Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

Build a lab to improve my junior skill

Here you can discuss every aspect of Debian. Note: not for support requests!
Post Reply
Message
Author
coppolino97
Posts: 113
Joined: 2018-06-05 15:23
Has thanked: 2 times

Build a lab to improve my junior skill

#1 Post by coppolino97 »

Hi guys,
I would build my home lab about networking and server.
I am a junior network engineer, I am 21 years old, and I want improve my skill so I think that build a home lab it will be a good way to grow up.
At the moment I have passed CCNA certification.

About the network I have seen that online there are Cisco Kits of switch and router for the CCNA Certification (for example on Ebay), so I suppose that this is the right choice.
Do you suggest me other option about cheap switch. It could be fine a layer 2 switch at the moment becouse I have a Mikrotik routerboard for the Layer 3.

About firewall I would use a Linux Distro as IPFire,ZeroShell or pfsense (based on freebsd sorry!), probably using a fanless PC, I have seen that on Aliexpress there are some interesting mini PC to do this task.
Or do you suggest build in firewall? Are not they more expensive?

Finally about "server".
I would a PC quite powerful to execute VMware or Proxmox to create a simple virtual lab to manage Linux machine and Windows Server Machine (sorry but at work we use Windows Server a lot ).
Otherwise I have seen on ebay used old HP server too.
Can you suggest my something about it?

The firewall could be virtualized too.

What do you think about it?
Thanks for your help
:D
Lenovo T460 | 8Gbyte of RAM | Intel core i5 | SSD 250GB | Debian 12

User avatar
Head_on_a_Stick
Posts: 14114
Joined: 2014-06-01 17:46
Location: London, England
Has thanked: 81 times
Been thanked: 132 times

Re: Build a lab to improve my junior skill

#2 Post by Head_on_a_Stick »

coppolino97 wrote:pfsense
Why bother with that?

OpenBSD has the latest version of pf and it's very easy to set up:

https://www.openbsd.org/faq/pf/index.html

^ Best. Firewall. Ever.
deadbang

xepan
Posts: 89
Joined: 2018-11-28 06:38

Re: Build a lab to improve my junior skill

#3 Post by xepan »

quite some years ago i ran in the package gns3, but i couldn't make any sense of it at all.
Hence it might be of no use at all, don't be angry if so:
https://packages.debian.org/stretch/gns3

coppolino97
Posts: 113
Joined: 2018-06-05 15:23
Has thanked: 2 times

Re: Build a lab to improve my junior skill

#4 Post by coppolino97 »

Why bother with that?

OpenBSD has the latest version of pf and it's very easy to set up:

https://www.openbsd.org/faq/pf/index.html

^ Best. Firewall. Ever.
Thanks for this suggestion, I do not know this!
Is better this one or a linux firewall distribution? :roll:
quite some years ago i ran in the package gns3, but i couldn't make any sense of it at all.
Hence it might be of no use at all, don't be angry if so:
https://packages.debian.org/stretch/gns3
Yes it is a good idea, but I prefer a real lab at the moment. :D

About a little server anyone can suggest something?

Thanks for your help
Lenovo T460 | 8Gbyte of RAM | Intel core i5 | SSD 250GB | Debian 12

User avatar
llivv
Posts: 5340
Joined: 2007-02-14 18:10
Location: cold storage

Re: Build a lab to improve my junior skill

#5 Post by llivv »

coppolino97 wrote:About a little server anyone can suggest something?
Thanks for your help
Congratulations on the CCNA
coppolino97 wrote:About the network I have seen that online there are Cisco Kits of switch and router for the CCNA Certification
(for example on Ebay), so I suppose that this is the right choice.
Do you suggest me other option about cheap switch. It could be fine a layer 2 switch at the moment becouse I have a Mikrotik routerboard for the Layer 3.
depends on personal preference and how you want to spend your time,
ie want to learn cisco protocols or open source best practices.
Cisco has its own cert (as I'm sure you are aware already)
coppolino97 wrote:About firewall I would use a Linux Distro as IPFire,ZeroShell or pfsense (based on freebsd sorry!), probably using a fanless PC, I have seen that on Aliexpress there are some interesting mini PC to do this task.
Or do you suggest build in firewall? Are not they more expensive?
all depends on personal preference and how much time is available.
ie: do you want to learn howto open source firewall practices or proprietary best practices/security/secrets and licensing.
coppolino97 wrote: Finally about "server".
I would a PC quite powerful to execute VMware or Proxmox to create a simple virtual lab to manage Linux machine and Windows Server Machine (sorry but at work we use Windows Server a lot ).
Otherwise I have seen on ebay used old HP server too.
Can you suggest my something about it?
if you want a server like that you are going to have to learn howto administer it as well.
All OEM's have different Admin panels and hardware setups.
And/Or one can build it oneself adding more time to learn the pros and cons of the hardware/software mix of the machine.
I'd suggest scheduling adequate time to the Admin team to get all their duck is a row (so to speak)
In memory of Ian Ashley Murdock (1973 - 2015) founder of the Debian project.

User avatar
Head_on_a_Stick
Posts: 14114
Joined: 2014-06-01 17:46
Location: London, England
Has thanked: 81 times
Been thanked: 132 times

Re: Build a lab to improve my junior skill

#6 Post by Head_on_a_Stick »

coppolino97 wrote:
Why bother with that?

