Skip to content

DeclerckLouis/homelab

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

79 Commits
.github/workflows
.github/workflows
 
 
docs
docs
 
 
.gitignore
.gitignore
 
 
CNAME
CNAME
 
 
README.md
README.md
 
 
postprocess.py
postprocess.py
 
 
zensical.toml
zensical.toml
 
 

Repository files navigation

Packetflow Homelab Documentation repo

Welcome

Welcome to the documentation for the Packetflow Homelab.
This project serves as a practical testing ground for network engineering concepts, automation snippets, and other IT-related projects.

You can read the actual documentation over at Packetflow Lab

Lab Overview

The homelab is designed to mimic a small enterprise network with distinct layers for Core, Distribution, and Access.

  • Primary Router: Fortinet FortiGate 40F (handling Routing, Security, SD-WAN).
  • Core Switching: Ubiquiti EdgeSwitch 8 PoE (handling VLANs, PoE).
  • Wireless/Access: MikroTik hAP ac lite (handling WiFi, Bridge Filtering).

Documentation Structure

The documentation is currently focused on networking, and has been structured into sections within the Network module:

1. Hardware

Detailed inventory of all physical devices, cabling maps, and the physical topology showing how the ISP Modem, FortiGate, and downstream switches connect.

2. Addressing

Defines the Logical Topology.

  • VLANs: Segmentation for Default, Guest, Servers, DMZ, and Management.
  • IPv6 Strategy: Explains the decision to use Unique Local Addressing (ULA) (fdb1:6575:ad8a::/48)
    due to ISP (modem) constraints, ensuring stable internal IPv6 routing and learning opportunities.

3. Routing & Switching

Covers routing and switching configuration and decisions inside the network.

  • Switching: 802.1Q Trunks, Native VLAN security, and Bridge VLAN Filtering on MikroTik.
  • Routing: Inter-VLAN routing and IPv6 Router Advertisements (RA).

4. Security

Documents the Security policies used.

  • Zones: Trusted vs Untrusted vs Management.
  • Policies: Specific firewall rules allowing traffic (e.g., VLAN 10/20 to Internet) while blocking inter-VLAN access by default.

5. SD-WAN

Configuration of the virtual-wan-link interface to abstract WAN connectivity and prepare for future multi-path scenarios.

6. Wireless

Design decisions for the Declerck-Cardon SSID, frequency planning, and security standards.

Future Plans

  • Add another hAP ac lite to act as second switch.
  • Add another router to act as remote/branch office router.
  • Replace my current Telenet modem with a new one to support IPv6 Global Unicast Addressing in all VLANs.
    So far i've managed to get it working in one VLAN.
  • Setup a DNS server with dynamic DNS.

Disclaimer

The documentation is written with the help of Google Gemini.
The decisions made are based on my own knowledge and experience.

About

HomeLab docs

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages