Tom's Wiki

Forget-me-not

User Tools

Site Tools


lab:notes

Notes & Ideas

  • Zeek or other IDS to play with - but we need to make sure it can only listen, not talk to, all LANs.
  • Tiny Pi 0 cluster - have three! Need two power cables, ethernet, switch. PoE? probably overkill. How to mount them? LEGO? Could be for DNS, but how do we handle giving only one IP to clients? Is this something k8s/etc deals with? Gotta learn!
  • Old Cisco kit, console server
  • PiKVM/similar for everything
  • Move from CF Tunnels to NGINX Proxy Manager + Tailscale; Tailscale firewall rules to restrict traffic.

Done

  • Windows AD Lab: Pfsense/Other router VM with new vswitch the Win clients are on.
  • “DMZ” VLAN for externally accessible services - Grafana, NGINX, Jellyfin. Manually punch firewall rules when required (Grafana to InfluxDB, for example).</del * <del>Perhaps we could swap Pi 3b (pi3) out for a Dell Wyse or something similar? More power for UniFi is certainly needed.
lab/notes.txt · Last modified: Fri 19 Jul 2024 (00:58) by Tom