this post was submitted on 03 Jan 2024
9 points (90.9% liked)

homelab

6602 readers
1 users here now

founded 4 years ago
MODERATORS
9
submitted 10 months ago* (last edited 10 months ago) by sabreW4K3@lemmy.tf to c/homelab@lemmy.ml
 

As I'm in the beginning steps of sorting out my homelab, I'm starting to ask questions I haven't asked before and come across conundrums I hadn't considered previously. One of which is how to sort out pi-hole given that my ISP has locked down the router tighter than a tight thing.

As I had been reading about and watching YouTube videos, I had stumbled across Tailscale and the idea of VLANs is a nice one. That coupled with wanting to block ads and a new router seemed to the optimal choice.

Another thing is that I eventually want to get a Reolink POE video doorbell and Reolink E1 outdoor camera for my garden and so I'm trying to think somewhat ahead as the last thing I want is a server rack in my house. Aesthetically speaking.

So I stumbled across all the recommendations for Mikrotik and they're really reasonably priced, especially compared to the Netgear Nighthawk thing I was looking at for ten times the price.

The Mikrotik HAP AX Lite is reasonably priced, does all the cool new stuff, let's me set up virtual local area networks, has room for growth and has PoE capabilities. It seems to be the perfect choice. But is it? Because it seems almost too good to be true.

top 25 comments
sorted by: hot top controversial new old
[–] Shadow@lemmy.ca 5 points 10 months ago* (last edited 10 months ago) (1 children)

Consider a micro pc running opnsense (or Pfsense) instead.

Just look on amazon for "micro firewall pc" and you'll see what I mean. Then you can look into separate APs.

It'll cost more, but it's a better step for your home lab.

[–] sabreW4K3@lemmy.tf 1 points 10 months ago

When you say separate access points, what do you mean? I'm probably not understanding you correctly, because I'm interpreting it as you're saying that I should buy separate devices for WiFi?

To me that pretty much defeats the point completely. Most of my house runs on WiFi and I also don't want a server rack or loads of different pieces of equipment strewn around the place, hence why the Mikrotik is so appealing, as it can route, firewall and do POE all at an incredibly reasonable price. That said, reading some comments online, it's got a steep learning curve and it's really hands-on.

[–] neidu2@feddit.nl 4 points 10 months ago* (last edited 10 months ago) (1 children)

I'm not that picky in terms of routers, as long as it is rack mounted. I happen to use a Fortigate 101E that was no longer needed at work.

While it does support VLAN, I don't do that on the router, as Fortigate can be a bit of a pain in the ass when it comes to VLAN tagging. I instead have dedicated ports for the various network I serve, each of which connect to the same switch.

On this switch I have each of those uplink tagged as access ports for the VLANs they represent. Then the remaining ports can be tagged as I please. A few extra patch cables, but only dealing with VLAN tags on aruba makes it so much better.

As for PoE, that's best done on a switch. My Aruba powers all of my access points this way.

[–] sabreW4K3@lemmy.tf 1 points 10 months ago

That seems to be way more than what I want to do.

[–] cmbabul@lemmy.world 3 points 10 months ago (1 children)

pfSense either virtualized or on almost any cheap mini pc with more than one nic

[–] sabreW4K3@lemmy.tf 1 points 10 months ago (2 children)

But then what do I do about WiFi? Sorry if it's a stupid question.

[–] cmbabul@lemmy.world 2 points 10 months ago* (last edited 10 months ago) (1 children)

Naw not dumb but thats kinda your call, I just put my old WiFi router in Access Point mode and hooked it up to the machine I’m using and it works great. I’m sure it’s possible to use a pcs internal radio to broadcast but I’ve never researched that myself

[–] sabreW4K3@lemmy.tf 1 points 10 months ago (1 children)

So here's a random related question, given that you're using your old router, does that mean you have nothing connected at 5GHz?

[–] cmbabul@lemmy.world 2 points 10 months ago* (last edited 10 months ago) (1 children)

So I said “old” but it’s still relatively new and broadcasts on both 2.4 and 5 ghz

[–] sabreW4K3@lemmy.tf 1 points 10 months ago (1 children)
[–] cmbabul@lemmy.world 1 points 10 months ago* (last edited 10 months ago)

I actually missed that you mentioned the nighthawk in your post somehow, I bought one in 2020 so I wouldn’t have to rent Comcast’s but that’s what I’m currently using. If you have your own wireless router that broadcasts on the frequencies you need with the SSIDs that are already in your various devices you can almost certainly just throw that into AP mode and then just connect it to pfsense once it’s configured and not miss a beat.

