===== About =====
A friend and I have a homelab setup between our houses. We have been slowly amassing assorted old servers to add to this lab so that we have a fun playground and can host all the game servers and websites we want.


===== Hardware =====
  * 2x Netgate SG-3100 (pfsense)
  * 1x Netgate SG-1100 (pfsense)
  * 1x HPE DL360 G6
  * 6x Lenovo DL350
  * 5x Raspberry pi 3B/4
  * 1x HPE G5(?)
  * 2x Old desktop
  * 1x 42U Rack
  * 2x Netgear S3300-28X stacking switches
  * Assorted switches

Totaling to ~350gb ram, ~60 cores @ 1.6-3.5Ghz, and ~30tb raw disk capacity

===== What are we doing with all that??? =====
Good question! Mostly just messing around, having fun, and learning!

I connected all 3 pfsenses via ipsec tunnels so that the infrastructure at each location is accessible from the other 2.

I run my website (this one) as well as a few other sites from one of the old desktops. I also run a minecraft server across both of the old desktops.

My friend is using 2 of the PIs to run his website.

We currently have 3 Lenovos in a XCP-ng cluster and the other 3 in a Proxmox cluster. We have the G6 setup as a NAS backing the VMs that we have running on the cluster.

Oh boy, live migration is so neat when you are running VMs off of a SAN! You just click a button and boop its on the other host!

We have two of the PIs setup as [[https://pi-hole.net/|pi holes]] for DNS based ad blocking. Currently we are blocking ~7.5m domains.

We have a Factorio server running on the G5.

We have 2 Netgear S3300-28X switches so that we can use link aggregation to get a redundant, high throughput storage network connection.


Each location is assigned a 10.**x**.0.0/16. Subnet ip ranges are standardized to:
  * 10.x.**0**.0/24 : DMZ
  * 10.x.**1**.0/24 : Admin
  * 10.x.**2**.0/24 : LAN
  * 10.x.**3**.0/24 : Other

This way the ipsec tunnel only has to allow access to 10.X.0.0/23 externally, and can safely block incoming to anything else. Anything that does not have a 10.x address is only for local access/internet access and will not be able to traverse the ipsec tunnel.

Here is a netmap! I removed some information from it but it should give a decent idea of how I have things setup
{{ ::colo_netmap.png?nolink&600 |}}


===== History =====

  * 2016: I got my first desktop. Since then I have been running various websites and game servers in my free time.

  * 2019: I got a second desktop to use as a dedicated server. I also added a pihole which functions as a wifi access point for my laptop.

  * 2020: I got a small Netgate firewall running pfsense.

  * 2021: I got an old HPE server from my school which was selling a bunch of old hardware.

  * 2022, May: I received a 42U rack. A friend and I decided to combine our home labs to this rack and colo out of their basement.

  * 2023, December: I bought 6x Lenovo RD350 and a HPE DL360 G6 which where being decommissioned from my school's datacenter.

  * 2024, January: I got 2x Netgear S3300-28X so that we would have good stable networking and so I could play around with stacking