Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Locked thread
Sepist
Dec 26, 2005

FUCK BITCHES, ROUTE PACKETS

Gravy Boat 2k
This is the thread for setting up home labs on a goon budget; where cheeto stained fingers meet enterprise networking

:siren:YOU DO NOT NEED TO GO BUY A DELL POWEREDGE TO RUN VM'S! THEY'RE NOISY, HOT, POWER HUNGRY, AND NOISY. Seriously, you'd be better off with a quad i5/i7 and a lot of RAM.:siren:

I. Where do I get started?!

Right! This depends on what you want to work on. Do you want to work on..

Networks: There are a few ways to do this - via Packet Tracer from Cisco, VIRL from Cisco (New and untested by me so far but runs all Cisco images, not just IOS), and the most popular - GNS3. We'll focus on GNS3 - You install the all-in-one software which provides everything needed to emulate network devices except for the router images. Those you will have to legitimately get from the Cisco site (CCO Login required and tied to a service contract) or you can :filez: it (don't ask where to download them in this thread,however you could ask what version of image you should use). It should be noted that switches can't 100% be emulated, however I will cover workarounds later on in the thread. You can however emulate ASA firewalls and routers, and even tie them to your NIC so that the router/ASA are reachable from the internet! With enough desktop memory you can run some really big virtualized networks:



Systems: System can be emulated with VMware ESXi or Workstation / Microsoft Hypervisor / Oracle VM VirtualBox. You would install one of those products and from there you can install virtual machines. You would need to :filez: an ISO of your target operating system and install it on a blank virtual machine. If you don't have a spare server/workstation to install ESX on, you can run ESX inside of a VM like you would any other virtualized OS, then build VM's into that, effectively making the inception version of server virtualization



Both: Totally doable! Virtualization is cool, and with it you can tie virtual adapters into GNS3 and emulate hosts / Cisco Call Managers / ACS / German Dungeon Porn webservers or whatever else tickles your fancy.

II. Requirements

Any modern PC will do, but for virtualization you generally want to have over 4GB of RAM and a multi-core processor - for multiple server or network device virtualizations you'll want to have 16+ GB (in the above GNS3 network I had to upgrade from 16GB to 32GB to support it)

III. Do I need physical hardware for the XXX exam or can I just use virtualized hardware?

For most entry/mid-level exams, you could virtualize the whole thing for your test bed. The CCNA can definitely be fully virtualized, the CCNP can be half virtualized (switches have their own dedicated exam and you can't emulate all of the config/commands used on the test). For microsoft/RHCE..I would assume so unless someone wants to prove me wrong. I've only taken up to the MCSA and I can't see why any of that can't be virtualized fully.

There are caveats, you can't virtualize a full wireless network so the CCNA Wireless track wouldn't be helpful here except for core routing, and the CCNA Voice is mostly able to be produced in VM/GNS3 but there are some features only a voice card in a router can deliver (hold music for example)

If anything I would get a cheap enterprise switch like a 2950, 2960, or 3750 off ebay for $100+. Just note that enterprise hardware tends to be LOUD and power hungry and at least for servers doesn't offer much if any of a benefit.

IV. Networking Gotchas

Sometimes poo poo stops working in GNS3, like even though two routers are directly connected and configured correctly, you can't ping across. When in doubt, shutdown/start the routers (but make sure you save the config first!)

Switching. It doesn't work with GNS3 because switches use a dedicated piece of hardware to make layer 2 decisions called ASIC's, and GNS3 can't emulate an ASIC. I assume VIRL will be able to because Cisco is boss but VIRL costs money, and goons can't afford anything. The workarounds:

- Use a 3725 IOS image and add NM-16ESW modules to the virtual hardware in GNS3. This gives you 16 switchports and a few switch configuration changes but nothing deep (e.g.: etherchannel or dot1x), the good thing about this switch is this is the most basic "multilayer switch" which are very important in Campus (e.x.: Enterprise) Network Design topologies
- Use the built in "ethernet switch" in GNS3, all it does is move packets between the same vlan or dot1q trunks

V. Server VM Gotchas

Clock rate syncing on RHEL5 and older versions of Windows. Not a problem if VMware tools are installed (or elevator=deadline in Linux, but potentially an issue).

