This webcast was originally published December 1, 2022
In this video, the speaker discusses the intricacies and benefits of setting up and using home labs for network security and testing. They delve into the hardware and software components necessary for building a functional home lab, emphasizing the importance of customization to meet specific learning and testing needs. Additionally, the discussion covers the practical applications of home labs in simulating real-world IT environments and enhancing cybersecurity skills.
- Home labs are used for simulating real-world IT environments, testing security, and troubleshooting IT issues.
- Home labs can involve a variety of hardware and software, including CPUs, firewalls, and storage solutions.
- Building a home lab requires careful consideration of goals, budget, and the desired complexity of the setup.
Full Video
Transcript
Ralph
All right, everybody, thank you for joining this webcast, and we’re going to be talking about home labs today. Actually, it’s pretty much my favorite topic. If you look over to my right, I don’t know, your left, whatever, I don’t know how this video is converted over, you can see I have a server rack next to me where I have all kinds of home labs stuff.
Some of this stuff we’re going to be talking about today. So I guess let’s get started and get rolling. So quick, who am I? Full- time pen tester at BHIS.
I’ve been doing this for a while. I have done lots of pen testing coming up on 10 years now. Pretty much just doing consulting and pen testing. So, I love to automate things.
We’ll talk about a little bit of that in here. And I also have a class. We’ll do my shameless plug as well. I am an army veteran and I’m kind of a home lab addict. I really do playing around with different hardware, playing around with different equipment.
I like to simulate different kinds of environments that I’ll see in the real world or just something that I think cool. And we’re going to kind of roll into that.
This talk today or this kind of webcast is going to be a little hardware heavy, I guess you could say. It is something that really, really intrigues me, but we are also going to move into also some of the software, like what you can do with it.
So getting it running is really fun. Doing something with it can be also really fun as well. So here are my quick warning slides. Okay?
This is a minefield, and what I mean by that is we’re going to be talking about different stuff and there’s a ton of opinions, especially on what’s better, whether you need this and all this other ways. And somebody’s going to say,” I do it this way and this is the best way.” That’s great.
A lot of the stuff that I’m going to be talking about, just kind of my way, you guys can take it with a grain of salt, right? Lots of opinions and that’s great. I really do like it. I’m pretty much open to hearing,” Hey, I heard you talk about this, but have you checked out this,” and I might not have seen it, so awesome, I’ll check it out.
There’s plenty of options and choices. I’m not going to go through every choice today. Things can get really expensive. That goes into my next thing, which is price in mind.
So I’m not going to be talking a lot about very specific enterprise gear. Enterprise gear can get super expensive. And just really kind of out of the realm of home lab right now.
There are a lot of people who do get wild and have tons of enterprise gear in their home lab and I have done some of this stuff. But when we get into talking about firewalls and other stuff like that, there’s some vendors that want a bazillion dollars for a blinky box.
I’m going to avoid kind of talking about that and I’m going to focus more on just the individual and mainly what they could get the most value out of. Okay?
Lots of products. I’m not involved with any of them. I’m not selling or shilling any products. These are just ones that I’ve used. Pretty much everything that I’ve talked about I’ve either used or played with in the past or I currently am using it right now.
Again, we’re not going to talk about every option. So I’m going to talk about some CPUs. I’m going to talk about all the CPUs or this option, this option. So just be ready.
All right, so why build a home lab in the first place? So learning new software and concepts. So just having a laptop connected to the internet, that’s great, but a lot of our customers in IT, they have a lot of other stuff.
Some of that stuff’s geared toward the enterprise and having that gear or being able to play around with it or to test it out is something that’s really beneficial to actually learning how it works, especially in security.
I have a huge belief in that you should know how it just works before you think about how to secure it. A lot of times misconfigurations are the number one vulnerability, so think about it.
All right, so we also maybe want to test an isolated environment. Building a home lab helps us do that. We can make these different isolated environments. If you do it correctly, you can make as many as you want really.
We can also use this to troubleshoot problems that we might be having. Maybe it’s just a problem with our own stuff. Maybe it’s a problem that we’re experiencing in our own environment or another environment, and this could be even outside of security. I deal with all kinds of IT problems unrelated to security just to try to do my test all the time.
It just happened. This is another great way to test out patching too. So, seeing if something actually breaks something or unattended effects or testing out proof of concept code.
You can also practice your attacks. This is literally what the OSCP became so popular for. And that’s from the Red Team’s perspective is they gave you the lab, you didn’t have to set it up, that’s what you were paying for the whole thing, right?
They gave you a manual, I didn’t think it was that great, but it doesn’t matter, that’s what you were paying for was that lab. We can also emulate production. So, I’ll be on assessments and they’ll have some product that I don’t have. I’ll go set it up as fast as I can.
