Build a lab to improve my junior skill

Here you can discuss every aspect of Debian. Note: not for support requests!

Build a lab to improve my junior skill

Postby coppolino97 » 2019-01-07 21:56

Hi guys,
I would build my home lab about networking and server.
I am a junior network engineer, I am 21 years old, and I want improve my skill so I think that build a home lab it will be a good way to grow up.
At the moment I have passed CCNA certification.

About the network I have seen that online there are Cisco Kits of switch and router for the CCNA Certification (for example on Ebay), so I suppose that this is the right choice.
Do you suggest me other option about cheap switch. It could be fine a layer 2 switch at the moment becouse I have a Mikrotik routerboard for the Layer 3.

About firewall I would use a Linux Distro as IPFire,ZeroShell or pfsense (based on freebsd sorry!), probably using a fanless PC, I have seen that on Aliexpress there are some interesting mini PC to do this task.
Or do you suggest build in firewall? Are not they more expensive?

Finally about "server".
I would a PC quite powerful to execute VMware or Proxmox to create a simple virtual lab to manage Linux machine and Windows Server Machine (sorry but at work we use Windows Server a lot ).
Otherwise I have seen on ebay used old HP server too.
Can you suggest my something about it?

The firewall could be virtualized too.

What do you think about it?
Thanks for your help
:D
coppolino97
 
Posts: 35
Joined: 2018-06-05 15:23

Re: Build a lab to improve my junior skill

Postby Head_on_a_Stick » 2019-01-08 05:52

coppolino97 wrote:pfsense

Why bother with that?

OpenBSD has the latest version of pf and it's very easy to set up:

https://www.openbsd.org/faq/pf/index.html

^ Best. Firewall. Ever.
User avatar
Head_on_a_Stick
 
Posts: 10321
Joined: 2014-06-01 17:46
Location: /dev/chair

Re: Build a lab to improve my junior skill

Postby xepan » 2019-01-08 06:13

quite some years ago i ran in the package gns3, but i couldn't make any sense of it at all.
Hence it might be of no use at all, don't be angry if so:
https://packages.debian.org/stretch/gns3
xepan
 
Posts: 89
Joined: 2018-11-28 06:38

Re: Build a lab to improve my junior skill

Postby coppolino97 » 2019-01-08 12:55

Why bother with that?

OpenBSD has the latest version of pf and it's very easy to set up:

https://www.openbsd.org/faq/pf/index.html

^ Best. Firewall. Ever.


Thanks for this suggestion, I do not know this!
Is better this one or a linux firewall distribution? :roll:

quite some years ago i ran in the package gns3, but i couldn't make any sense of it at all.
Hence it might be of no use at all, don't be angry if so:
https://packages.debian.org/stretch/gns3

Yes it is a good idea, but I prefer a real lab at the moment. :D

About a little server anyone can suggest something?

Thanks for your help
coppolino97
 
Posts: 35
Joined: 2018-06-05 15:23

Re: Build a lab to improve my junior skill

Postby llivv » 2019-01-08 14:15

coppolino97 wrote:About a little server anyone can suggest something?
Thanks for your help
Congratulations on the CCNA
coppolino97 wrote:About the network I have seen that online there are Cisco Kits of switch and router for the CCNA Certification
(for example on Ebay), so I suppose that this is the right choice.
Do you suggest me other option about cheap switch. It could be fine a layer 2 switch at the moment becouse I have a Mikrotik routerboard for the Layer 3.
depends on personal preference and how you want to spend your time,
ie want to learn cisco protocols or open source best practices.
Cisco has its own cert (as I'm sure you are aware already)
coppolino97 wrote:About firewall I would use a Linux Distro as IPFire,ZeroShell or pfsense (based on freebsd sorry!), probably using a fanless PC, I have seen that on Aliexpress there are some interesting mini PC to do this task.
Or do you suggest build in firewall? Are not they more expensive?
all depends on personal preference and how much time is available.
ie: do you want to learn howto open source firewall practices or proprietary best practices/security/secrets and licensing.
coppolino97 wrote: Finally about "server".
I would a PC quite powerful to execute VMware or Proxmox to create a simple virtual lab to manage Linux machine and Windows Server Machine (sorry but at work we use Windows Server a lot ).
Otherwise I have seen on ebay used old HP server too.
Can you suggest my something about it?
if you want a server like that you are going to have to learn howto administer it as well.
All OEM's have different Admin panels and hardware setups.
And/Or one can build it oneself adding more time to learn the pros and cons of the hardware/software mix of the machine.
I'd suggest scheduling adequate time to the Admin team to get all their duck is a row (so to speak)
In memory of Ian Ashley Murdock (1973 - 2015) founder of the Debian project.
User avatar
llivv
 
Posts: 5488
Joined: 2007-02-14 18:10
Location: cold storage

Re: Build a lab to improve my junior skill

Postby Head_on_a_Stick » 2019-01-08 18:12

coppolino97 wrote:
Why bother with that?