VI. poo poo you can do

Okay so you get VMware ESXi installed on a stolen Dell R720 but now what? Well my first step would be to connect it to a spare NIC on another server/desktop running GNS3 and tie that NIC into GNS3 along with your home network NIC, configure an emulated router to be configured on both interfaces and baby you got yourself a stew! No seriously you now have the most barebones small business network ever and just the tipping point of the poo poo you can do to make yourself a useful person to society!

For the non-networking people, I guess you could just set up a shitload of Windows 2008 R2 or Linux servers and make yourself a AD / DNS / CA authority, tie all your home computers to the domain and lock mom out of farmville when you get grounded.

Sepist fucked around with this message at 20:29 on Aug 7, 2013

Adbot
ADBOT LOVES YOU

Sepist
Dec 26, 2005

FUCK BITCHES, ROUTE PACKETS

Gravy Boat 2k
More info regarding enterprise hardware for your home lab

Dilbert As gently caress posted:

I was about to go to bed but my sperg kicked in, OP here you go

SO YOU WANT TO BY A DELL POWEREDGE: EASY GUIDE TO SAVING A BUTT-TONE OF MONEY

So you want to buy a poweredge for your lab? Cool here are some points to think about prior to buying that waste of money. First of let me say when I was first getting into VMware and such I thought getting a Dell Poweredge/HP Proliant/etc would be the poo poo and be MUCH more valuable learning than a server, then I ran the facts and figures.

:siren:PROTIP: No one gives a poo poo you can install an OS/Hypervisor onto a hardware platform:siren:
Seriously;
installing ESXi is like, Enter, F11, Enter, F11, Enter, and Enter.
Hyper-V 2012 is similar even less clicks.
Citrix is similar to ESXi but feels a bit more linuxy but is incredibly straight forward.

Congratulations, you are not able to install ESXi/hyper-V/Citrix on HP/Dell/IBM/UCS/other.

The important part of a lab is not how to install an OS on a HW platform unless you are shooting for your A+ and A+ job, that is probably the only time an employer will care. The important part of setting up a HyperVisor/Server OS is not the "can you install it" but "can you make it usable and understand what you did". Hardware platform familiarity is becoming less and less of a requirement as we move more and more into the virtualization realm. Today most of my installs are scripted, to the point where I boot off USB and let the .KS/unattend.xml finish it, comeback in 5 minutes and configure anything else. While you may need to understand the importance of auto-deployments of windows/linux/Vmware, realize you can do this all in ESXi running on a Cheap rear end 600 dollar build which will curb stomp your Dell server you are getting that shipped with no HDD's, hope you have some good network storage!

Common misconceptions of LAB environments
  • Installing on Vendor Hardware will work better!
    Mostly not true, most of your server hardware is probably 3-4 years old and won't really compare to what you can get on the desktop market in the way of parts.

  • I can just upgrade the Ram in my Dell Server which was 200 bucks and came with 16GB of Ram with some off newegg!
    Probably not true, most ram for servers isn't your run of the mill desktop ram, most will require ECC and may be vendor specific. Long story short it will cost you much more than you estimate

  • I need to know how to install it onto the Vendor hardware
    No you really need to watch like a few YT videos and blammo done, focus on configuring the Software and Services

  • I can just throw in my Western Digital or Seagate Drives into make up for the fact it shipped with no drives!
    Not always true, most won't accept a drive unless it has a signature from dell/hp/etc and those drives are costly(hence why your server didn't come with any)!

