Have an in depth question? Ask it on the new SpaceRex Forums! forums.spacerex.co/

May I suggest that in addition to recording the IP address of devices in your spreadsheet, that you also record the MAC addresses. Though not so important for devices that have static IP addresses (i.e., switches, APs, servers, etc.), I find this to be very useful for hosts that use DHCP. At any one time I have anywhere from 10 to 15 hosts on my network that Cisco's FindIT network management system displays merely as an IP address. Upon clicking the host icon, I can see the MAC address and look up who that host belongs to. Also, I make use of VLANs to segregate our business traffic, from friends visiting us (they join our network via a guest portal).

When you make "top 5 mistakes" etc videos. It is always good to have them timestamped with the inbuild KZbin feature. So viewers can hover over the 5 different segments. This video was too chaotic for me. Even though I usually like your videos. Just my 5 cents. Have a great day.

Absolutely spot on with all points. Painfully suffered through all these as a hobbyist and experiment afficionado married to a networking aversed spouse and mom! Great tips.

Great baseline things to consider! It's crucial not to blur the lines between your lab and home networks. It is very important to properly segregate your home and lab networks both logically and physically. The end result will lead to a more realistic enterprise design and limit your blast radius WHEN you screw something up in your lab 😀

i will counter argument about "not virtualizing router". i have router VM for two very specific reasons: 1. uniformity and backup. in case of hw failure can install hypervisor on any hardware, put in my backup of router OS and be running in 15 minutes with all settings and services "as it was" without any compatibility/configuration issues and hiccups. this is why backups exists for. 2. i can interlink different OSs inside one physical host and make universal setup for advanced border security with "blackbox-type" connection to network. i have 2 nics (will be 3, for wan, for trunk lan and will be for dmz physical separation when needed, which only vlan now) and wifi card inside of host. router OS is opnsense, but its notoriously bad for wifi, so, for it i have openwrt_x86 interlinked internally with virtual 10gbe and no hw latency involved.

Another tip is before purchasing new equipment, measure and verify that it will fit in the rack. I spent quite some time researching my first server to purchase. I looked at every spec and finally took the plunge. When it arrived, my wife said "That's a huge. Are you sure it will fit?" I replied "That's what she said. And, of course it will". I measured the server and then measured the rack. Well, crap. The server extended past the enclosed rack by at least 8 inches. I had to order another rack and now have a spare rack.

If you want to run a home server simply because you outgrew your NAS but don't want to go overboard with all of the hassle consider this instead of going overboard with a server: have a box dedicated exclusively for storage and another one for applications. You don't need anything too powerful to run a storage server (will help with cost, noise, power draw), any old ARM base NAS would do. Then consider a low power mini PC or similar as your application server (will also help with cost, noise and electricity). Like he said in the video you really don't need that much power, if you need the ocasional Plex stream make sure the CPU supports Intel quick sync and you're done.

Your first tip is crucial but also hinges on if you have a basement. Having moved from a region of the US with winter to a region of the US with exclusive slab-on-grade construction, all of my homelab equipment attitudes and philosophies were completely turned upside down. I miss having a basement dearly. They are heat and noise sponges.

Great video I'm all about nested virtualization zero need to have a server rack at home anymore.

Going back to the firewall VM part. What is your opinion on having a dedicated firewall device, but still virtualizing the router part itself so that I could host say a reverse proxy or separate DNS/DHCP server? Any reason not to? The only VMs on that device would be used to only host services that the rest of the network depends on.

I had to virtuallize my firewall (OPNsense) because The BSD kerrnel didn't support my 10G nic. It's still its own box, but its running on a Proxmox VM

So So Much value here with so much sense. Thank you!

I have a company with a local network that has multiple routers. The NAS is behind one router, but a department that would like access is behind another. Have you made a video that discusses how to access the NAS across this configuration?

I became a big fan of your videos, really insightful and well explained 🎉

What are your thoughts about virtualizing pfsense as a failover besiede a physical one?

Great tips! Thanks!

Question for the room, is there any way to set up something up to be able to cast things like youtube across subnets? I've put my tvs on a IoT network in unifi but annoyingly my pcs on my main subnet can no longer cast to them. I was told Avahi -deamon but no idea how to set it up. Also used the same thing DNS, have adguard handling it on both home assistant and synology

I really like most of these rules. Not sure about the no virtual router rule, though. ​I have been running pfsense as a proxmox VM on a NUC for a few years now with no issues to speak of. As long as you set the router VM to boot first, everything should work just fine. TBH, if configured correctly and you have multiple VM hosts, it can be MORE reliable than a standalone router, because you can just boot the router on a different host in the event of a hardware failure.

Yep all good advice. I've got a 16 port PoE+ switch I'd love to use but it's just too noisy, sadly the fans are not easily swapped out either... 😞

Nice job! Great content.

Question: Do you run Zabbix installed on a host, or as a Docker container on a NAS/server?

Is it bad that for everything so nice and neat, my eyes keep drawing to the cable from your tv? I just want to run that behind the wall lol.

Trunas as a host is crap and constant hard write dumps every 3 to 5 seconds (good ol loud crunching) and they are limited/pita to manage. Containers are eh at best on there. You can virtualize trunas easily with hba or it mode pass thru, then be able to have real vms/containers/backups/ha/etc. I virtualize 2 trunas with pass thru of hba and sync them all while running 6-12 vms at same time.

