Wow, what a reality check. I don’t even know how long it’s been since I’ve even read this website. What started out as a pet project to show my progress just kinda got pushed to the side to make way for studying and work and, well, homelab stuff. The truth of the matter is the longer I went in my schooling and learning the more and more it felt like there was just so much to learn, and I’d been having troubles fighting this feeling of imposter syndrome when in reality I think its more of a thing of the more you know, the more you understand how much more there is to know. I read over this blog that hasn’t been updated once since its beginning, and it actually made me realize just how much more I DO now know. So lets get into it.
SCHOOLING
Where to start. I guess a schooling update would be the best place. I’ve been in school now for a year. I just finished my first year and am now a little over a month into my second year. I’ve gone through a lot of classes, and all have given me at least something to say I’ve learned, however, the ones of note are obviously the ones that have ended with me earning certifications in IT. Certificates I’ve earned so far are ITIL 4 Foundations in IT service management, LPI Linux Essentials, CompTIA A+ as well as CompTIA Network+. I’m currently studying for my CompTIA Security+ to finish the CompTIA triad.
Initially my goal was to finish schooling in 2 years. This was mainly due to the fact that I really want to get into IT as quickly as possible and start the career that I know I was meant to do. After over a year of study and homelabbing, I know that I enjoy it, and I even enjoy learning it still. I don’t know that I’ll ever get tired of learning new technology and applications of that technology. Does it get painfully frustrating sometimes when it’s 12:30am and you have to wake up for work in less than 6 hours but you really want to make sure that that ONE thing is fixed tonight otherwise you know its all you’re going to think about tomorrow? Sure. But the fact that I’ll go through that and finally get to bed at 1:00am because I finally figured it out, without ever even having the thought that its too frustrating for me to continue, makes me know that it’s what I wanna do. I digress though. It’s looking like it will likely be a little more than 2 years for me to get my degree. That doesn’t discourage me though. I’ll get through it. I’ll get a job and I’ll finally get to where I want to be. Just wait.
HOMELAB
Now the fun part. My homelab. Man…its changed. Like a lot. When I first created this blog I had one Protectli Vault with pfsense and one Unifi 8 PoE managed switch, with a TP-Link Archer AX73 router. I’ve learned a LOT since then…and I’ve spend a LOT of money since then, and have a lot more of a homelab than I did.
-pfSense
For starters, since I already mentioned the pfsense I guess I should mention I switched to OPNsense. I did this because it seemed like pfsense was switching their focus on the for profit side of the business, and starting to neglect their open-source and free side. By this I mean updates were not happening very often, but on the paid version you got updates quite often. This was one of the reasons but the actual bigger reason I switched was the initial idea of pfsense was to incorporate my entire network to be anonymized by a VPN. I wanted every device I used, whether computer, tablet, or even phone, that was connected to my network to be under a VPN umbrella. The two basic protocols out there for that are OpenVPN and Wireguard. They’re both great, however OpenVPN uses TCP while Wireguard uses UDP. OpenVPN, because it has more code than Wireguard and its encryption protocols add overhead, is quite a bit slower than Wireguard, and, being somewhat of a gamer at that point, I wanted the speed.
Initially this caused issues with pfsense. No matter what I tried, I could not for the life of me get pfsense to accept my VPN through wireguard. Attempt after attempt failed, and I attributed this to pfsense itself and not my own misunderstanding. I’d learn later that I was wrong and it was absolutely my misunderstanding of how wireguard, and VPN’s in general worked. Refusing to settle for OpenVPN, I decided a change was in order and made the switch to OPNsense. It was a pretty smooth transition as the two pieces of software share a LOT of similarities. Most things I had learned on pfsense almost directly carried over to OPNsense. Things like firewall rules, firewall aliases, NAT, DHCP settings and VLANs all just worked. There were minor UI differences here and there, but essentially it was like working with the same software. Then, I tried wireguard again…. It didn’t work. I ran into the same issues I had when attempting it on pfsense. Activation of the tunnel would, in most cases, just break my network altogether. Again I set off to try and try and try to get it to work and just failed and failed and failed. It got tiring. But more than that I got busier. While this was all going down I was playing around with more and more different technologies and applications. I set up my first proxmox server. Started learning about LXC’s and docker. Playing around with docker containers and started self hosting my own services. I was hooked. So hooked, that I kind of let the wireguard tunnel fall by the wayside. Occasionally the thought would pop in my head, but all in all I’d convinced myself that there were other things I was learning about, I didn’t have the time. Then one day I had had enough. The main goal of my entire network from the get-go, and I’d just let it fall by the wayside. I was irritated…disappointed in myself even. I got the fire back. I got determined. I made it my job for almost an entire week to get it to work. I failed, and failed and failed……and then…I didn’t. It worked! It finally worked. In that week I had gone through so many settings, configured and reconfigured wireguard. Jumped through hoops I didn’t even have to just to try something new. And in all those failures, I’d finally stumbled upon the real solution. NAT. To be fair it wasn’t just NAT. There were many things I learned about a wireguard tunnel through the whole ordeal. I learned about Gateway settings, NAT settings, Wireguard Interface and Peer configurations. I’d learned about public and private keys for a wireguard tunnel. And I continued to learn. I knew I needed at least one VLAN that DIDN’T use the VPN. So I had to figure out how to selectively use firewall rules that included Gateway rules to force traffic through a certain gateway. I had to learn how to keep Mullvad from Hijacking my DNS so that I could use my carefully crafted DNS chain from my Domain Controller (yeah thats a thing too), to my AdGuardHome DNS sinkhole (another thing I learned), to Unbound DNS on OPNsense which sent out my DNS requests encrypted using DoT to Quad9 (yeah…its a bit complicated of a setup but there were reasons lol). Dang…looking back on this whole thing I learned a lot. Quite a lot. But, in the end, and after probably 9 months of going without the one thing that I wanted from the start, I got it working. That feeling. That excitement. Man it lasted days. I can’t even tell you how many times I went to whatsmyipaddress.com just to smile when it showed me in, well, multiple different places. I mean who wouldn’t switch it around at that point just for the gratification of knowing you could. That was a key moment I think for me.