  • There are some Hardware pieces I can't mimic like iDrac, iLO, or Cisco's CMC!
    If you are going to a job where they let you deal with things like multiple VM servers and clusters, and yet you can't be bothered to watch a 5 minute video or understand what it means when it is asking for an IP address and password you have bigger issues. Furthermore, Supermicro offers some similar features on their boards which allow for similar configuration

  • I can't get enough ram/CPU in the Whitebox Servers I NEED a Dell/HP
    True some things just won't fit your needs for ram/cpu in the box, but you shouldn't be building a 1:1 production unless you are going for something like a VCDX, even then 32GB and a 8 Core CPU will take you farther than you think. If you still need more, look at supermicro, most take desktop ram fairly well and run stuff without a hitch.


Remember your lab environment is to teach you the concepts and to familiarize yourself with the Software and Services you are configuring. It does not have to be better than your production environment.

TIPS OF A VIRTUAL ENVIRONMENT
:eng101: Only assign what the VM needs, this is also true in a production environment. If it only is running AD/DNS/DHCP, it could probably run happy on 512MB and 1 vCPU, You'll probably run out of RAM/DISK IOPS BEFORE you congest your CPU. Unless you are doing some really crazy poo poo or have a 2-3 year old server/pc.
:eng101: Invest in SSD's, SATA disks are SLOOOW for VM's that require shared resources, invest in some SSD's
:eng101: Don't overbuy, this is a really common mistake, buy what you need for what you are doing and upgrade as needed.
:eng101: Look into things like VirtualBox or VMwareWorkstation, and updating your Gaming rig, PRIOR to spending 800 on some dell HW. I have built many PoC labs for my VCP/VCP-DT in workstation, it's a bit slower than ESXi white boxing but 100% DOABLE
:eng101: ESXi can run ESXi on top of ESXi, it can also run Hyper-V and Citrix. Often building 1 beefy box can outweigh multiple lower end boxes.


Erkenntnis posted:

Getting into the CCNA world essentially from scratch can be challenging, and learning about the different cisco models / features is almost part of the experience itself.


Questions like these are exactly why a central resource should be made, because anyone building physical labs is going to be looking at these routers on ebay with a random assortment of modules and model numbers.

So to append powercrazy's post - here has the been my experience for the past month (No CCENT/CCNA yet, so feel free to correct my errors).


Switch Models:

2950/2960


3550/3560 (Layer 3)


They most likely be sent to you without any IOS loaded, so you'll be coming to a "Switch:" prompt. Fortunately, Cisco switches generally have publicly available IOS images (behind registration, of course). Unfortunately, there is no way to manage a switch without IOS loaded "in-band" (through telnet or ssh), so you'll need a standard Cisco Console Cable.

What's even more challenging to the prospective student is that you'll have to figure out how to get an IOS image onto the switch without using a tftp server - but there's a nifty thing called XMODEM, which allows you to transfer a file over the console cable.

Here's a decent guide that I followed:

https://www.youtube.com/watch?v=zxTO5qxti-I

The 2950s don't have Auto-MDIX, so you'll have to use crossover cables to connect switch-to-switch. Not sure about the 3550s.

Router Models:

26xx xm (2610/11 xm, 2620/21 xm, 2650/51 xm)

18xx,28xx

Your best bet is going to the 2600xm series. Usually much cheaper than the rest. The 1800 and 2800 are both newer, have higher memory (and use memory cards!). and are more likely to have 12.4/T if you're buying off ebay. For routers, the image you get with it is the one you'll be using. (Outside of :filez:)

The standard 2600xm series router has one FastEthernet port, one console port, and one auxiliary port. The "xm" stands for expandable - so you'll be getting two WAN module ports, and one NM module port (Good for a Frame Relay router). Getting a 2611xm, 2621xm, or 2651xm will give you a second FE port. Here's what a 2600 series looks like:



Some common modules you'll run into:

NM-4T


WIC-1T


WIC-2T


WIC-1DSU-T1-V2


WIC-2AM*


*Not really useful for home labs, as far as I can tell.

