Pi-hole, and the other one being the regular dns server provided by my ISP.

Why I'm trying to do this: Been messing around with homelab stuff for a while and been having fun with it, and this is my next mini project. I have a crummy roku TV that I want to connect to a Pi-hole, problem is that I cant adjust the DNS settings on the TV, I can only select the network it can connect to. But I don't want to change the primary DNS on my network. I have been messing around with this setup trying to get it to work for a couple days and its been a tough one. I've tried multiple different setups and nothing has really worked. I'll probably type out what I've tried in the comments.

What I have to work with: I have a Netgear Wifi router connected to the internet from my Modem to my WAN port and I have a second Asus Wifi router that I planned on using for the second network which would have its default DNS server be the Pi-hole.

Also please correct me if I'm using terms/concepts wrong because part of the wider goal of my homelab is to have a better conceptual understanding of networking, so I want to make sure what I'm saying is correct.

hey,

I'm getting a 3D printer soon. Its on it way right now actually. I was wondering if anyone here has a 3D printer projects that are useful for a Homelab. Hard drive caddies are the only thing I can think of, that would be useful in the homelab. Of course I'm going to use it for other non homelab projects. So ideas would be highly appreciated! Thank you!

I was found a listing on eBay for a "Mellanox CX354A ConnectX-3 FDR Infiniband 40GbE QSFP+" card for quite cheap. By the sound of the listing title it supports both infiniband and 40GbE, is that right? I would like to try out infiniband, but I would be buying for the 40GbE. And are there good drivers for modern linux distros for this card? Also, do I just buy some QSFP cables to direct attach them?

My homelab is still in its infancy as I'm at the start of my self-hosting journey. I'm now down the rabbit hole though and where I can self host, I'd like to.

Not long back, I asked for some advice regarding an IFTTT replacement. I only need a tiny subset of the service, in that I want it to check some RSS feeds and send a notification if it finds one. The people of the fediverse are amazing and I got some great recommendations, however some felt like a great fit but didn't pan out. That left me with less and less.

One of the suggestions though was n8n and as I looked into giving it a whirl, I noticed it needed Traefik to be installed.

Now here's the thing, I haven't sorted out my router yet and since nothing I'm doing is facing the net, I'm kinda just chilling without a proper set up. I'm wondering, if I install Traefik along with n8n, will it break my other services? Will I still be able to install my homebrew router with OpenWRT when I finally sort that out and will it impact the IPTV which I'll sort out when I've sorted out the router?

Hi folks,

I seem to be having some internet connectivity issues lately and I would like to monitor my access to the internet. I have a homelab and was wondering whether someone had perhaps something like a docker container which pings a custom website every so often and plots a timescale of when the connection was successful and when it was not.

Or perhaps you have another suggestion? I know of dashboards like grafana but I don't know whether they can be configured to actually generate that data or whether they rely on a third party to feed them. Thanks!

The majority of my homelab consists of two servers: A Proxmox hypervisor and a TrueNAS file server. The bulk of my LAN traffic is between these two servers. At the moment, both servers are on my "main" VLAN. I have separate VLANs for guests and IoT devices, but everything else lives on VLAN2.

I have been considering the idea of creating another VLAN for storage, but I'm debating if there is any benefit to this. My NAS still needs to be accessible to non-VLAN-aware devices (my desktop PC, for instance), so from a security standpoint, there's not much benefit; it wouldn't be isolated. Both servers have a 10Gb DAC back to the switch, so bandwidth isn't really a factor; even if it was, my switch is still only going to switch packets between the two servers; it's not like it's flooding the rest of my network.

Having a VLAN for storage seems like it's the "best practice," but since both servers still need to be accessible outside the VLAN, the only benefit I can see is limiting broadcast traffic, and as far as I know (correct me if I'm wrong), SMB/NFS/iSCSI are all unicast.

I got a server case and some rails for free, they were annoying to build (yes, build), and I could not find anything regarding those rails online, so I decided to blog about it, in the hope of helping someone with all the same questions as me!

Also, I have no idea what I'll do with this new server, any thoughts or fun ideas ?

#homelab #rails

After looking into travel routers a bit, I quickly came across Gl.iNet which seems to be a leader in the space. It seems they use OpenWRT which is great, but with some special sauce on top of it.

In a few different posts I've seen people mention that they are no longer open source. Does anyone know if this is the case? I see some activity on their Github repo, but am not quite sure which parts people are worried about being closed.

Post 1

Post 2