The Homelab Show: Episode 0 All About Home Labs

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

right now go live all right like it or not jay we're live ready or not i should say this is uh tom lawrence of lawrence technology services would people know that because this is my channel but you are jay from learn linux tv yes and me and jay do this thing where we hang out on tuesdays and talk about technology and we get way off topic a lot of times but we just dive around talking about some of the youtube stuff and some of the home lab stuff and we said you know what we really need because there's a big crossover in our channel of audiences we need to really dive just into being able to help people with home labs it's kind of a driving thing is you know the self-hosted community the home lab community and it helps people come into technology and then you know get a deeper understanding maybe even get a career in this and you know understand all the aspects uh i cover a lot of hardware in storage servers and network engineering and jay is an expert on things like he's got tutorials on docker so we just said you know what let's combine forces and share our knowledge with the world and also we want to do these in some live streams because q a we each have our own forums and based on the type of forum like if you have a docker question don't even ask me because i don't use i mean i'm very basic with docker i'm going to say jay knows about docker if you have a question about you know true nas or you have a question about pfsense those are things i dive heavily into on my channel so hey i might be the better person asked for that but either way between the two of us we're here to answer your home lab questions this is episode zero we're only gonna be doing this for 30 minutes and uh then we're going to try and make this a regular thing and uh bring questions and ideas and if you don't have questions or ideas don't worry we do we can always just talk about all the projects we're working on we could we could definitely do that we'll figure it out as we go uh this will be defined as we go along the structure and everything so we're just having fun with it today and then we'll see where it lands and doing a lot of defining of what we want to do and i'm already fascinated because um right behind jay's head actually looking at me is the uh you call it jarvis am i correct yeah it's my croft and it's one of the things that i want to get back to but i had it configured to do pretty much everything like the home light the lighting and things yeah so are you familiar with volumio if i'm saying that right it's a raspberry pi solution for having like a jukebox you hook up speakers to it it gives you like a web interface to your music collection so from any browser you can just play music so i would say hey jarvis play lacuna coil and then it would start i'd start rocking out um but i broke it and i need to get back into fixing it but it's just um eventually what i want to be able to do is tell the assistant to update all my servers and have it go to my ansible server and just you know run a ansible playbook to install all updates on everything i want to be able to control my home lab with them i've just been sidetracked lately so i haven't gotten that done yet so and he was kind of interrupting us earlier earlier while we were testing had to tell him to shut down yeah that's what caught my attention on it i'm not a big uh even even though google exists and privacy aside i just don't use voice activated assistance that much the kind of exception because i think it's kind of a safety thing i do like telling my tesla to navigate places because it just pulls the map up and goes somewhere so i mean that's that is the one function i use as a navigation but it's just so i don't have to type an address i can just say tesla navigate to and my tesla will take me somewhere so um but it's still really cool because because of privacy reasons the jarvis one looks pretty um interesting you'd also uh in one of the topics me and you were on last week where this is one you were talking personally um we were diving into some trouble you were having with the smart plugs and oh god that's a whole fun story that we'll share in the show sometime but one thing funny about the spark plugs though is i didn't realize how much better they have gotten since i looked at them a few years ago um still without the with their problems which is what led to the j's problem but the home assistant running on raspberry pi is actually a pretty impressive project being able to manage all of that it really is um it's a lot of fun it's a rabbit hole to when you get into it but it's a good one it's a it's a fun adventure and if you're into that kind of thing i mean not everyone that runs home lab runs home assistant and vice versa but there there is a market for it and i think they're doing pretty well i actually pay the i think it's five dollars a month or something which isn't really all that much but i like to support projects that are you know giving me an added bonus so i like to send some money their way and overall i think it's a great solution and i also like what i like about it is you're in control because you don't want to expose things to the internet that you really don't need to so having your own little open source assistant and then your your own little home lab you know home assistant server you could just decide not to expose it outside your land you can even create a firewall rule to make sure that it can't get out of your land so there's no way other people can get in and you're in full control you don't have to worry about what google and amazon are doing because you're not you're not using them for that so i think there's some power you can get out of having that yeah and and uh for i see a few people a lot more people join now uh what we're talking about is home assistant and you have mycroft that's the voice activation server the open source voice activation server uh so if you do want voice commands i'm i'm still in my house i'm going to flip light switches on and off i'm i'm still that person uh maybe i'm just old or something but well okay so let's think let's think about it let's have a thought experiment then um because i agree it's