Cables

DCE/DTE DB60 Crossover Cable - works with the NM-4T and WIC-1T


Smart Serial Male DTE to Male DCE Crossover Cable - works the WIC-2T


T1 crossover Cable - works with the WIC-1DSU-T1, and can be made from any standard Cat5e, I believe


e:Another cable that might be of use is a Smart Serial to DB/60 crossover. This will allow you to connect a NM-4T or WIC-1T to a WIC-2T

Sepist fucked around with this message at 15:34 on Aug 27, 2013

Falcon2001
Oct 10, 2004

Eat your hamburgers, Apollo.
Pillbug
This might be handy for me, I'm debating whether to go sink all the way into networking (I have background in it and have trained for CCNA a few times, but haven't bothered getting the cert) or just keep it as a handy secondary skill.

Dilbert As FUCK
Sep 8, 2007

by Cowcaster
Pillbug
I'll chuck in some Virtual stuff this weekend, gotta finish up my IT thread rewrite first

chrome taco
Apr 14, 2005

I'm no meteorologist, but I'm pretty sure it's rainin' bitches
Good work, bookmarking this.

thebigcow
Jan 3, 2001

Bully!
Think long and hard before buying used enterprise stuff for a lab, it tends to be loud and power hungry and at least for servers doesn't offer much if any of a benefit.

BurgerQuest
Mar 17, 2009

by Jeffrey of YOSPOS
I'd suggest refurb 2950/2960 (2 or 3) + GNS3 would really be all you'd need to easily lab anything in the CCNA curriculum, and a hell of a lot of the CCNP exam too. PacketTracer is a pretty good learning tool in that the learning curve is a lot lower than GNS3 + Wireshark, and it makes a fairly good attempt at emulating switching for study. It can't be hooked up to external networks/equipment however, but it does provide a good visualisation of the flow of things like STP, CDP etc.

You should also be able to pick up 1760 series routers with serial interfaces pretty cheap if you wanted to. I'm fortunate enough to have a bunch of ISR G2 stuff laying around/in stock to play with for a lab, but I've never had the opportunity to play with anything more than that (4500+ etc).

Diva Cupcake
Aug 15, 2005

I bought a Cisco 3550 on eBay for like $70 when I was studying for my CCNA. I plugged it in once and it sounded like a harrier jet. Proceeded to use Packet Tracer and the Cisco Learning Labs the rest of the way, which were pretty decent.

https://learningnetworkstore.cisco.com/market/prod/listSubCatLearnLab.se.work?TRGT=85&/nxt/rcrs/=2559#.UfHNMo2fgeM

Dilbert As FUCK
Sep 8, 2007

by Cowcaster
Pillbug
Posting my Lab

FOCUS VMware
Lab setup
Lab Machine:
Mobo: Super micro H8SGL
CPU: 6128
Memory: 40GB Ripjaw ram
Nics: 2
-frebee's- GT550
Storage
_______________
3x250GB refurbed drives
1x120GB drives
virtual freenas ZFS server 4.5GB ram, 20GbZlog and 20GB L2ARC
_______________
ESX hosts
2vCPU's
8GB ram
5vNICS
ISCSI over ZFS
_______________
DC 2008R@
CA/DNS/DHCP/AD/FS/SQL
vCenter
Vmware services

Cost: 997


Dilbert As FUCK fucked around with this message at 18:12 on Aug 27, 2013

sudo rm -rf
Aug 2, 2011


$ mv fullcommunism.sh
/america
$ cd /america
$ ./fullcommunism.sh


So your ESX hosts are virtual? I didn't even realize that was possible.

e:Sepist, feel free to take anything out of my post in the other thread you want to add. I didn't even see this thread when I first posted it.

sudo rm -rf fucked around with this message at 02:54 on Jul 26, 2013

Dilbert As FUCK
Sep 8, 2007

by Cowcaster
Pillbug

Erkenntnis posted:

So your ESX hosts are virtual? I didn't even realize that was possible.


