What is the recommended equipment needed to create a home networking/computer lab for a hands on learning environment? I know there are virtual options, but I would rather spend money on the physical equipment. Is there a good general list of equipment needed? Would a couple of routers and 1 or 2 switches be enough? What equipment did you start with?
Big boy networking equipment is stupid expensive. If you’re trying to have real world experience at home, I think you’d go broke buying Cisco gear.
At this point, for labs I stick with cloud stuff. Much easier than building a home lab, plus gets the spousal approval.
I run an HPE Microserver along with some Synology disk enclosures. Networking is all Ubiquiti Unifi. It doesn’t really help me so much professionally though. IMO the hardest part is learning vendor-specific stuff. Like others mentioned, your best bet to learn for the workplace is to utilize hosted offerings.
One of the TWiT sponsors, World Wide Technology (https://www.wwt.com/) maintains training labs for the big vendors. I don’t know how much it costs though.
If you know there’s a specific vendor that you want to train on, I’d check their site for education resources. Almost all of them these days do lab-based training. It’ll cost some money but will be thousands less than buying equipment.
Without knowing what you want to achieve and what manufacturer’s kit you are expecting to administer “in the real world”, it is hard to recommend anything.
If it is just general stuff, like learning how VLANs and firewalls work, then it is easier, there are lots of good options.
A good option for a firewall is pfSense (free, you just need an old PC with at least 2 network ports to connect it to your modem/router and your network).
I use a lot of Ubiquiti Unifi kit, which is nice and easy to manage.
AVM Fritz!Box router (set to IP passthru mode)
Devolo PowerLink 1200 (Ethernet over power cable to get into the cellar, where my networking kit is)
Unifi Secure Gateway (firewall)
Zyxel 24 port Level 2 switch
- Unifi 8 port PoE switch
– Unifi CloudKey 2
– Unifi AP LR
— Unifi AP LR (wireless bridged to the first one, to provide Wi-Fi to the rest of the house)
- Raspi running PiHole (DNS and DHCP for default VLAN)
- Various PCs and Servers
- Raspi running Unifi management software as backup for the CloudKey 2
I also have the network split into mulitple VLANs:
- Default for management
- 50 for Wi-Fi clients
- 100 for Ethernet clients
- 150 for guest network
and a couple of others for testing, DMZ etc.
I then set up firewall rules on the USG to allow certain traffic to flow back and forth - for example, the guest network gets its DHCP from the USG, but DNS comes from the PiHole (it provides blacklisting of tracking domains, for instance).
The Zyxel is a good, relatively cheap managed switch that offers VLANs. It isn’t the easiest to configure (I prefer HP ProCurve, but they are simply too expensive for home use), but it is good enough for learning about networking and routing.
The Unifi is good, reasonable priced kit, I’ll probably replace the 8 port PoE and the Zyxel with a bigger Unifi switch at some point. Unifi uses a (relatively) simple to use management interface for configuration.
I did have all sorts of problems at the start, because it insists on using 192.168.1.0/24 as its default network and the USG will automatically act as a DHCP server. I was using a different subnet and I had my own DHCP server on the default VLAN. For some reason, the USG kept wanting to drop back to its default subnet and it kept trying to turn on DHCP on the default VLAN, which caused all sorts of problems. It took a couple of factory resets and firmware upgrades, before it behaved itself. The same for the CloudKey 2, I used the software controller in a container on my NAS for a while and everything ran smoothly, but QNAP made the updates to the container needlessly complex, so I bought the CK2, but it was unstable and I had to completely rebuild the network 3 times in 2 weeks! A replacement CK2 sorted that out. Using backups, it was relatively painless to get the configuration back, although I had to re-adopt all the Unifi kit each time.
I think that I was just unlucky and got a duff CK2 and the firmware was also not 100% reliable at first, but for the last 6 months, it has run without any further problems.
I have messed around with a lot of configurations on the network - for example I block all the common DoH servers on the firewall, so that browsers and devices will drop back to using my DNS server, which blocks over 2,5 million tracking and malware sites. My DNS server itself uses DoT and DNSSEC to a trusted authority DNS server on the Internet, so the setup offers better protection and privacy than DoH from Google or Mozilla, for example.
Just remembered we had a home server thread a while back. bunch of members posted some pretty sweet setups - The Big Home Server/HomeLab Thread
I appreciate the responses so far and guiding me to go to a virtual setup, but I am more interested in getting hardware for my house which is what my initial question is.
Well it’s unclear what kind of hardware you think you would use at home that would allow you to learn useful skills for the real world. Enterprise class hardware is NOT the same as SOHO hardware which is not the same as consumer grade hardware. The kind of hardware that a bank or insurance company would use, aka Big Iron, is VERY expensive, and has a user interface and controls (including SNMP software) that costs tens or hundreds of thousands of dollars.
To play at home, and learn general networking, you should get a pfSense firewall/router, a managed switch that can do VLANs and IPv6 and a couple of small RPi’s or the like that you can install DHCP or DNS style servers on… and possibly a laptop and a network hub (not a switch) that can allow you to play with Wireshark.