Hello, I’m getting into self hosting and looking to setup a small home lab to play around with different technologies. I’m considering setting up a DMZ to keep my lab hardware separate from the rest of the network and other users. What is some of the minimal hardware required to do this on a small budget? Also what are some of the necessary security measures I should understand. One of my first projects would be to setup a small Linux box that I can ssh into remotely. Thanks.
EDIT After much reading today and great guidance from this community this is basically what i ended up doing… Got a dell optiplex on ebay for about 55 bucks and a dual intel network card on amazon with a managed switch. If i can bridge my current router as an access point, i should be on my way! This community rocks! Lemmy is awesome!
You can physically isolate by running multiple independent switches, you could run different subnets on the same switches or you could VLAN separate but that would require a managed switch or setting up your topology that something tags the traffic with the proper vid before running on the unmanaged switches. All have their pros and cons but i would strongly recommend getting a managed switch (managed firewalls/routers/switches depending on features/port count can all fill that need) and doing VLAN separation if you don’t have a lot of equipment you’re starting out with.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.
Rules:
Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.
No spam posting.
Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
You can physically isolate by running multiple independent switches, you could run different subnets on the same switches or you could VLAN separate but that would require a managed switch or setting up your topology that something tags the traffic with the proper vid before running on the unmanaged switches. All have their pros and cons but i would strongly recommend getting a managed switch (managed firewalls/routers/switches depending on features/port count can all fill that need) and doing VLAN separation if you don’t have a lot of equipment you’re starting out with.
Thanks for the advice! I ended up getting a managed switch on amazon and an older dell computer to set up OPNsense. Can’t wait to get started!