And I’m not talking about a blinky box, mostly software. And then I’ll configure it and see if what I think would be a great attack does work. We can also test our malware, so making payloads and other kinds of things like that.
We can test to see how security products would respond. You could set up labs that have these products in there and see pretty much how the whole process would work and whether you’re actually getting detected, whether you’re actually being sneaky.
And the inverse works as well so you can see if the product is doing hopefully what you think it’s doing. All right, so when you start getting into home lab, we do need to start thinking about some goals. What do you want to solve?
All right, so what is the goal of this home lab? Okay? Also, what do you want to learn? These are questions you should ask yourself when you start getting into this. And they could start here and they’ll grow to something that is way more expounded.
How much do you want to spend? Your wallet will hurt in home lab depending on where you want to go, so answering that question is something that you should definitely keep front of mind.
And then how much are you going to use of this? So go really big and you’re not really using that much, maybe it’s not worth all of that money. So just questions to think about.
Okay, let’s get into some home lab parts. I’m going to kind of break this down into three segments. The first one is network. So this is where we’re going to talk about just networking items, so the basics: a switch, a firewall and some Wi- Fi products.
That’s kind of the basics of your networking at home. The next thing we want to talk about is we’re going to talk about storage and I’m going to talk about just some simple stuff like RAID, different kinds of storage types that are out there.
And we’re going to talk about NASs as well. I’ll show you just a couple different options in there. And then last we’ll move into compute. This is where we’re going to actually be running whatever we want to run, whether it be bare metal, virtual machines, so on, so forth.
And we’re going to talk about the different components of our compute, and different form factors, different sizes that we could get of these compute.
So starting with the network, obviously we need internet, and we’re going to need a firewall or router, and we’re going to need a switch.
So those are pretty much the basics. A lot of people just have one device that does all of those things. And we’re going to talk about a couple other ones that kind of segment that out. And then also Wi- Fi.
Everyone’s got Wi- Fi at home. And again, a lot of people have one device that kind of does all of this. When you get into home lab, you start getting more devices that can kind of segment this all out. All right, so, first internet.
Avoid internet providers. This is just as soon as you start going down the home lab route, sometimes you have to use their modems. I know a lot of people don’t have a choice about what internet they’re going to get, but go fiber if you can.
Again, like I said, a lot of people in United States, or depending on where you’re from might not have very many choices or only have one choice and it might not be that great. If you do use the internet provided router or modem, if you’re using something like cable, putting that device into a bridge mode would be advantageous depending on the firewall deployment that you’re kind of rolling out.
All right, so let’s talk about firewalls. So some of the features that you might want to look in like a home lab firewall. So this is your perimeter.
Packet inspection. It’d be nice if your firewall has IDS or some kind of IPS that you could enable. You want a firewall that supports VLANs. Setting up VLANs in a home lab is very advantageous.
It allows you to segment your network and have isolated networks. DNS, so having a firewall, obviously that has DNS most do, but you could also have a firewall that has a DNS black hole- ing, like something like AdGuard and other things like that, which we’ll talk about.
IP filtering, so obviously being able to block ports is kind of the general goal of your firewall, but having some IP filtering, maybe some fateful IP filtering.
Easy management is also pretty useful. Having them is super complex. And depending on the product especially a lot of the commercial stuff can get more complex. And some of the products I’m going to talk about now actually the complexity can increase a lot.
BPN, having a firewall that has some kind of VPN technology. We’ll talk just about a couple of them. I’m a big fan of WireGuard, but there’s other ones. All right, so one of the first firewall options is the Firewalla.
If you haven’t played with this, it’s a very cool device. And some of the benefits is that it has a pretty simple configuration. They have pre- made hardware kind of different sizes based on how fast your internet and how much traffic that you want to inspect.
It obviously includes some segmentation for you to implement inside of this. And deep packet inspection, and a VPN. So this is one good choice.
If you’re actually following along live with the slides, you’ll see the link for the Firewalla. You can go in there and go to the next one. I saw one question in Discord, I will answer it. This one is,” Any recommended bandwidth for incoming internet connection?” Anything that’s high speed.
I know that seems like I’m going to use air quotes for high speed, but 25. I don’t know, as fast as you can go, I guess, as fast as your budget can afford, especially for a home lab is going to be useful.
But once you get into the real high tier, so 500 and above, it’s not really going to matter too much. All right, so the Firewalla was one of the firewall options. Another one that I really like is PFSense or Opensense.
They are very similar projects. And PFSense actually got kind of bought by Netgate, so they do make some commercial hardware. But PFSense and Opensense are in general open and free, open source and free.