it's faster to flick a light switch right than it is to to speak a half sentence that that's true but um what i what i had it set up for and i have to again fix it that's part of home lab right you break it you fix it that's how you learn um i would say like it's time to record and my studio lights come on i'm gonna have it turn on my studio pc and my tv so yeah turning on my pc yeah that takes five seconds but it takes longer to turn on all of those devices that's where i think the value comes is when you have a scene and you can have it do a thing like i want to be able to get to a point like it's party time and then a disco ball just comes down from the ceiling and then the speakers i mean i'm not there yet but if you think about from that lens like if i wanted to update my servers i have to open up a terminal i can ssh into my ansible server i can run a playbook no problem how about when i just walk into the office and say hey update all my servers then walk out and then it just does it and then i get an email so the value that something like that gives you depends on what you're actually automating if it's just a light switch but if it's a sequence of events that you are automating for example then it makes a lot more sense because you're stacking and i can imagine for my studio building something like that too like you said set a scene for my studio adjust the lights and get things the way i wanted and one thing um now the box above jay's head like i said it has two eyes on it that is his server cabinet back there what is that box you're actually running that on so okay so which box are you referring to the one that actually has the talkie face on it um before when we stopped it before the show yeah that so that's my craft and it's just that white little um device he's just a little tiny box with a power cord and an ethernet cable that he just sets on the top of the cabinet the cabinet i get asked a lot everyone's like hey can i can i know what cabinet you have i want to buy i'm like no i made a big mistake i this is embarrassing but i think there's a lesson to be learned make sure you check very thoroughly before you buy anything for home lab it's a network um cabinet it's not a server cabinet it's not the right size those servers are hanging off the back they're exposed it looks horrible behind it but you can't tell um i need to i need to replace it but someone in the chat asked you know what is that big box and and that's the answer it is a server rack and part of it for me was i wanted that in the background it takes up a lot of space right but it looks cool when i do videos because i talk about the stuff but then you can see in the background i'm actually working on these things that i'm talking about i actually am running servers it's not just decorations um the two fans each one is a raspberry pie cluster case that has four raspberry pies on them and layers the fan is in the front to cool them um in fact i'm working on this right now which is the same thing but it's stacked three high and this is a 12 layer raspberry pi um tower case right here which i'm going to be doing for a video don't know when it's coming out but those are the smaller version of that same thing one of them is a kubernetes cluster the other one is the one that has a pi dedicated new home assistant i have one called dev that's what i call this pi is just i don't know why i chose the name it's just my central ssh box for all my projects like i have a tmux thing going on in there i i can on any computer resume my um session my terminal session um and a number of other servers below that the the really big wide server that's kind of blue i could probably just open it like make it um kind of easier to see possibly um maybe not all that much but you know you see my unified switch on the top and then this right here is going to be my trunas server there's this big thing and then we have the proxmox server and then the ups underneath it probably hear it now that i opened it yeah uh didn't didn't make too much of an audio difference a few questions that people ask though and yeah this is a really popular questions about what you should or shouldn't virtualize because there's two questions in this um someone said should they virtualize pfsense because they don't want more hardware i personally other than for my lab in lab work i don't virtualize pfsense because whenever you're running an update on your server your virtualization stack i should say or you have to do maintenance on it you don't have internet access the challenge with that is what if i have to get a file to fix a broken update to load something and i have to have the server down for that or if it goes wrong and i have to troubleshoot it i need internet to do those things and yes i could just pop up internet on my phone but that's greatly inconvenient so i've always been a big fan of just running your firewall like your primary firewall as a actual appliance and i think you do the same j am i correct yeah i i started off the same way i think for me and this is probably true of many people at the time i didn't really have much money for this i i think the server that i had was maybe a hundred dollars used or something and i needed to make that stretch because i just didn't have the money to add anything else to it so a lot of people that asked that question um it could either be for consolidation right i think a lot of people just don't have the extra cash for multiple servers and that's where it comes from but then when i did it that way with a virtual machine with pf sends i i think i might have lasted two weeks i'm like i can't stand this i have to change you can make it work but like tom said you're going to have some rough edges you are going to have some challenges and one of them is like you don't realize how how many things depend on internet until you shut down the box if you're rebooting your virtualized solution your hypervisor everything in your house stops and if there's a problem okay let me go ahead and just connect to the the kvm the ikvm and get a console on my screen and kind of go oh right i don't i don't have any internet i can't get to the console that's on the thing i can't get to this i can't get to that and then you find yourself with grabbing a