Two questions Will : A) How would you define a "home lab" ? B) Do you recommend setting up a firewall for most home users and, if so, where would you set it up - stand alone, router, NAS, or ?

Never thought I'd be taking tech advice from Jim Carey 😄 Thanks Jim!

Question - I hate noise as well. About to set up a DS923+ using all 4TB WD Red SSD's. Would you run raid F1 or 5.

All solid advice!

@9:50 Cause a problem with your home internet just once and your family will automatically blame you for every internet issue (real or percieved) untill the end of time.

I understand not to run a firewall router on an VM. I also understand if you lose the VM because the server can go down as well. And yet so can a server or a standalone firewall router fail as well. What happens when you can not get another standalone firewall router if you main one fails. An VM firewall router might be the way to do to fix a lot of problems. In my case I have shortage of space. Only enough room for a full server and a network switch. Also in my case I runa VM firewall router. I know it's not ideal But it is what I can do for now until I move.

Good tips!

Thanks for the video. I have UDM Pro and tried to see how to run local DNS on it (I'm running it on pi-hole and it sometimes doesn't work). Can you suggest a tutorial I could follow?

I certainly made the mistake of not changing my NAS static IP to a ‘nice’ one. And now it’s too late to update everything :-(

I have a Q, is it a good practice to enable snapshots on the activebackupforbusiness folder?

I have three 1u working quietly, they have a G4400 processor with Pfsense OS and 2 DNS, another 2u with Truenas and another 1u these are yelling my God, I'm thinking of buying terbins for processors, and turning off the case turbines

Somehow i can hear that hum from your server rack. I just press pause and it goes away :) My server rack is in the basement, so that hum is not heard when i'm in livingroom or in my office :D Number seven, everything is in cloud nowadays if you're doing actual business. I'm a nerd that is why i have actual hardware in 2020+ ;)

"Don't virtualize your firewall" - Tell me why?! Is it interrupt flooding? I bet it's interrupt flooding.

I run TrueNAS in a VM, but with a HBA passthrough. It is a very, very, very bad idea to try virtualizing TrueNAS, especially ZFS, through QEMU. In a VM like this it is more reliable, since I can easily roll back the OS in case of a borked update. As for DNS, I just use my Mikrotik. Well, I have two of them on my network (the second one is acting as a switch next to my servers) that acts as a backup DNS. I just have to resync them from time to time.

Senior network administrator here. That bit about not virtualizing a firewall is hot garbage. It can be done safely, effectively, and efficiently. Would I suggest someone with little to no networkin expirience virtualizing a firewall as their primary firewall for their house? No. But along the road or to have a tinker toy, absolutely. The point about "what if your host fails" is asinine. What happens if your standalone router fails? You usually get a router from your isp. Configure that and then unplug it. Your host goes down, you plug that sucker in and you're fixed in a matter minutes. If you really want to get into the weeds, a HA cluster with your firewall of choice is going to be vastly superior in every way to a standalone router and is a staple in growing IT infrastructure. And isnt that what a homelab is for? I dunno what kind of clients services you provide, but if want to do anything more than mom and pop shops and helping grandma get internet, you better learn to virtualize a firewall at some point.

5:30 hosting vms on truenas? hell no that would be one big mistake here :)

From what I've learned, running a firewall in a VM isn't terrible if you set things up correctly. At least with the hypervisor you always want to make sure it assigns itself a static IP so that even if the firewall goes down you can get to the web interface. I just couldn't justify utilizing an entire computer to the firewall. I might well just bought a more advanced SOHO router if I went that route. I also live by myself so I don't have to deal with annoyed family members. Best decision I've made in my life.

Took a shot at NetworkChuck around the 3 min mark...

Aren’t there already some very good alternatives to Raspberry Pie ?

You should never run one mail server or one DNS. And I don’t replicate my DNS for additional security, even if I have to enter records twice.

Those are a lot of concerns from wife hahaha. One thing missed, homelab-ers are single😂 or divorced 💀 Jk, Good video!

The equipment in my lab sounds like an airplane.

Didn't know Jim Carrey was a computer hobbiest.

What's his nationality? He sounds just like the ShadeReview guy.

Takeaway: Do not piss off wife. Got it!

#1 Mistake in making a video. Not timestamping your video for viewers to skip to.

Very good baselines! Especially when you say do not virtualize your pfsense .

You're nerdy Channing Tatum

I have learn to leave the itnernet alone.

jim carrey?

Guilty

clicked and watch till the end because the thumbnail and title sounded great! generally interested in what the video has to offer. but i have no idea what anything was.

Great video but dislike for "watch before you start"

Me first :)

I feel like you’re trying to tell me something…

Poor guests..

*Beginners 😅😂

I know that it is your opinion and experience but I cannot agree with more than a half of your statements. Your needs ok, but making statements to never do sth should be phrased I will never do that sth. Virtualized firewall on dedicated hardware ok, but you scream never virtualize firewall and adding on Synology is a facepalm... If you don't have engineering background it will explain a lot.

r/TvTooHigh

You should take a public speaking class. I love your videos but it's like you are afraid to raise your voice or speak with authority. Look up timid speaking, it might help you grow the channel!