I have Hyper-V and vmware running virtual on virtual. Yes it works performance is somewhat degraded but completely workable for labs

adorai
Nov 2, 2002

10/27/04 Never forget
Grimey Drawer
My home lab consists of 2x AMD Athlon x2 era dual core machines. One with 6x HDDs and 4GB of ECC RAM running openindiana for storage, and one with 8GB of RAM running ESXi 5.0. I can spin up a shitload of VMs and if they swap it's a bit slow but livable for a lab, and hey, I have a ton of space for my files.

edit: cost, excluding HDDs was like $400 or something obscenely low.

LargeHadron
May 19, 2009

They say, "you mean it's just sounds?" thinking that for something to just be a sound is to be useless, whereas I love sounds just as they are, and I have no need for them to be anything more than what they are.


Hey CC just thought I'd drop in and...wait what's all this talk about computers

Sepist
Dec 26, 2005

FUCK BITCHES, ROUTE PACKETS

Gravy Boat 2k
Updated the OP, thanks bros

psydude
Apr 1, 2008

Heartache is powerful, but democracy is *subtle*.
Linked in the OP of the cert thread.

ElvisG
Aug 18, 2004
I'm really excited about VIRL being released possibly this Summer. Some are saying it's going to be free and some saying that it is going to be a paid VM appliance product. I'm just excited to start learning the Nexus OS.

ElvisG
Aug 18, 2004
I just saw a video on youtube of a demonstration of VIRL. WTH, there is no configuration of anything. Everything is automated. So is the future of the CCIE going to obsolete?

I seriously thought that VIRL was going to be a Packet Tracer + GNS3 awesomeness.

1000101
May 14, 2003

BIRTHDAY BIRTHDAY BIRTHDAY BIRTHDAY BIRTHDAY BIRTHDAY FRUITCAKE!

ElvisG posted:

I just saw a video on youtube of a demonstration of VIRL. WTH, there is no configuration of anything. Everything is automated. So is the future of the CCIE going to obsolete?

I seriously thought that VIRL was going to be a Packet Tracer + GNS3 awesomeness.

Not remotely. You still need a relatively competent network engineer to deal with the logical configuration of the network. VIRL is meant to make it easier to lab difficult configurations.

Stealthgerbil
Dec 16, 2004


I have a dell cs24-ty with dual x5570 2.93 ghz processors and 32gb of ram which I paid like $300 for. Its been a lot of fun but I need to upgrade the a storage. Also one day I want to colocate it so I can run game servers from it.

BurgerQuest
Mar 17, 2009

by Jeffrey of YOSPOS

1000101 posted:

Not remotely. You still need a relatively competent network engineer to deal with the logical configuration of the network. VIRL is meant to make it easier to lab difficult configurations.

Not to mention the multi vendor environment we live in. They do seem open to the idea of running other virtualised platforms within VIRL however and that could be a huge boon.

smokmnky
Jan 29, 2009
work was tossing out some 2950s and 2948Gs so I grabbed them, now to actually do something with them.

Judge Schnoopy
Nov 2, 2005

dont even TRY it, pal
I think this may be the best option for a GNS3 question (maybe?)
Every time I drop a router on the sim or test the router image, I get blue screened to oblivion by Windows 7 Home. I catch a glimpse of the cmd prompt running for something and then everything explodes. Any tips?

psydude
Apr 1, 2008

Heartache is powerful, but democracy is *subtle*.

Judge Schnoopy posted:

I think this may be the best option for a GNS3 question (maybe?)
Every time I drop a router on the sim or test the router image, I get blue screened to oblivion by Windows 7 Home. I catch a glimpse of the cmd prompt running for something and then everything explodes. Any tips?

Have you tried another router image?

metavisual
Sep 6, 2007

This may be a dumb question, but I figured I'd mention it since this thread now exists.

I recently got some gear together for a lab. (I don't know if I will ever even take the CCNA exams, but I enjoy playing around).

I have 2x2950 switches and 2x1760 routers. I bought these all used from Amazon Marketplace.

They all currently have ios loaded on them, and I'm worried about losing that.

