Hey everyone! Baba here, and welcome to my most recent home lab network adventures! In this post, I will be sharing the steps I took to set up a powerful and versatile network using Proxmox as a hypervisor, Pi-Hole for ad blocking, and PFSense for firewall services. A few months ago, I decided I was tired of running just Hyper-V on my two Windows servers. I kept the first still as a Windows server and dove head first into making the second one a dedicated Type 1 hypervisor.
*Slaps Roof* This bad boy can fit so many VMs in it…
First, let’s talk about what a hypervisor is and why I chose Proxmox.
A hypervisor is a technology that allows multiple virtual machines (VMs) to share a single physical host machine. This allows you to use one physical machine to run multiple different operating systems as if they were running on separate physical machines.
There are two main types of hypervisors: Type 1 and Type 2.
Type 1 hypervisors
Also known as native or bare-metal hypervisors, run directly on the host’s hardware. VMware ESXi, Citrix XenServer, and Proxmox are both Type 1 hypervisors. Much like how a conductor of an orchestra controls all the instruments, a Type 1 hypervisor controls the hardware resources of the host machine and allocates them to the virtual machines as needed. This type of hypervisor is commonly used in data centers, cloud computing environments, and enterprise environments. While not necessary to get a job, having experience with any of these will give you a one-up advantage once in a position.
Type 2 hypervisors
Also known as hosted hypervisors, run on top of a host operating system. VMWare Workstation and Oracle VirtualBox are both Type 2 hypervisors. Think of them like the orchestra member that uses their instrument and sheet music to perform. It uses the resources of the host operating system to run the virtual machines. Type 2 hypervisors are commonly used for testing and development, or for multi-boot computer setups. VirtualBox (which can be downloaded for free from here) can help you begin building your own virtual machines if you don’t have a dedicated server.
In summary, Type 1 hypervisors are more efficient and secure than Type 2 hypervisors, because they have direct control over the hardware resources and are commonly used in large-scale environments, while Type 2 hypervisors are less efficient and less secure because they run on top of a host operating system and they are commonly used for testing and development, and for running multiple operating systems on a single personal computer.
Proxmox is seriously free?!? It does SO MUCH!
I chose Proxmox because it is a free and open-source option that is easy to use and has a large community of users who can provide support. You can download Proxmox at https://www.proxmox.com/en/downloads, and steps to install are found here.
Installing Proxmox onto my server was a straightforward process. I used a tool called Balena Etcher (https://www.balena.io/etcher/)to create a bootable USB drive from the ISO image. Then, I booted my server from the USB drive and followed the on-screen instructions to install Proxmox. Once Proxmox was installed, I logged in to the web interface by visiting the IP address of my server in a web browser.
Next, I created my first VM using the Proxmox web interface. I installed Ubuntu as the operating system. This VM would be used to run Pi-Hole, which is open-source software that can block ads at the network level. You can read more about Pi-Hole on their website (https://docs.pi-hole.net/). Pi-Hole works by redirecting DNS queries to a local DNS server that is configured to block known ad-serving domains. This is a great way to reduce the number of unwanted ads on your devices and also block malware and phishing sites. To install Pi-Hole on Ubuntu, you can follow the instructions on the Pi-Hole website (https://docs.pi-hole.net/main/basic-install/).
Firewalls have seriously never been easier!
After that, I created another VM and installed PFSense. PFSense is an open-source firewall software that can be used to protect your network from various types of attacks. It has many features such as VPN support, intrusion detection, and traffic shaping. I configured PFSense to act as my router and firewall and also enabled VPN access so that I can access my network remotely. To install PFSense on a VM, you can follow the instructions on the PFSense website (PFSense)
And we’re SAFE!
After completing the installation of both Pi-Hole and PFSense, I tested my network and everything was working as expected. I was able to access the internet, now with the added benefit of advanced ad-blocking enabled. I can now also access my network remotely via VPN. Even cooler is I can even use my VPN provider (in my case I use Private Internet Access) to run ALL network traffic through it. This adds even further security and privacy to your already expanded network.
All in all, setting up a home lab network using Proxmox, Pi-Hole, and PFSense was an enjoyable and informative experience. The installation process was straightforward and the software is easy to use. I highly recommend this setup to anyone who wants to improve their home network. It’s also a great way to learn and experiment with different tools and technologies, which can help you get valuable knowledge in a professional setting.
WARNING:
Please note that the process of setting up a home lab network can be complex and time-consuming. I recommend you read the official documentation for each software before you start. Make a backup of your data before making any changes. I would only recommend going into something like this with a computer dedicated to it. If you want to just tinker with virtual machines on your personal computer then something like VirtualBox would be ideal and much easier to get into from the start.
Setting up a home lab network can be especially valuable if you are trying to get into the IT field. Setting up and managing a network is valuable, and learning how to use these tools can give you a competitive edge. These skills can be applied in various career fields, and are great to have under your belt. If you can go into an interview and tell the employer that you can, and HAVE set up your own hypervisor, firewall, and DNS sinkhole that will give you a HUGE ADVANTAGE. This is incredibly useful knowledge and if you can make it happen, definitely do.
That is going to wrap it up for me this time, readers! I appreciate you taking the time to dive into my most recent adventures with me. As always, if you have any thoughts or questions, please feel free to leave a comment and let me know. I plan to start working with Docker and containers in general soon. Keep your eyes on the lookout for maybe another adventure post in the future.
As always: Stay curious!
Baba out!
Leave a comment