My homelab is the foundation of most of my at-home learning. It's where I've learned most everything I know and gives me real experience in problem-solving (ask my girlfriend how many times she's had to ask me to fix things that I accidentally broke without realizing it).

Cost has always been an important factor behind all my homelab purchases, so you’ll see how I’ve been able to build a modest setup to learn on a budget.

A Cost-Effective Server

At the heart of my homelab lies my “server”. I acquired an old Dell Optiplex 9020 desktop (i5-4670, 16GB RAM) off of eBay for around $100 and threw in a cheap SSD. I installed VMWare’s ESXi as the hypervisor. On it, I’ve setup a handful of different virtual machines. In addition to the original network card, I added another 4 port network card I got off of eBay for about $15.

Routing via Virtualization

One of the most crucial virtual machines in my setup is pfSense. The pfSense virtual machine is used as the router for my home network. Though the setup is fairly simple, I am using it for assigning DHCP and static IPs, DNS resolving, intrusion detection, and OpenVPN.

W.A.P. (Wireless Access Points)

After pfSense I have two access points. One access point is a D-Link DIR-862L that I have flashed the open source firmware DD-WRT onto. Between friends, family, and my own residences, I’ve used this model of router many times over the years. And I’ve used DD-WRT many more times than that. While several years old at this point, the DIR-862L has the same CPU as the more well-known TP-Link Archer C7, is dual-band, and could be found on eBay for around 30 bucks. I have this router setup as an access point only, as I don’t need it to perform routing. The router is located in the home office and connected to the server in the basement with ethernet cable.

The second access point is the popular Ubiquiti Unifi AP-AC Lite. Just like my other access point, I’ve used this device several times in family’s homes. It’s rock-solid and offers a ton of features for the price. Due to location, this access point is the one that serves most of the wifi devices in my house.

Bridging ESXi to the Physical World

This next part was a definite learning experience for me. When I was setting up my network, I assumed that I would simply be able to plug the AP-AC Lite into the 4 port network card of my server, just like the other access point. However, as I learned the hard way, ESXi doesn’t work like that. As soon as I plugged the second AP into the network card, things started breaking. I had assumed that I could use the 4 port network card essentially as a switch, increasing the amount of things I could directly plug into the server. Well, turns out I could not. Here’s why:

To bridge ESXi to the physical world, you first have to create a virtual switch (vswitch). A vSwitch is a logical switching fabric that emulates a switch as a layer 2 network device. After creating, you then attach one or multiple NIC(s) (network interface controller) to the vSwitch. These NICs are the ports of your network card, so for me, I had 4 available NICs. Here’s the catch: you can’t use multiple NICs to connect to different devices from the same vSwitch, you can only connect multiple NICs to the same device. A vSwitch just isn’t meant to connect to multiple physical devices. The reason you can connect several NICs to one vSwitch isn’t to emulate a real world network switch, it’s for backup connections. If you have two NICs from one vSwitch connected to a real switch and one of the two ethernet cables suddenly disintegrates, you still have one functioning connection.

In order to connect both of my access points to the server at the server, I would need a physical switch. Then I’d be able to theoretically connect all 4 of my network card ports to my physical switch, giving me 3 backup connections. I could setup a failover order, load balancing, and create a LAG (link aggregation group)(a term I know from learning about AWS Direct Connect).

Anyway, after learning all of this, I realized that for the meantime I would have to use my DD-WRT access point as the first stop switch out of my server. So, the AP-AC Lite gets plugged into the DD-WRT, I learn a lesson, and I find more ways to spend more money on my home network. My next upgrade will be a managed switch with at least 8 ports. Soon I’ll be able to setup VLANs, something I’ve been wanting to do since filling my home with smart devices.

VPN

To connect to some other locations, I use OpenVPN. I manage a server at a relative’s house in another state. The server is another Dell Optiplex that runs Windows 10, and the router is another D-Link DIR862L with DD-WRT. While the OS on the server is Windows 10, I do use VMWare Workstation Player to run one virtual machine. That one VM is the OS version of Home Assistant, HASSOS. The reason I’m running Windows as the base OS is to use a program called Blue Iris. Blue Iris is video security software. I’ve installed several IP cameras at that house and use Blue Iris to monitor and record these cameras. Blue Iris only runs natively on Windows.

I’ve also just recently started experimented with WireGuard, and it seems great, but I’m not actually using it for anything as of yet.

More Virtualization

There’s only a few more virtual machines running on my server currently: Jellyfin (a media server), OpenMediaVault (a NAS), and Home Assistant (home automation). At the moment Jellyfin is running on an Ubuntu virtual machine. I’ll probably migrate it to a Docker container in the future. OpenMediaVault is a VM all of its own. And Home Assistant.. well, there’s so much to talk about there that that’ll have to be its own post.

Diagram