Opensense is a little bit more on the open source side, but you can set up both a PFSense or Opensense system for free. There’s really no licensing requirements. You can also in addition buy products from Netgate, which are kind of already pre- configured in devices.
So from the PFSense side you can buy some pre- made hardware. I believe on the Opensense side they have some pre- made hardware. Or you can build your own. Okay, that’s one of the things. I’ve ran a PFSense box for years and you can just build it on any kind of smaller end device that has a couple ethernet ports.
You need two, you need your internet and your network, your land side. Both and Opensense are actually FreeBSD based, and that mostly has to do with packet routing feed.
They also support some plugins that do a bunch of extra features. Both PFSense and Opensense are very full- featured platforms and they pretty much include most of what you would want to do inside of a firewall, including some of the IPS and more advanced stuff that you might want to implement.
They also include VPN, WireGuard, OpenVPN, L2TP, which I’m not sure he is using that too much anymore, but all the VPN protocols are in there.
All right, here is another great firewall option and this is the Unifi UDM. I actually am running a UDM Pro right now, but it is technically kind of a closed source.
It’s part of the Unifi ecosystem, so if you already have a bunch of Unifi gear, it’s a great choice. If you have no Unifi gear then it might not be the best. But the benefit of Unifi in general from the, I’m going to call them a prosumer, is they’re very inexpensive.
I think the UDM Pro is like $ 300 or something and it includes everything you need. They have large hardware support, so they actually have a bunch of switches and all this stuff. They kind of all work together.
Not to shill out just one brand. It’s good, it’s inexpensive, so it’s popular but it isn’t as full- featured honestly as something like PFSense, so it depends on where you want to go.
It does have an amazing web management system, which is kind of its selling point. And simplicity. Simplicity also takes away from some of the features. And like I said, not as feature rich.
Another company I do want to talk about, a product Microtik. I’ve seen already a lot of people talking about them. They make a ton of different products. Again, their price point is amazing.
It is closed source. They make something called the RouterOS. It pretty much runs on every computing architecture that you could think of, ARM, X86, whatever, and it’s very powerful.
There’s tons of configuration options. I think the only downside of Microtik in my personal opinion, I’ve set up a couple, is that it has so many options it can be difficult to kind of wade your way through if you’re not familiar with what these kind of technologies are.
It does have a large hardware support, so they have a bunch of different types of routers and switches, switch- only router switches, combinations. They also have Wi- Fi gear as well.
Like I said, they’re extremely affordable and they have a large feature set, so there’s kind of a lot you could do with one simple device. They can be complex to set up. Like I said, where something in the Unifi line doesn’t have as many features honestly, but it is just easier to set up.
All right, so Corey actually helped me make this little diagram over firewalls here. And if you can see, this is kind of like the expense going up and expense going down here and your up and down and then features and easy to use going left and right, hard to use and more features.
So you have Microtik and PFSense, DIY, your Best Buy products, which would be your all- in- ones. They’re kind of inexpensive but they kind of have less features, especially for doing home lab stuff.
Some of those products do go very high into the features, but it just depends. And then up here on the top right we also have our Ciscos and our checkpoints, Palo Alto’s and stuff.
They start to include a lot of enterprise features that you’re probably not even going to care about, but the price just goes nuts, and licensing and all kinds of other stuff.
So anyways, let’s talk about switches real quick. So something to consider when you are buying a switch, whatever brand it is outside of firewalls is VLANs. You want a switch that’s VLAN ware. You also want something that you can manage.
A lot of switches nowadays have a web interface, something like the Unifi platform allows you to actually manage the switch from a single pane of glass buzzword alert. But just something to manage it.
Port Speed is also pretty useful. I’d stay away from anything in the 100 meg gig is the minimum nowadays, and 2. 5 is actually becoming more of a standard and then 10 gig as well. The size of that switch is also important, whether you’re going rack them out, something over there or you’re going to have it on your desk or whatever.
So consider that, a lot of the switches nowadays pretty small, compact. Another thing to consider when looking at switches is POE, whether it has or does not have POE, and whether you need that.
So some access points, for example, use POE and some others don’t, and whether you’re going to be using that or not. So how many POE ports it has and what the budget is.
So here’s some quick switching options. So again, like I said, Unifi, TP- Link also has this Omada, which is very similar to Unifi. It’s from TP- Link, having that central management.
I actually have not got a chance to set this up, but I’ve seen a lot of other people home lab using it. Netgear makes some less complex but still has some of the baseline features like VLANs and other stuff.
