server Suggestion for building NAS/ ROUTER/ SMART HOME server!

[Shanewaz Sultan]

Hello good people.
I recently bought my apartment.
Right now I am looking to build a Nas to edit videos directly of of it, Build my own Router/WAP/SWITCH and also get into Smart Home.
I have no idea about these things. I want to build something thats future proof and reliable. I would prefer for all of this to be ONE SYSTEM.
The DIY part is really important to me in this regard.
Any and all advice is appreciated.

[manikyath]

just.. no.

 

both a WAP and a switch are a very purpose-made product and it makes no sense what so ever to mimic their behavior with computer hardware. it costs more, and the result is objectively worse.

[ToboRobot]

Here is a podcast about people who recently built a switch (for their rack scale computer company). 

Some things are hard, and progressive learning (step by step) is a good idea.  Like building a switch. 

If you have no experience with these things, start with a NAS or a Router.
 

 

[Windows7ge]

You're really going to want your router to be bare metal independent from your NAS and other hosted software. There will be times when the server has to be shutdown and you don't want that taking your router and Wi-Fi offline with it so I would suggest two boxes here.

 

The WAP could be a PoE AP from the likes of Ubiquiti or your preffered vendor.

 

The switch your most cost effective option is to just buy a switch. Although building one is possible with Linux distros you don't need to go down that rabbit hole for something you plan to rely on unless it's part virtualization integration. Even then you wouldn't have many ports to work with.

[Shanewaz Sultan]

On 8/13/2023 at 7:01 PM, manikyath said:

just.. no.

 

both a WAP and a switch are a very purpose-made product and it makes no sense what so ever to mimic their behavior with computer hardware. it costs more, and the result is objectively worse.

I might not have been very clear! Let me clarify.
I DO NOT WISH TO BUILD EITHER THE WAP OR SWITCH. I will buy them.
I want to use the pc as the brains (router) for those devices. since the chips built into all in one products are really weak.

[mMontana]

My approach is quite not liked by everyone: one device, one function, unless virtualizing.

 

And virtualize is by itself a 3-4 steps up in complexity (yet achievable).

In small environments (no servers inside), RouterFirewall is the master of the network: provide most of networks servicese (net 2 net VPNs, Roadwarriors, VPNs, DHCP and DNS servers, ACLs for internet, custom routing for special arrangements (two connections, so on).

In slightly bigger environments, RouterFirewall is the master of connections (remove DNS, DHCP, userbase only for VPNs) then the server is master of the networks, providing also services for other "branches" of network in the same site (I prefere wireless network separated from wired networks...). According with bandwidth required, via firewall or via specific network adapter (virtual or phisical does not matter).

 

Biggest disadvantage: longer and more complex to implement. 

Another disadvantage: controller-based devices (like UnifI) need to be specifically configured to allow communication from devices to controller, and this could lead a longer time for a safe yet effective configuration.

Bigger advantage: scale up easy, fast, consistently.

Other advantage: any software/appliance could be replaced with another one with the same scope, or even bigger, without "forcing" you to do massive overhauls of the network structure. Change server/nas for server/nas, change firewall router for firewall router.

 

You need more wireless networks? More vLANS on different SSID, so you have "home newtork" for your devices (with own set of rules) and guest network for... guests (with own and different set of rules).

Need bigger wireless network? you add a small subset of your switch or a little switch wireless only, then you ad another AP.

Need bigger lan, for cable and addresses? More switch ports, change of subnet in Firewall, server... then DHCP allows your client to connect.

Need a specific use subnet with mixed role (PBX, IoTs, cloud-based automation?) You can mix and match cable and wires, without putting all "foreign controlled" devices, that should not be poking around on what's in your network.

 

With this mindset, going virtual it's gonna make a lot of work for avoid the virtual space to be the overflow of unwanted traffic between subnets. And this might be a tougher task if vLAN are yet not... known and managed at least correctly.

 

[LIGISTX]

On 8/13/2023 at 5:21 AM, Shanewaz Sultan said:

I would prefer for all of this to be ONE SYSTEM.

Everything can be virtualized, but don’t virtualize your router… at least not until you are much more comfortable with both networking and virtualization. 
 

Virtualized router/firewall is a huge pain and can get tricky, so you need to have more experience with both networking and managing virtualization before you try and tackle that. 
 

The rest is not too hard. Look into treunas scale or unraid for the nas part, home assistant for home automation, and you can run this all virtualized under proxmox.

[mMontana]

Also, some projects like IPfire consider virtualize router/firewall a bad idea because you sum the vulnerabilities of the router/firewall software with the vulnerabilidies of the virtualizer. If someone takes over the virtualizer, could also access to the firewall itself (it's like having hardware access to the computer)