keyboard you know actual keyboard and of you know display and whatnot and connecting it to the back it's just and it becomes a chore there's other challenges too i think you'll run into it's easier it's easy to think like should i consolidate this um you'll run into trouble a lot of people do it i want to be clear a lot of people have successfully done this but you have to understand there's some interesting quirks that you'll run into and the same goes where someone asked with running truenass you have some of those same issues of can you run truenash virtually you can you can do passthrough i've seen someone mentioned on raid you could do pass-through and xcpng you could do pass-through and proxmox uh if i'm not mistaken i'm not on read user but my understanding of unraid is they have it just as a checkbox do you get that with a proxbox if you want to pass through a device can you just check the box in the pci or you got to go to the command line and find the device it's kind of complicated there because it really depends on the hardware whether it's actual raid fake rate and what have you um the options in proxmox became more limited which is kind of why it's hard for me to answer when i first started for example and i installed proxmox for the first time it asked me if i wanted zfs or if i wanted just you know md raid1 md raid5 i had all those options nowadays they removed a lot of those options and you don't have an md rate option you have like a single disk option but if you want raid their assumption is you'll just use zfs instead well maybe but you know if you have to start setting things up kind of manually um it really depends on the hardware i don't know of any checkbox the options are very limited when you install it so um i'm going to have to say probably not yeah that's um it it's a little bit of a challenge it can be done running true dance in there i don't recommend it i would never recommend it for production but or non-production or learning absolutely and one of the fun things is and i've seen a lot of people chiming in that they've run a psn virtual for a long time absolutely you can do it and it can be a learning experience um if and maybe that's the goal of especially if you are trying to get into the career you want to learn a lot of aspects nothing like trying something hard to really level up your skill because you're doing it the hard way which means there's going to be more reading to do you'll have to get a deeper understanding of the hardware so there's an advantage to doing it that way just because you know i've taken some projects and done them in a more difficult manner because i got to learn more it's like building a wire guard server from scratch i did that video because why not start from ground zero build it up and learn it uh that's not something the average person is gonna do they're just gonna connect and i you know my site to site video for example on how to use wire guard and pf sense is easy it's a couple check boxes uh you move the keys into the pier into the server or the other one and that's it it's done you know you didn't have to do all the leg work it takes to build a system that can route and load the modules and things like that someone also asked about qnap and synology nas and their virtualization i have not used a qnap before um i i'm not the biggest fan of them my feelings from all my friends who have used them and compared them synology as synology just has better support some people say qnap has slightly faster hardware i'm not someone who's ever used the one but i definitely have used plenty of synologies and i do think they work well js used synology in the past as well but they do have virtualization on synology i might do some videos on it it's pretty basic um it doesn't support any clustering or anything like that without licensing though so it's not like your other open source hypervisors you have to buy licenses if you want some of the advanced features they they give you a limited set of features which may be perfectly adequate for your needs but you may have to buy a license if you want some of the advanced like clustering features and live migration of vms between servers and everything else that's all paid license from synology i don't know how qnap does it yeah i haven't used qnap either i've used synology it's been a long time i i do have a synology in the studio that i will be reviewing soon i don't know when probably like within a week a lot of hardware reviews coming and i'll be looking at the same thing too it has um i mean when i did use analogy i actually liked it quite a bit but scrutinized one over for me just for very selfish reasons i like cfs on it honestly like there's nothing against synology at all but right um and if we'll see how i feel after i check out this analogy that i have in the studio maybe i'll change my opinion maybe not yeah uh someone says so the site to cite wire guard video would this be applicable to myself looking to have all clients on my network connect to a vpn provider over the wan um we haven't i haven't done a video on that and this is something i've always got a mixed feelings on so you have to stop and define in my opinion why you want a whole home vpn and the concept is you're going to take all the data from your network and pipe it out of a vpn you're slowing it down for one because you're going to be limited to whatever the offerings of that vpn provider also you're limited by the hardware you have because well vpns require high levels of math and cryptography so running that inside there may slow it down and for people whose only answer is oh i just don't want the cable company to sniff my data like my dns traffic i'm like so you're going to pay money to somebody else to do it now region locking or if you're seating your favorite torrents of your isos for linux and you know that companies don't like torrenting okay those might be good reasons to use a vpn but i usually push for people to do it on a policy routing basis as in you create a policy where some device may tunnel out my preference is always if i can load the tunnel on the device itself as opposed to the firewall it makes it easier but that's not always possible with some of them so um kind of think about how you want to do that because