OpenBSD has the latest version of pf and it's very easy to set up:

https://www.openbsd.org/faq/pf/index.html

^ Best. Firewall. Ever.
Thanks for this suggestion, I do not know this!
Is better this one or a linux firewall distribution?
OpenBSD is a better choice for a firewall, the Linux developers are too focused on cramming as many new features in as fast as possible to give a damn about bugs & vulnerabilities. IMO :)

That shiny pfsense distribution may have a nice, pretty GUI but that just adds more holes...
deadbang

coppolino97
Posts: 113
Joined: 2018-06-05 15:23
Has thanked: 2 times

Re: Build a lab to improve my junior skill

#7 Post by coppolino97 »

Congratulations on the CCNA
Thanks! :D
depends on personal preference and how you want to spend your time,
ie want to learn cisco protocols or open source best practices.
Cisco has its own cert (as I'm sure you are aware already)
Generally, I prefer Cisco because I know a little bit than other company networking device. Recently I started to use Aruba/HP switch too, they have a nice web interface but the CLI at the moment is not totally clear for me.
if you want a server like that you are going to have to learn howto administer it as well.
All OEM's have different Admin panels and hardware setups.
And/Or one can build it oneself adding more time to learn the pros and cons of the hardware/software mix of the machine.
I'd suggest scheduling adequate time to the Admin team to get all their duck is a row (so to speak)
Yes, at the moment I prefer HP because it is the just vendor's server that I know, but I have not really experience about it.
About operating system I would install VMware (or proxmox) to learn how to really manage from zero a real virtual environment.

I have just manage some VM but the virtual environment was just configured on vmware or hyper-v.
OpenBSD is a better choice for a firewall, the Linux developers are too focused on cramming as many new features in as fast as possible to give a damn about bugs & vulnerabilities. IMO :)
That shiny pfsense distribution may have a nice, pretty GUI but that just adds more holes...
Generally at work I have used/managed Fortinet firewall and just rarely times Watchguard Firewall.
I have asked about other solution to reduce the cost of building this little lab.

Thanks for your help!
Lenovo T460 | 8Gbyte of RAM | Intel core i5 | SSD 250GB | Debian 12

User avatar
Head_on_a_Stick
Posts: 14114
Joined: 2014-06-01 17:46
Location: London, England
Has thanked: 81 times
Been thanked: 132 times

Re: Build a lab to improve my junior skill

#8 Post by Head_on_a_Stick »

coppolino97 wrote:Generally at work I have used/managed Fortinet firewall and just rarely times Watchguard Firewall
I'm no expert but that looks like a scam to me.

OpenBSD has had 2 remote holes in the default install (which is what you'd be using for a firewall) in over 20 years, can Fortinet make the same claim?
deadbang

coppolino97
Posts: 113
Joined: 2018-06-05 15:23
Has thanked: 2 times

Re: Build a lab to improve my junior skill

#9 Post by coppolino97 »

I'm no expert but that looks like a scam to me.
OpenBSD has had 2 remote holes in the default install (which is what you'd be using for a firewall) in over 20 years, can Fortinet make the same claim?
Not so what you're talking about, I have just one year of experience of work as junior network engineer, so it is a new for me.
It is just a little lab to improve my little experience, but I don't want create a super lab at the moment and wast too much money.

Thanks for your suggestion!
Lenovo T460 | 8Gbyte of RAM | Intel core i5 | SSD 250GB | Debian 12

User avatar
llivv
Posts: 5340
Joined: 2007-02-14 18:10
Location: cold storage

Re: Build a lab to improve my junior skill

#10 Post by llivv »

coppolino97 wrote: I have just one year of experience of work as junior network engineer, so it is a new for me.
It is just a little lab to improve my little experience, but I don't want create a super lab at the moment and wast too much money.
I was gonna say! instead I waited for you to say it.
What the estimate for the lab setup you posted in the OP?
What is the estimate for the Lab you are intending to build?
In memory of Ian Ashley Murdock (1973 - 2015) founder of the Debian project.

coppolino97
Posts: 113
Joined: 2018-06-05 15:23
Has thanked: 2 times

Re: Build a lab to improve my junior skill

#11 Post by coppolino97 »

At the moment I suppose to build a PC that can I use as Virtual Machine Server with Proxmox for example.
I suppose that it could be a interesting point to start.

Thanks
Lenovo T460 | 8Gbyte of RAM | Intel core i5 | SSD 250GB | Debian 12

Funkygoby
Posts: 68
Joined: 2009-08-13 09:25

Re: Build a lab to improve my junior skill

#12 Post by Funkygoby »

I 'll second HOAS recommanding OpenBSD.

It's the simplest system I have ever seen. Everything makes sense and I gained much more confidence using it for few months than I did using Debian for a decade+.
The doc is top notch and the tools work as intended. This is not so obvious with Linux-based systems.
I am not sure how the knowledge transpose from one (OBSD) to another (Linux) but my experience is, what you learn on the simplest system can be re-use on big fat systems.
That is if you want to really learn the tech underneath.

If you want more shiny tech, stick with Linux. OpenBSD is a battletested system that moves only when deemed necessary.

Post Reply