OpenBSD has the latest version of pf and it's very easy to set up:

https://www.openbsd.org/faq/pf/index.html

^ Best. Firewall. Ever.


Thanks for this suggestion, I do not know this!
Is better this one or a linux firewall distribution?

OpenBSD is a better choice for a firewall, the Linux developers are too focused on cramming as many new features in as fast as possible to give a damn about bugs & vulnerabilities. IMO :)

That shiny pfsense distribution may have a nice, pretty GUI but that just adds more holes...
User avatar
Head_on_a_Stick
 
Posts: 10321
Joined: 2014-06-01 17:46
Location: /dev/chair

Re: Build a lab to improve my junior skill

Postby coppolino97 » 2019-01-09 18:15

Congratulations on the CCNA

Thanks! :D

depends on personal preference and how you want to spend your time,
ie want to learn cisco protocols or open source best practices.
Cisco has its own cert (as I'm sure you are aware already)

Generally, I prefer Cisco because I know a little bit than other company networking device. Recently I started to use Aruba/HP switch too, they have a nice web interface but the CLI at the moment is not totally clear for me.

if you want a server like that you are going to have to learn howto administer it as well.
All OEM's have different Admin panels and hardware setups.
And/Or one can build it oneself adding more time to learn the pros and cons of the hardware/software mix of the machine.
I'd suggest scheduling adequate time to the Admin team to get all their duck is a row (so to speak)

Yes, at the moment I prefer HP because it is the just vendor's server that I know, but I have not really experience about it.
About operating system I would install VMware (or proxmox) to learn how to really manage from zero a real virtual environment.

I have just manage some VM but the virtual environment was just configured on vmware or hyper-v.

OpenBSD is a better choice for a firewall, the Linux developers are too focused on cramming as many new features in as fast as possible to give a damn about bugs & vulnerabilities. IMO :)
That shiny pfsense distribution may have a nice, pretty GUI but that just adds more holes...

Generally at work I have used/managed Fortinet firewall and just rarely times Watchguard Firewall.
I have asked about other solution to reduce the cost of building this little lab.

Thanks for your help!
coppolino97
 
Posts: 35
Joined: 2018-06-05 15:23

Re: Build a lab to improve my junior skill

Postby Head_on_a_Stick » 2019-01-09 18:21

coppolino97 wrote:Generally at work I have used/managed Fortinet firewall and just rarely times Watchguard Firewall

I'm no expert but that looks like a scam to me.

OpenBSD has had 2 remote holes in the default install (which is what you'd be using for a firewall) in over 20 years, can Fortinet make the same claim?
User avatar
Head_on_a_Stick
 
Posts: 10321
Joined: 2014-06-01 17:46
Location: /dev/chair

Re: Build a lab to improve my junior skill

Postby coppolino97 » 2019-01-10 12:29

I'm no expert but that looks like a scam to me.
OpenBSD has had 2 remote holes in the default install (which is what you'd be using for a firewall) in over 20 years, can Fortinet make the same claim?


Not so what you're talking about, I have just one year of experience of work as junior network engineer, so it is a new for me.
It is just a little lab to improve my little experience, but I don't want create a super lab at the moment and wast too much money.

Thanks for your suggestion!
coppolino97
 
Posts: 35
Joined: 2018-06-05 15:23

Re: Build a lab to improve my junior skill

Postby llivv » 2019-01-10 12:39

coppolino97 wrote: I have just one year of experience of work as junior network engineer, so it is a new for me.
It is just a little lab to improve my little experience, but I don't want create a super lab at the moment and wast too much money.

I was gonna say! instead I waited for you to say it.
What the estimate for the lab setup you posted in the OP?
What is the estimate for the Lab you are intending to build?
In memory of Ian Ashley Murdock (1973 - 2015) founder of the Debian project.
User avatar
llivv
 
Posts: 5488
Joined: 2007-02-14 18:10
Location: cold storage

Re: Build a lab to improve my junior skill

Postby coppolino97 » 2019-01-21 08:06

At the moment I suppose to build a PC that can I use as Virtual Machine Server with Proxmox for example.
I suppose that it could be a interesting point to start.

Thanks
coppolino97
 
Posts: 35
Joined: 2018-06-05 15:23

Re: Build a lab to improve my junior skill

Postby Funkygoby » 2019-01-21 17:19

I 'll second HOAS recommanding OpenBSD.

It's the simplest system I have ever seen. Everything makes sense and I gained much more confidence using it for few months than I did using Debian for a decade+.
The doc is top notch and the tools work as intended. This is not so obvious with Linux-based systems.
I am not sure how the knowledge transpose from one (OBSD) to another (Linux) but my experience is, what you learn on the simplest system can be re-use on big fat systems.
That is if you want to really learn the tech underneath.

If you want more shiny tech, stick with Linux. OpenBSD is a battletested system that moves only when deemed necessary.
Funkygoby
 
Posts: 68
Joined: 2009-08-13 09:25


Return to General Discussion

Who is online

Users browsing this forum: No registered users and 6 guests

fashionable