it it is it creates a challenge great learning experience to learn how policy routing works um i have a video on how to do it with pia vpn and openvpn that video is going to be almost identical when you do it with wireguard it's just a different vpn service but the back end is the same you're going to create rules and policies of which gateway to go out so you take the wire guard or open vpn either one when you create them as a gateway and then you have to create a rule to say traffic from this ip address has got to head out over this gateway that's just referred to as policy routing so i do want to do some more videos on it because it's a thing that um people think i should know off top my head all the time we don't really do as much policy routing and business in the same way it's pretty much exclusive to people who want to hide traffic from vpns in in the business world you see less policy based routing you see it in a different way um most of the time you are setting up you know for companies that do full security when you set up a business vpn they either want their endpoint traffic for the you know the external customers 100 routed in but then in 2020 with everyone switching to doing that they realize we don't have enough bandwidth split the tunnels so it's only for resources like someone open a vpn and whatever traffic goes out the normal internet but then a vpn is for resources in the company network um that way not all the traffic gets routed that way but that gets a little that goes back into business stuff we want to focus on the home lab and self-hosting right and i agree with everything you said i think the important thing about security is not to be overconfident um sometimes depending on how you have everything set up whether or not your traffic can be seen all comes down to how far down the uh subpoena chain someone's willing to go right because if it's maybe at the very first level oh yeah this isn't worth our time because it's not that big of a deal but if they really really really want to see what you're doing subpoena after subpoena after subpoena then they get to you eventually um and also when it comes to overconfidence it's gonna be whether or not you get hacked can also depend on how determined the hacker is if most of the time okay that's going to take more than five minutes i'm going to move on um i don't want to deal with that i really want his stuff i want to break in i'm going to try for days months however long it takes i'm going to get in there really depends on that i'm not saying you can't have reasonable security but just have reasonable expectations and backups and and whatnot because honestly it depends on like tom said what you want to do what you want to accomplish don't have a vpn just for the sake of having vpn just because the ad on that youtube channel said that you should have a vpn why do you want one what do you want to accomplish what's the problem that you think it's going to solve for you and then plan it accordingly yeah um back onto some of the network hardware someone's asking about unify versus tp-link so unifi has definitely had some missteps in the last few months and things that didn't make people uh happy for example the fact that they needed to register uh before you can activate the hard key the hardware cloud key that's only the hardware cloud key you can still host your own unifi controller software that hasn't changed um but people keep thinking that's a reason to throw away unify now granted they've had firmware updates et cetera and problems that but all the companies have this the thing is i've never found tp-link in the past to be a commercial company so to speak a company with a great support then tp link now has released something that looks a whole lot like what unifi is doing with a self-hosted controller uh tp-link did reach out to us and because it seems like some of the kit is not very available so they have like a package they send us to review so they're sending us one to review so we're gonna take a kind of critical look at it and set it up here and do some testing with it i am not at any means ready to get rid of unify because unifi themselves missteppings are not there's not really someone in their space right now uh that has all the bells whistles and features that unify offers so specifically i'm talking about their switches and their access points i i don't even care about their routing equipment because it just it's too basic and too buggy um but tp-link one of the problems right away we already know what the tp-link going into this so you can't just sign multiple lan ip addresses to the unify routing equipment which is crazy there's been a request for six years in their forums that hey routers normally can have more than one wan ip address by the way unifi but you in six years have not figured out how to do this and someone will then point out well they have a beta firmware that you can do it coming sometime in the future that's cool tp-link designs a new product that looks a whole lot like the way unified does it even a similar interface even the same icons on the side that also can't do multiple lan ips right now [Laughter] yeah i've run into the same thing there was a time where i was considering checking out that uh the gateway but um i did i look i look at the feature list and i'm like pf sense every single time um but i mean i think pf sense is going to be more of a challenge to um configure which i don't really think is a problem for the majority of people that are watching this because they're probably up for a challenge i mean why else would you do home lab but for me personally unifi has been great so i'm the same as like pf sense for the router slash firewall layer and then unify for everything else and i don't like the fact that you have to have a cloud key or a controller i don't care that much i'm uneasy about it but it's not enough to make me not use it it's worked so well for me it's been the only solution for me that um has continually worked well i think what it comes down to is cost when you're first starting out in the home lab i mean how much money are you going to put into it yeah link is the way to go for that and this is cheap right it's a good way to get into it yeah and here's one of the things that