Differences

This shows you the differences between two versions of the page.

--- gentoo:network [2024/10/24 06:18] – created willy
+++ gentoo:network [2025/03/13 14:45] (current) – willy
@@ Line 1: / Line 1: @@
-====== Home Server Networking setup ======
+====== B) Home Server Networking setup ======
-You will need at least two network connections on your home server. I mean at least two physical network Ethernet card. You could use one WiFi link, but i prefer to have the backbone on wired.
+I assume you have already figured out how many network connections you need on your home server, and which IP address to assign to them.
-You need one Ethernet connection that will be plugging your internal network, i will call this **enp0s31f6** or LAN.
+You will need at least two network connections on your home server. I mean at least two physical network Ethernet card. You could use one WiFi link, but i strongly advise against such choice for stability and bandwith reasons.
-You need one Ethernet connection for each ISP gateway, while you might do with only one for both, provided you properly assign multiple IP addresses to the same interface. I will call ISP1 **enp0s20f0u4u4c2** and ISP2 **enp59s0u2u4c2**.  The hardware aspect of the network devices has been discussed in [[selfhost:hardware|here]].
+Depending on your setup, you might have more than two NICs (Nework Interface Cards) and they might be PCI/Express or USB-3/C.
-Sorry guys, these are default Linux naming scheme, i know it looks messed up, but there are good reasons for this. You can list all your network devices under **/sys/class/net**.
+For more information on your network setup, refer to [[networking:start|this page]] and [[networking:networking|this page]].
-Here is a summary of the information you will need:
+=== The Simple Approach ===
+This setup is provided according to not using opnSense.
-  * Internal network: 10.0.0.0/24
+I will assume you have the following network assets:
-  * ISP1 network: 192.168.0.0/24 - ISP router on 192.168.0.1
+  * One internal NIC on the LAN, called **eno1**
-  * ISP2 network 192.168.1.0/24 - ISP router on 192.168.1.254
+  * One internal NIC on the main ISP, wired point-to-point to your main ISP, called **enp2s0**
-  * Home server, on ISP1 network: 192.168.0.10 (static IP) on enp0s31f6
+  * One USB NIC for additional failsafe remote access, directly wired to the failback ISP, called **enp0s20f0u9u4c2**
-  * Home server, on ISP2 network: 192.168.1.10 (static IP) on enp0s20f0u4u4c2
-  * Home server, on internal network: 10.0.0.1 (static IP) on enp59s0u2u4c2
-  * Main external host: static IP 99.99.99.99
-  * Secondary external host: static IP 77.77.77.77
-The two external servers should ideally be on different networks/providers, but that is not mandatory.
+Without commenting on the //weird// naming of the ethernet devices, let's see the IP assignments (you can list all your network devices under **/sys/class/net**):
+  * LAN is 10.20.30.0/24. Home server IP on LAN is 10.20.30.1
+  * Main ISP is 192.168.0/24, and you will want a static IP like 192.168.0.10, default gateway to 192.168.0.1
+  * Failback ISP is 192.168.1.0/24, and you will want a static IP like 192.168.1.10 and gateway is 192.168.1.254 (not set as default)
-I choose to use static IPs for the home server on the ISPs networks because this allows for the use of SNAT instead of MASQUERADING later on , and it's faster.
+=== The Advanced Approach ===
+This setup is provided according to using openSense.
+I will assume you have the following network assets:
+  * One internal NIC on the LAN (default gateway to the main ISP), called **eno1**
+  * One internal NIC on the DMZ, wired point-to-point to your [[networking:opnsense_using|opnSense]], called **enp2s0**
+  * One USB NIC for additional failsafe remote access, directly wired to the failback ISP, called **enp0s20f0u9u4c2**
+Without commenting on the //weird// naming of the ethernet devices, let's see the IP assignments (you can list all your network devices under **/sys/class/net**):
+  * LAN is 10.20.30.0/24. Home server IP on LAN is 10.20.30.1, default gateway&DNS 10.20.30.254
+  * DMZ is 10.20.254/24. Home server IP on DMZ is 10.20.254.1
+  * Failback ISP is 192.168.1.0/24, and you will want a static IP like 192.168.1.10 and gateway is 192.168.1.254 (not set as default)
@@ Line 32: / Line 44: @@
 You should double check the actual names of your network devices under **/sys/class/net** of course and identify them properly or the following will not work for you.
+The choice to go fully static instead of using DHCP to get IP addresses on the ISPs side of network is to enable SNAT instead of MASQUERADING later on.
 The first step is to populate your **/etc/conf.d/net** configuration file, follow this example and adapt to your needs:
 <file - net>
-# LAN on enp0s31f6
+# LAN on eno1
-config_enp0s31f6="10.0.0.1/24"
+config_eno1="10.20.30.1/24"
+routes_eno1="default via 10.20.30.254" # default route here only for advanced approach!
-# ISP1  on enp59s0u2u4c2
+# The following ONLY for advanced approach!
-config_enp59s0u2u4c2="192.168.0.10/24"
+# DMZ on eno1
+config_enp2s0="10.20.254.1/24"
+routes_enp2s0=""
-# ISP2 on enp0s20f0u4u4c2
+# The following ONLY for simple approach!
-config_enp0s20f0u5u3="192.168.1.10/24"
+# Main ISP on eno1
-</file>
+#config_enp2s0="192.168.1.10/24"
+#routes_enp2s0="default via 192.168.1.1"
-Please note that i omitted any default route. This file will not let you navigate internet from the home server. This is on purpose because in the next sections i will show you how to do advanced routing techniques and that will cause issues with a default route set at this level. If you need proper internet access meanwhile, add a line like the following:
+# Failback ISP on enp0s20f0u9u4c2
-<code>
+config_enp0s20f0u9u4c2="192.168.1.10/24"
-route_enp59s0u2u4c2="default via 192.168.0.254"
+</file>
-</code>
 Now, create the needed symlinks and start the networks:
 <code bash>
-for i in enp0s31f6 enp59s0u2u4c2 enp0s20f0u4u4c2
+for i in eno1 enp2s0 enp0s20f0u9u4c2
 do
     ln -s /etc/init.d/net.lo /etc/init.d/net.$i

Willy's Wiki

User Tools

Differences