Does it make sense to set up a tftp server on a local machine and back up the ios images before I do anything else?

(Or is this not really an issue and should I not really worry about losing my ios images?)

psydude
Apr 1, 2008

Heartache is powerful, but democracy is *subtle*.
In order to lose the IOS images you'd have to physically damage the equipment.

Judge Schnoopy
Nov 2, 2005

dont even TRY it, pal

psydude posted:

Have you tried another router image?

I've tried multiple, each with the same result. Even with the image file blank (no image selected) if I select 'test image' it gives me the blue screen. That leads me to believe it's gns3 causing my troubles. The program works fine without any routers added but then it's kind of useless.

metavisual
Sep 6, 2007

psydude posted:

In order to lose the IOS images you'd have to physically damage the equipment.

Ahh okay. I thought that might be the case, but I figured I'd ask. I wasn't sure if they could become easily corrupted or anything.
(Being an Enterprise Windows admin will do that to you ;))

Thanks for the help!

smokmnky
Jan 29, 2009
If you are running windows you can always use http://tftpd32.jounin.net/ for a super easy tftp server. We use it a work to push IOS updates to some of our older switches. Super easy, just double click an exe and go. Close out the program when you're done

metavisual
Sep 6, 2007

smokmnky posted:

If you are running windows you can always use http://tftpd32.jounin.net/ for a super easy tftp server. We use it a work to push IOS updates to some of our older switches. Super easy, just double click an exe and go. Close out the program when you're done

awesome! Thanks for the tip

psydude
Apr 1, 2008

Heartache is powerful, but democracy is *subtle*.

Judge Schnoopy posted:

I've tried multiple, each with the same result. Even with the image file blank (no image selected) if I select 'test image' it gives me the blue screen. That leads me to believe it's gns3 causing my troubles. The program works fine without any routers added but then it's kind of useless.

I'd try posting on the GNS3 forums. They're pretty helpful.

I also remember reading somewhere that having the wrong amount of memory assigned to the IOS image can cause serious issues, but it doesn't sound like that's the case. It may actually be a problem with DyanamIPs.

DropsySufferer
Nov 9, 2008

Impractical practicality
Closing on earning my CCNA this month I finally wanted to have my own lab mainly for fun. I have a couple of 2950s and one 2600 router on the way. I'm also going to order a 871w which is basically a home router but with full IOS functionality on it.


Cheap for what it does though I wish it had N capability.I like the idea of a practical home lab which is what a device like this represents I also think I'll use the IOS more often as a result.

evol262
Nov 30, 2010
#!/usr/bin/perl

Sepist posted:

This is the thread for setting up home labs on a goon budget; where cheeto stained fingers meet enterprise networking
I really wish this weren't so Cisco-focused, honestly. Home labs for people studying for various server/VMware certifications are just as popular, but I'm also excited to see that GNS3 is so much friendlier than it used to be.

Sepist posted:

Systems: System can be emulated with VMware ESX or Workstation / Microsoft Hypervisor / Oracle VM VirtualBox. You would install one of those products and from there you can install virtual machines. You would need to :filez: an ISO of your target operating system and install it on a blank virtual machine. If you don't have a spare server/workstation to install ESX on, you can run ESX inside of a VM like you would any other virtualized OS, then build VM's into that, effectively making the inception version of server virtualization
Nitpicky, but ESX is a dead product. ESXi is free (forever) with registration. It's really easy to reinstall every 60 days to keep full functionality (including vSphere) if you're cheap. Secondly, you don't need to :filez: anything if you use Linux.

Sepist posted:

V. Server VM Gotchas

I don't know of any so this needs to be updated
Clock rate syncing on RHEL5 and older versions of Windows. Not a problem if VMware tools are installed (or elevator=deadline in Linux, but potentially an issue).

Sepist posted:

For the non-networking people, I guess you could just set up a shitload of Windows 2008 R2 servers and make yourself a AD / DNS / CA authority, tie all your home computers to the domain and lock mom out of farmville when you get grounded.