i want to comment on um someone said why aren't you using jitsi before i answer that question uh hey jay does your recording computer run linux for recording stuff it currently doesn't actually right it runs windows just like buying right so and here's one of the challenges and me and jay want to get content out and at some point we have worked really hard to try to make something work and i see jay stream deck within reach um we realized that if a tool just is not ready as much as i'd prefer to be linux and jitsi's one of those tools try we've tried to do some stuff in jitsi it doesn't work as well as zoom it wouldn't do the things we're trying to do right here as well so we've chose to use zoom um right it's it's if soon as jitsi and the thing is i'm not a jitsi developer and the developers are aware of where the shortcomings are it's not like they're unaware it's a matter of throwing money at it uh zoom has lots of money and they did they threw lots of money and talented programmers at it including destroying one of my favorite projects which was key base because they just assumed it they didn't even want the key base project they wanted the team that built it for security so they bought the entire company that developed key base and uh yeah so that's how it is that that's exactly how it is i i think um so so i do have a jitsi server that i set up and i'm interested in trying it out i haven't had a chance to try it out yet it it exists so that's that's one thing and tom and i uh we've talked about maybe trying it out just the two of us see how it works now um and we will um the way i look at it if a solution comes out that's open source that does what i need it to do i'll switch to it like right now um and that's just my mentality it's always linux by default and then if it doesn't do what i need it to do i'll just temporarily go a different direction then i'll check in every now and then kind of see how the environment looks and then maybe gravitate back to that solution like i'm gonna be potentially converting the recording pc back to linux um possibly uh pretty soon when i have time but like tom said it's like we have people on our youtube channels that want content we want to do the content we don't want to make people wait too long for the content so sometimes that's what it's all about and even with my windows server that does my recording of studio i'm getting ready to do an updated studio video um because i've re-engineered more stuff on it i like to share with you know how we do things and but it's one of those things i still have bugs with the windows one and those bugs are compounded if i try to do this in linux they get worse so um if it stops me from purchasing content and by the way like you have people like eposvox which i follow on uh youtube he does a lot of like how did he does a lot of stream lab tutorials and how to be a streamer and i learned a lot from him but he does that full-time and still is constantly learning and doing it um so i have to rely on someone else's knowledge already and he only does it in windows so um trying to take that knowledge extrapolate it is at some point where's my job is my job teaching more people would you like to have me do another pf sense wire guard video or spend a week working on trying to figure out how to make something work in linux that by the way you don't care if i did a whole video of how i got streamlabs working in linux there's there's like people like jay who would be very thankful yeah and i unless any of you are streamers and cruising content like me or jay you're like well that's a novelty thing and other streamers are like boy you guys went for a lot of work i just hit record in linux and got my content out there oh that's that's true um so we had someone ask about the raspberry pi is good enough for security and also um said that it was slower especially over ssh you're running basic commands um when it comes to raspberry pi there's a lot of variables more than i think when you're just running a server um a proper server i use raspberry pi's for almost everything nowadays it's i use i use it for ssh because um depending when you joined i actually mentioned i was using a raspberry pi as my central dev box when i'm developing or doing administrative things it's my central ssh thing it's like an internal bastion but the reason why i use it for that again is because i could just you know close my session on one laptop reopen it on another and it doesn't matter if i reboot um and it's fine i have no problem with basic commands i i did make sure that i had really good storage like the sd card i paid five dollars more to make sure that it was a really good sd card i put a usb flash drive on there um a really good one for the home directory so i just put the home directory on there i have a kubernetes cluster running off raspberry pi so i would say don't underestimate the raspberry pi it it can surprise you with what it can do but it also depends on how you have it set up if you don't have enough power it'll run slower or not at all storage like i mentioned make sure it's raspberry pi 4 if you if you don't already have one go with the raspberry pi 4. as long as you're not trying to um just run some ginormous operation off of one raspberry pi you should be fine i think yeah the um raspberry pi's are still just a fun tool to play with because it's it's an inexpensive way and you've got some videos already on these topics and this makes a way to build out a cluster of servers and without breaking the bank like you cool if you can afford all the fancy stuff um but like a lot of people starting out they're going i want to get into this i only have a limited budget buying a handful of raspberry pi 4s and loading some tools on there and building you know i think you have an entire like series of videos on that am i correct jay yeah i have all kinds of content on that too um there's a lot you can do with it yeah i think that what i want to what i want to know what i want to see as an experiment i don't really know how to go about this because i already use raspberry pi's and yes i am a business but i'm just one person i'm curious how far a business could go hypothetically with just raspberry pies for example rather than having a hypervisor so