I’d also recommend getting your own modem(arris surfboard s33 is my recommendation) if your ISP allows it

[–] Nommer@sh.itjust.works 2 points 10 months ago (1 children)

You can purchase wireless access points for fairly cheap from ubiquiti. Wire it into a switch and once you configure it you're done. You don't need the software for it running 24/7 unless you like metrics.

[–] sabreW4K3@lemmy.tf 1 points 10 months ago (1 children)

Was it Ubiquiti that just had a gate of some sort or another or was that Unifi?

[–] Nommer@sh.itjust.works 2 points 10 months ago* (last edited 10 months ago) (1 children)

Unifi is ubquiti's brand. They do sell routers and switches too, but I bought an AP from them like 6 or 7 years ago and it's still working. I don't use wifi other than for my phone so I don't need to upgrade my wiress.

[–] sabreW4K3@lemmy.tf 1 points 10 months ago

There was definitely a recent something or another that made me very cautious when it comes to them.

That said, going the AP route probably isn't for me. I live in a normal UK house. I don't have Ethernet running through anywhere. Just to get it to the back and front for the Reolinks, I'll probably end up running some ugly trunking and on top of that, I'd probably once again, start heading towards server rack territory and I really don't wanna do that. Especially when I can get something that supports WiFi 6 for £60 and is just a single device for me to plug in.

[–] lemming741@lemmy.world 3 points 10 months ago (2 children)

Be aware that some Reolink cameras (B800 for certain) require a reolink DVR. The alternative is neolink, a program that reverse engineers the protocol.

[–] sabreW4K3@lemmy.tf 1 points 10 months ago

Thanks. I've been keeping an eye on the E1

https://m.reolink.com/gb/product/e1-outdoor-poe/

[–] StefanT@lemmy.world 1 points 10 months ago* (last edited 10 months ago)

I run Reolink cameras with frigate, but I use "only" the video streams. But yeah, you have to have a close look at the model you buy if this works.

[–] MSgtRedFox@infosec.pub 3 points 10 months ago

Peotectli makes a small appliance.

Dell thin 1050 or 5010 extended has PCI slot.

[–] LunchEnjoyer@lemmy.world 2 points 10 months ago (1 children)

Since you mentioned Tailwind, you should check out Tailscale too. I believe it to be better suited for personal Homelab use over tailwind, I could be wrong though.

[–] sabreW4K3@lemmy.tf 1 points 10 months ago

Tailscale was totally what I meant.

[–] MangoPenguin@lemmy.blahaj.zone 2 points 10 months ago* (last edited 10 months ago) (1 children)

Mikrotik HAP AX Lite

Looks like it's 2.4ghz only, which is really odd. Mikrotik is also really difficult to configure in my experience.

Typically a better setup is a dedicated router, and at least 1 dedicated WiFi AP, that way you've separated the 2 and can upgrade one without the other as technology evolves. TP-Link Omada APs are decent, as are Unifi.

One of which is how to sort out pi-hole given that my ISP has locked down the router tighter than a tight thing.

Easy way in that case is use Pihole for DHCP and DNS together. Assuming you can disable DHCP on your router.

[–] sabreW4K3@lemmy.tf 1 points 10 months ago

Oops meant the AC Lite. I think I was obsessed for multiple reasons, including intimidation, but I'm now coming around to the idea of trying something new. I guess I won't get to do it as cheaply as I wanted to.

[–] lucullus@discuss.tchncs.de 2 points 10 months ago (1 children)

I don't know about Mikrotik, but it might also be interesting to buy something, that is running on OpenWRT, an open source router OS. That way you would have maximal configurability. I recently purchases a GL.iNet AXT1800 for my own home lab (though I'm currently only using it for the isolated homelab, not for the rest of the house). You can even host stuff directly on the router with OpenWRT. I currently have Centos 9 repos hosted there and DHCP/TFTP for network installation of VMs via PXE boot.

[–] sabreW4K3@lemmy.tf 1 points 10 months ago

After digesting everything people have been recommending, I'm now looking at this an Intel N100 Celeron N5105 Soft Router Fanless Mini PC 4x Intel i226 i225 2.5G LAN HDMI pfSense Firewall Appliance ESXI AES-NI