Wow…tht was a trip down memory lane. It kinda veered off to be more than just “pfSense” but I felt it necessary to build my story of how it all started before digging into the meat and bones of where I am now. I mean come on, this is a blog afterall right? Anyway, what’s next?
-Unifi
I guess we’ll just go through the items you already know about. Next in line was the Unifi 8 PoE switch. And guess what…its still around. Its been a workhorse in my network and, while it has been a bit replaced in its “best of the homelab”, its still runner up. I have upgraded my main switch to a Unifi Enterprise 8 PoE. It works great and its got two 10G SFP+ ports I use to connect my Synology NAS to one of my Proxmox Hypervisors where fast transfers are needed. I recently purchased yet another Unifi switch (a 2.5 Flex) that I’m planning on powering with the Enterprise 8 PoE and putting in my server rack as well. Oh yeah, I’ve got a server rack now. So I guess you could say I’m kind of a Unifi fanboy. I’m not sure how long it will last though. While the consumer grade equipment is at least manageable to my wallet (though not entirely justifiable lol) the pricing is a bit restrictive on the actualy type of hardware I can afford, and my homelab is approaching the point of needing a full rack mountable switch. I love unifi, I do, but that’s just not really feasible unless I find a REALLY great deal out there. I’ve become quite the fan of facebook marketplace, ebay, and if I could find anything worthwhile on craigslist I might even risk it there if the deal is good enough and I’d not be losing that much if I got a lemon.
-Archer AX73
So my wifi router. Yeah…that thing was fun. Basically it worked well enough I guess. But the issue was always that for whatever reason, it did not like AP mode. I’d get it to work for a while, and then have to reconfigure something and factory reset the thing…then I’d have to go through the hassle of fighting my way back to a working configuration in AP mode again. Honestly, it was a headache. So much so that I decided to buy a proper AP. I wonder what brand I got….Yep. That brand. Unifi had quite the good ratings for their Unifi U6 Pro and I found it for a fairly decent deal. Knowing how much I liked the Unifi Controller interface, I went ahead and bought it. There were some initial headaches setting that up too to be honest. Just some quirks of getting it adopted to the controller, but once it finally did its been great ever since. Oh and the Archer, I just last night set my parents up with a home network to get them away from the crap the ISP gives you and now they’re using it. No E-Waste here lol. I finally think I’ve nailed down the AP issues though. At least with that specific router. I had the same troubles switching it to AP mode at my parents house and what I finally did to get it to work was figure out that theres a boot sequence between the AP and the OPNsense machine that made it finally kick in correctly.
-More to come
So theres a LOT more to go over. I have so many more projects and hardware to talk about. A NAS, Kubernetes cluster, multipe new hypervisors (including one enterprise grade Dell R730 Server), many many self-hosted services, and much more. But as it’s almost 8pm and I really do need to get SOME school done tonight, I’m gonna just recommit to attempting maybe weekly updates at this point with the huge caveat that I’m very busy being a full time student, with a full time job and a homelab to run on the side. It very well could be months again before the next update (hopefully not). I do realize this was quite the long post, but to be fair there was a lot of catchup to do. Theres still a lot to do, and that will all come. Long story short though, as long as your’re learning, you may think like your stuck in a spot, or you don’t know what you need to know, but if you can look back, really look back at where you were when you started, its astounding how more often than not you’re WAY further ahead than you think. Good wishes to anyone who stumbles across this. I thank you if you made it this far in reading my update. Check in from time to time if you like. Eventually I’d like to put a comments section just in case someone does stop by and has any suggestions or comments to add. Anyway, till next time!