Linux. You absolutely do not need WIndows for DNS, DHCP, LDAP, and Kerberos (though you obviously do for AD), but hey.

Dilbert As gently caress posted:

virtual freenas ZFS server 4.5GB ram, 20GbZlog and 20GB L2ARC
1GB RAM per TB of ZFS storage, right? That's pretty much optimal without dedupe.

Dilbert As gently caress posted:

DC 2008R@
CA/DNS/DHCP/AD/FS/SQL
vCenter
Vmware services
It's bad practice SQL Server on the same box as an AD controller.

Why is one of your ESXi boxes addressed by IP when you have DNS?

SamDabbers
May 26, 2003



evol262 posted:

Linux. You absolutely do not need WIndows for DNS, DHCP, LDAP, and Kerberos (though you obviously do for AD), but hey.

Ahem, Samba4 :colbert:

Sepist
Dec 26, 2005

FUCK BITCHES, ROUTE PACKETS

Gravy Boat 2k

Thanks, I updated the OP a little bit.

evol262
Nov 30, 2010
#!/usr/bin/perl

SamDabbers posted:

Ahem, Samba4 :colbert:

I was under the impression that you still need a Windows environment to do anything useful with AD, unless the Samba guys have created a meaningful way to edit/apply GPOs and anything else which makes AD practical.

SamDabbers
May 26, 2003



I suppose I should clarify that you don't need Windows Server in your environment to do AD if you use Samba4. You're correct; you still need a Windows client with the server management tools to administer the Samba4 Domain Controller. Then again, what's the point of using AD if you don't have a Windows client to manage in the first place?

MrMoo
Sep 14, 2000

The Samba team had a web server to perform AD servitude but sanity shone through and they realized they're not web developers and removed it.

ate shit on live tv
Feb 15, 2004

by Azathoth
If you are planning on making a network lab specfically for networking, then creating an NMS server is a good first step, in the enterprise as well as the lab.

FTP/TFTP Server
Logging Server
NTP Server
DHCP/DNS/etc.
Management Portal Server/Console Server

All of these can and should be the same device and basically think of it as the entry point to your network. You will consolidate all logs, backup all images, and use it as your one stop shop for management and learning. Also just learning how to correctly setup and deploy all of those features/services is a great way to start to get into the more interesting parts of IT.

evol262
Nov 30, 2010
#!/usr/bin/perl

SamDabbers posted:

I suppose I should clarify that you don't need Windows Server in your environment to do AD if you use Samba4. You're correct; you still need a Windows client with the server management tools to administer the Samba4 Domain Controller. Then again, what's the point of using AD if you don't have a Windows client to manage in the first place?

For some people, it's easier to just use AD than to get DNS, DHCP, LDAP, and Kerberos all on the same page. I mean, I don't really see the point either, but it happens.

Powercrazy posted:

If you are planning on making a network lab specfically for networking, then creating an NMS server is a good first step, in the enterprise as well as the lab.

FTP/TFTP Server
Logging Server
NTP Server
DHCP/DNS/etc.
Management Portal Server/Console Server

All of these can and should be the same device and basically think of it as the entry point to your network. You will consolidate all logs, backup all images, and use it as your one stop shop for management and learning. Also just learning how to correctly setup and deploy all of those features/services is a great way to start to get into the more interesting parts of IT.

Ask yourself honestly: "does my network need a bastion host?" The answer is probably no. Even if it does, there's no reason for DHCP/DNS to be there. Syslog should be inside the network (not on a bastion). [T]FTP should be inside the network unless you're providing public FTP services (it's 2013, don't do this).

Adbot
ADBOT LOVES YOU

ate shit on live tv
Feb 15, 2004

by Azathoth
I'm talking specifically about a lab setup. If you are doing your CCNA and you are planning on going further, then learning what all those services are and how to deploy them is a good idea.

Obviously in the enterprise many of those services will be separate especially as the environment scales. For a home lab, all of that stuff can be deployed on a single router.

  • Locked thread