hypervisor obviously you're going to run a bunch of vms on it let's just say you have 30 vms on that hypervisor what if you have 30 raspberry pi's and each one is doing something that one of the vms would be doing already the power usage would be very very low so it's possible maybe that it would pay it would pay for itself maybe not but i want to know how far companies can go because i feel like raspberry pi's are basically considered the only the testing or the play thing i find them incredibly stable i'm i want to know how far a business can get with that i think they could get very far depending on what they're running obviously they're running windows server no no if they're running just linux vms if each pie was one of those vms i think that could actually work for some businesses out there there's a lot of money yeah the um you can there's a couple companies 3cx comes to mind um they if i'm not mistaken have raspberry pi phone bridges and they if you have a cloud controller for your phone system your pbx system but you want to still do things one of the challenges you have when you have a cloud pbx is local calls can't get to each other in the office without going through in and out the cloud but if you have local bridging systems they can handle some of the inter traffic and then have a single point by which things go in and out and they can build those on raspberry pi's i believe there's a few other projects there's a free pbx project that runs on there so i've seen people use them in the commercial space for phone servers for example um it's stuff that runs on linux it's stuff that you can find compiled for arm and uh it does work um yup that's definitely there uh real quick guys if you there are 490 concurrent viewers but there's only 98 likes so uh bash on that like button a little bit it helps the algorithm of the youtube system tell everyone that this is a good video to watch for sure one last uh comment about the raspberry pi thing um someone mentioned it's only arm um excuse me yeah that's true you are going to have some downside there but just if you think about just playing devil's advocate on here if you're if you go with digitalocean leno or whatever let's just say you're paying five dollars a month or on your website um the raspberry pi 4 you know you could buy one with eight gigs of ram four cores um that's more powerful than that five dollar drop or five dollar um lenode instance which i love lenode you know their sponsor my channel but that doesn't mean i think everyone should use it every time because it's gonna be a good fit for this maybe not for that but already instead of paying five dollars a month how far is that raspberry pi going to get you if you just if you have like a proxy going to that raspberry pi and also when you think of kubernetes clusters which i have one running on pi if it gets to the point where it's just bogged down i'll just add another pie to it and add it to the cluster and another one and another now i'll keep scaling it i think yeah you could get pretty far with that i think that that's one of the that's one of the things i think you know can be overlooked with those yes they can be a single point of failure but that's where clustering comes in you build a kubernetes cluster you have a more elasticity to the stack you're building therefore as you said when you need more you add more and then from there um they're inexpensive if one dies most likely thing to die is not the raspberry pi itself but the little memory card might go bad on it oh yeah and provides you didn't go through trouble setting up to boot off of the network or something like that to start distributing them you pop another memory card in or just replace that piece of the cluster and uh you can you have the kind of neat basis to build something um it's an interesting look up and i i think it might be chick-fil-a it's called the uh intel nuck uh and they call it the cluster nook and what they did was they took a series i think of them and they're using for almost possibly using kubernetes as well they just instead of building a server to go at the retail locations they built a small cluster running linux and that way it's redundant across all the machines that way if one of the machines fails whatever we they stack i think five of them at a time in each location and five nux costs a reasonable amount of money and they're modularly replaceable if one of the five nodes goes down they know they got to replace it but it didn't take them out of business so there's concepts you can build around it but it comes down to having a full thought running a business on a single raspberry pi absolutely that is not a good idea no no that's not a good idea i i just i think it's a fun experiment it's more of a thought experiment obviously but i just wanted to write like how far people would get and i'm i'm totally um okay with the fact that it could be a massive epic failure that's fair you never know how it's going to go but maybe there's a company out there that is just starting and maybe they'll try a few raspberry pi see how far they get um it's just an interesting thought experiment um we had someone ask about a vlan i'm trying to find it now but it's growing kind of fast um wanting to know how they would know that their game console is on the vlan and my first thought is as long as you have dhcp on the vlan then you look at the ip address in the game console what ip address was it given then if it was given one and that address space you know it's in the vlan and then the next question might be can it talk to other things if you don't want your game console to you know talk to your your desktop for example if you want the separation there you could try pinging the um game console from your desktop assuming that the game console didn't disable icmp pings if you're able to ping it obviously the communication between vlans is still happening whether you want it to happen or not that's on you you can block it if you don't but i think dhcp is the way on the top of my head you would know what ip address it was given you would know what yeah currently in and that's why it's important when you build out the rules and i'm now that psense 2.5 is out i'm going to be doing the long tutorial of how to build pfsense i've