Rebuilding the home lab – Part 2

If you’ve already read the last post about https://marklewis.blog/2020/02/17/rebuilding-the-home-lab/ you’ll realize that my infrastructure skills have become a little rusty! But rust can be dealt with so it’s all good.

Day 3

Day 3 of the rebuild saw some success to say the least. After posting on Reddit about the SAN password, software and licenses, I had a look through at alternative options. In the end, I decided to plump for running FreeNAS on the SAN. Last night, I managed to get the SAN up and running, connected to the HP Flex switch in the back of the C7000 chassis. As the server only had 4GB of RAM, I ‘stole’ the RAM out of the second P4500 which wouldn’t power on. This gives the FreeNAS SAN the minimum required 8GB of RAM. Only one issue came up with deploying the FreeNAS, I am using a 192.168.99.0 subnet which is split in two 255.255.255.128 subnets. When configuring the interface on the SAN, I specified the subnet as a /28 rather than a /25. It took a while to work out that I had messed my CIDR notation up! Once this was done, the ESXi host saw the presented drive.

After this, I managed to deploy the free Home edition of the Sophos XG Firewall. This will be what sits at the edge of my lab, the plan will be to VPN in to the environment from the home network. When setting up the Sophos XG firewall, I ran in to an issue where I couldn’t access the default internal interface (https://172.16.16.16:4444) to set everything up. In the end I put it in it’s destined VLAN (2), plugged the laptop directly in to the switch within the same VLAN, configured a static IP and was able to access the internal management interface. The Sophos firewall is now all configured and set up. At the moment I have to manually add routes for the lab VLANs due to the Cisco switch not being licensed for BGP. Shame, but it’s a small price to pay.

So the networking is almost complete, with a few SVIs to create and configure, and then it’s just a case of creating LACP links for the Hyper-V servers and adding the relevant ports in to the relevant VLANs. I am planning to take another look at the DL360, as last night I took the lid off it and found it stuffed full of RAM. Good for a virtual server, for a Domain Controller I am not going to need that much RAM. I will see if I can take out a load of the RAM and upgrade the FreeNAS server for improved Caching and performance.

Day 4

Another day, more work done. The ESXi DC is now provisioned, not promoted yet but it’s provisioned. All working a treat through the Sophos firewall. All the SVIs have been created for the relevant subnets. I have been planning out more of the IP address allocations using a good old Excel spreadsheet. I will look to manage this with IPAM at a later date. The next priority has to be getting the domain up and running. I will be using the same technique as previously blogged for creating the domain. The only difference is I will change the default paths for Sysvol, NTDS and the logs to their own dedicated drives.

I tried again to resurrect the DL360, but it’s not having any of it. I took the extra RAM out and tried to fit it to the SAN array before discovering that the DL360 uses DDR2 and the SAN array uses DDR3. Oh well, will keep an eye on eBay for some.

Progress has again been made. I now have the first domain controller up and running. The first Hyper-V host is up and running although no guests are on there. It is joined to the domain and has connectivity to the SAN. I need to prepare the second Hyper-V server and then create the cluster before provisioning a machine. Routing between the VLANs all appears to be fine. I am preparing a Windows 10 VM to use ‘on the inside’ as it’s getting tiring being stood up at the rack constantly. I’m hoping that the combination of the insider workstation and the domain being up and running will help make things a little easier for provisioning.

Leave a Reply

Your email address will not be published. Required fields are marked *