welcome @ my homelan

You have just reached my homelan, which consists not just of my normal everyday (home)working environment, but also my IT lab (play) environment.

I am a die-hard IT-guy with more than 25 years of experience, primarily in administering Windows networks. network devices such as routers, firewalls and switches and some basic knowledge in Linux.

My homelan is built on (amongst others):

HPE MicroServer Gen10 Plus
The HP Enterprise MicroServer Gen10 Plus with an Intel Xeon-2224 processor and currently 48GB of ECC-RAM serves as an important link in my homelan.
Equipped with 4 Gigabit network interfaces and a separate ILO-interface this is the perfect small (and energy-efficient) server to do some serious virtualization.
Proxmox VE Proxmox VE
Proxmox Virtual Environment is the virtualization platform running on my HPE MicroServer. Proxmox VE is an open source server virtualization management solution based on QEMU/KVM and LXC. It can create virtual machines as well as Linux Containers and it is free to use for home users.
It can handle ZFS for a reliable and very fast storage solution, especially with 2 (Data Center grade) Kingston DC500M 960 GB SATA drives operating in ZFS RAID.
Sophos XG Firewall
Another great product that is free to use in a home environment is the Sophos XG Firewall Home Edition.
This is a fully equipped software version of the Sophos XG firewall with full protection including anti-malware, web security, URL filtering, application control, IPS, VPN and more.
I am running this as a virtual machine on Proxmox on the HPE MicroServer and it is capable of delivering speeds of over 500Mbps using speedtest.net with just about all features switched on. That is without using IOMMU (Intel VT-d) to pass-through the physical NICs/processors from the server to the virtual firewall.
Synology DS920+ NAS
A Synology DS920+ NAS serves my homelan with the necessary storage capacity to store all my data as well as backups from my Proxmox virtual machines, my Microsoft365 environment, my personal Onedrive data and of course the computers in my home.
This NAS also runs docker with some docker containers that haven't been migrated over to the Proxmox environment.

Besides my own data, this NAS also stores encrypted offsite backups of my parents' NAS while encrypted copies of my backups are stored offsite at the NAS at their location.
As a first defense against possible ransomware attacks, the NAS makes regular snapshots that can be restored really quickly.

Netgear GS324TP
The central switch in my homelan is this 'smart-managed' Netgear GS324TP gigabit switch with Power over Ethernet and capable of handling all my VLAN-needs..
Nginx and Let's Encrypt
One of the Linux containers running on Proxmox on the HPE MicroServer is running the NGINX reverse proxy that is managing all my Let's Encrypt SSL certificates for all public facing services.
Since december 2021 I have moved most of my public facing services to my free Kemp LoadMaster Load Balancer.
Kemp LoadMaster Load Balancer
On my proxmox host I have a completely free Kemp LoadMaster Load Balancer running.
In my environment it is not really balancing load over multiple real servers. Instead it is allowing access to several of my internal services from the internet. All protected with Cloudflare SSL wildcard certificates and all reachable over just HTTPS port 443 depending on the FQDN used.
Kemp LoadMaster can also incorporate a login page for normally unprotected webpages that don't need a login or display too much information to my likings before needing to login to the service.
These logins are then authenticated with my Active Directory server to check for validity.

The free Kemp LoadMaster is limited to 20Mbps throughput, but that is more than sufficient for me.
Pi-hole Pi-hole
Another Linux container running on Proxmox on the HPE MicroServer is running Pi-hole.
Pi-hole is a network-level advertisement and internet tracker blocking application acting as a DNS sinkhole.
Main purpose is to remove as much ads as possible while browsing the internet from every device inside my house.
Windows Server 2019
Of course I also have a couple of (evaluation) versions of Windows Server 2019 installed in my homelan, all running as a virtual machine in Proxmox on the HPE MicroServer.
This environment is my playground in which I can make changes as much as I like and keep my knowledge at a high level without breaking anything in a production environment.

Currently I am running
Cloudflare DNS Cloudflare DNS
Cloudflare is not just the DNS resolver for all DNS names that Pi-hole allows, but I have also started to use Cloudflare as a (free) DNS-provider for some of the domain names I own.
Cloudflare cooperates nicely with Let's Encrypt and is capable of automatically renewing wildcard SSL certificates. Cloudflare can also act as a proxy between a domain name and the physical IP-address (location) where a server is hosted, making websites running from my home environment reachable on multiple public IPv4 and IPv6 addresses.
Views since December 12. 2021.