already started a couple of the 2.5 tutorials specifically around wireguard but um one of the important aspects that i even cover in my videos is once i set something onto another vlan and i fire something up on that vlan you test it you go in there and you ping it did it get the ip address we expected did it have the response we wanted um because a lot of mistakes are made and people you know will start separating things but forgot they left a rule somewhere that allowed traffic and it's not the rule they wanted because i always say start out with implicitly all if we start with all and build from there cool now remove the all rule and or swap the all rule for a more restrictive rule do does things still work it's just an iterative process of not just guessing your way through it and let you know once you're really good at it like we do these all day so we don't even think we can go through we still test even though we do them we start out with just the rules we want because we know exactly how we want to uh run these um but yeah that's just it's just an iterative process until you get used to it someone says about getting started getting started is kind of a big target to throw because you have to first start with where do you want to start um some people really have an affinity for playing with hardware and what surprises people is xavier who's done a lot of cyber security videos on my channel xavier didn't touch physical hardware until only the last couple years and he worked for fortune 1000 companies doing i.t and cyber security he always built things in the cloud and that's still a valid answer some people um whether it's line or digital ocean they both have like five dollar a month things that is one of the lowest cost ways to spin up a server that you can log into and start doing something on um and that's how xavier a lot of his early learning is as good as he is and big as he is cyber security um it wasn't only until a couple years ago he actually had servers or anything at his house he did everything in a matter of fact he's aws certified so he built entire stacks of systems and very extensible systems all in aws so you you don't actually need to have any hardware and for five dollars a month or there's ways to get even cheaper servers i just mentioned two companies that we're familiar with but definitely ways you can do it um but yeah i i'm going to totally agree with you i i think that there is a it's almost like a debate like where do you draw the line what is home lab defined as i think i'm going to give my opinion because i think it's especially for episode zero it's important and i know a lot of people are going to disagree with me that's totally fine because i agree with the disagreement i know why people disagree and that is people will say if you are running something in a bps provider digital launch inland aws whatever that it's not home lab anymore i disagree i i define home lab as you are taking control of your server environment you are owning it and that's it whether you decide to run something in a vps provider you are still in complete control of that now obviously the majority of people that are looking into home lab want to run you know servers in their house i think ultimately it comes down to okay there might be a few things that you want to run outside the house for example maybe you have a a directory not very big but very important files maybe you set up a vps you just are sync the data over to that uh server every now and then for a poor man's offsite backup for example um so that's an important definition i think it's always important to use what you you know what aligns to your goals but i will shameless plug i do have a how to home lab series on my channel which does um it's still early but there's enough episodes where it does actually go over how to start out and i think it's a good watch i have asked tom to join the series and you know we've been talking about it but we're looking for a good insertion point where to bring him in at a certain point that makes sense because i've just been putting these out and we're probably going to keep talking about it and maybe make a decision but for now there's enough episodes to check out where i think it might be helpful to maybe it'll answer some of the questions people have as they're starting out yeah so there's there's a lot of factors like i said that go into it um and someone asked and i will answer this because i haven't done a video on it and i think they've not done the best job of getting the word out but so i want to do video if you're running psense 2.5 and you're having problems with unbound uh package update package upgrade uh or upgrade update it's the command line package tool for pfsense um if you do that you'll find that it pulls a new version of unbound and you have just solved a problem that i or potentially that i was having i think i was having a few issues with uh unbound so i am going to do exactly that as soon as this is done because that's a good tip yeah so uh and someone says this question always comes up if you want to use open sense feel free i don't use open sense i've always used pfsense and opensense is a fork to me there's not enough extras in that fork that make me want to use it um so i stay with the main platform and you know for example like the big debate like they had wireguard first it's like someone was excited about that i'm like no they they did but they had the go implementation they didn't have the kernel implementation and the folks over at pf sense sponsored the kernel implementation for bsd which is now proper and much faster than the go implementation uh that pf sense did i i really when it comes to your firewall you have to have a level of trust with the company and i know the updates don't come as fast from pf sense but that actually kind of makes me happy that they're not constantly forcing me to update the firewall because security is one of the first concerns about the firewall and the slow study process that pf senses you know produce with that firewall means it makes me comfortable with it i think jay really shares some of the same sentiment there i do and i think another thing on your side that i'm i don't think you mentioned was if pfsense did update as fast as open sense did your call volume at your company would go crazy yeah that would be hard to deal with right because you'd have like oh an update every month you'd have like people calling like daily asking should i install this update should i install this update you'll probably be dreaming of people asking you should i install this update should i install this update but my reason for not using open sense is twofold one i share what tom says about that but i've been very interested in checking it out two reasons why i don't real quick one um i'm a little bit biased towards the youtube channel so if i'm gonna spend time checking out something new then i want it to be something that could translate into a video and it's just not because one i just don't have time and two um i am learned linux tv that's bsd i leave that up to tom um he does a great job with all that um and open sense is kind of new it's just i don't know but also it's very time consuming for me to migrate over to it because you can't export the settings very easily from pfsense yes you can do it and people have opened up the backup file in an xml editor and i can do that but i have a youtube channel that i'm trying to juggle with everything else and i have a very finite number of hours so unfortunately that makes it so it's very hard for me to check it out even though i really do want to um maybe someday in the future but for now um i'm just biased in focusing on the linux thing and psense works i guess yeah and sometimes just happy it works uh we're gonna wind this down but while i'm impressed we have 557 so far is where it peaked at for concurrent viewers so we i think there's some interest to this topic what do you think jay i would think that there is so what we've discussed is that we're going to alternate um next time it'll be on my channel then the time after that will be back on tom's channel and we'll go back and forth i think it's probably fair to assume tom that you'll have a playlist on your channel after we get some episodes and we'll probably have episodes regardless of what channel it's on so you can go to his channel or mine either way or his forums or my forums but we'll just kind of keep alternating back and forth as we go along i don't think we've decided on a cadence yet we're kind of still working this out to see how we want to go about it that's why it's episode zero i thought about calling it episode beta or figuring it episode but yeah one of the things right now i mean we're doing this in a visual format and q a here um but i you know if we can turn this into a podcast that's something we really talked about which would mean we just have to focus on not doing anything that would be visual because then that doesn't translate but you know we could still have the visual and host it here live and then in the end strip it out and put it back over as a um the audio as a podcast so that we something and you've talked about you're actually looking to look on jay's faces because we still go we talked about it we haven't decided so you're watching the decision making process in real time right now you watch the gears turning around it's podcast one time and then uh you know live stream the other time there's all kinds of different ways we can go about it but years ago well let's see years ago what we did with the sunday morning linux review was it's always been a podcast but we recorded it live on youtube so we could have a chat session so we always made it a podcast we just did we just happened to do it also simultaneously when we recorded the podcast as a live stream to allow an audience interaction youtube is an easy platform for that part of it um but the other side of it's going to be you know then you just rip the audio into a podcast but people can then listen to the podcast and enjoy it on their own time but if they want to participate they would come to this session over here and we'll we'll uh real quick renee mentioned that both you and i have a huge impact on learning networking both of our channels virtualization and to keep up the good work and um this is why i do it i love hearing things like that because knowledge is eternal when i give it away when i put it out in a video it's for everybody at that point everything i forget to um put in a video nobody benefits from so so i love hearing things like that that it's uh you know having a good impact that's really awesome yeah i've seen all the the number of people saying podcast yes so um i guess that means we could just put this in a podcast right we'll just we're we're just telling the audience if even if you're just listening you're not looking at the screen while we're doing it we're reading out the questions as they come in maybe we could just consider recording we're just dropping it at a podcast form for the people that are commuting but we'll talk about it we could talk all day about making plans and things uh we're always doing that so we'll do that you know behind the camera a little bit and we'll find a system that works for everybody yeah then we'll we'll pick some topics um that we'll have and when we do his live stream you know we don't mind answering people's questions now i as i said the very beginning and this is how we'll end it uh i do have forums and they're linked down in the description j has forums so you can find jay at learnlinux.tv you can find everything about me at lawrences.com on my forums specifically which are linked there as well but uh forums.lawrences.com and also um we're still doing more of it but more my tutorials are being consolidated over at lawrence.technology once again i linked all these things in the videos as well so i've done everything i can to make it as obvious as possible where to find any place i post content there you go yeah that's great i mean just like you said learn linux.tv everything of importance is linked right off of that one site so uh community forums all that should be right there community.learnlinux.tv if you want a direct link but yeah all right there yep all right well thanks everyone for joining and uh

Info

Channel: Lawrence Systems

Views: 38,323

Rating: 4.97471 out of 5

Keywords: lawrencesystems

Id: SEDe7E9ir1Y

Channel Id: undefined

Length: 47min 5sec (2825 seconds)

Published: Wed Mar 03 2021