Microtik also makes some switches that you can hook into. And then let’s talk about Wi- Fi. So one other thing to consider when you’re deploying your home lab is you’re probably going to be using your Wi- Fi.
Maybe you’re just using it for your internet, but one thing to consider is the speed. So Wifi- 6 is currently the latest standard or Wifi- 6E. The consortium kind of changed the standard. They don’t call it 802 11AB, AC, so on and so forth.
It’s called Wifi- 5, Wifi- 6. Anyways Wifi 6 is the current standard, so that’s 5, 2 .4, and you should be able to get about 500 meg. Also when you’re thinking about Wi- Fi, think about scale.
So you just need one access point. You got a really small house, that’s great, but maybe you got a bigger house or maybe you want to deploy more than one access point, so consider that when you’re looking at these.
Management, so how are you going to manage that if you do deploy six access points? Do you have to log into each one to change one setting or change one SSID? Just something to think about. A lot of these products, again, I’m just saying UniFi and also I believe that TP- Link and other ones have started to move to more of a central management or managing lots of access points.
Another thing to consider when you’re looking at Wi- Fi is whether you’re just getting an AP, an access point or you’re getting an access point and router, so this is something like a Netgear that Wi- Fi built into it.
That is technically kind of an access point and a router. Technically really, it’s really a NAT device because it actually doesn’t run particularly any routing protocols, but it does route traffic.
So looking at Wi- Fi hardware, I’ve got a couple different things in here, but Unifi again, makes some pretty decent Wi- Fi gear. TP- Link, Netgear, like I said, Microtik also makes Wi- Fi gear.
There’s some other ones out there like Ruckus and other things like that. Again, the price of poker starts to go up once you start dabbling into more of the enterprise gear, so just things to consider.
All right, let’s talk about storage. So there is a couple different storage platforms out there.
So we’re moving on from networking, we’re going to talk about storage. So we have 3. 5 inch drives, which are going to be your SATA disk and they’re going to be Plater. So this is your slow storage.
This is typically what a lot of S3 is or just Plater disk and it’s going slow. We also have 2. 5, which is your SATA or SSDs typically. They don’t have to be SSDs, but nowadays.
Lower space but faster. And then we move into the M.2 or PCI NVMEs, and these are kind of the three storage options that we have nowadays.
We also want to talk about the differentiate between local storage and network cache storage, which we’re going to kind of go into. So we have kind of the three different storage mediums when we’re thinking about a home lab, our slow disk, our kind of medium speed or SSDs depending on price and then NVMEs, which would be the fastest.
I’m also going to just take a quick talk about RAID. So there’s a couple different RAID types out there. There’s software RAID and there is hardware RAID. Most of the push in the industry has been to software RAID.
Some of those, like ZFS and other kinds of software RAID platforms, some common… So speaking of that, there’s hardware RAID, which is to card. You’re going to plug in a bunch of hard drives, and the RAID controller itself is going to take care of everything.
There’s ZFS, which is part of Oracle I believe. And Solaris started the ZFS. It’s a file system.
It actually does support doing RAID. There’s BTRFS, another open source file system that can do RAID even though the RAID 5 implementation has some issues.
There’s also Linux MD, so Linux RAID, software RAID, you can use that as well. These are some of the more common ones. I put a little diagram here of how RAID works. If you want to learn more about RAID, I’m sure there’s a ton of videos to describe it.
But in general the biggest thing to take away is that when you’re RAIDing you can take a bunch of disks and you can combine them together to create or increase the space.
What RAID can do as well is that it can either clone something which is RAID 1, you could have RAID 0, which just is striping the data across all of the disk. If one fails, you lose all the data.
And then we move into RAID 5, which you actually have a parity drive, so one parity drive. You have a minimum of three drives and a RAID 5. One is parity and you can keep adding drives, but you can lose one drive and still keep the pool.
And then we also move into RAID 6, which actually has two parity drives and then RAID 50 or RAID 60 where you actually start picking groups of RAID 5 pools and adding them together.
The biggest thing to take away is that this allows you to put a bunch of disks together and try to make as much space as you can. All right, so we’ve got our plater disk.
So this is an 18 terabyte drive. This is what they look like in a three and a half. It’s low cost per terabyte. Then we have our SSDs, which are in the two and a half form factor.
And they are pretty fast as an SSD, but they’re limited by the SATA interface that they have, which they share with the 18 terabyte drives over here.
And then finally we have our NVMEs, so this uses the PCI express lane and they are pretty much the fastest. All right.
And talking about storage, we have local storage. So with all those disks, those disks either whether it be a platter disk or an SSD disk or an NVME, they could all live on your computer.
So your laptop most likely has a hard drive nowadays is probably an SSD or an NVME, and that’s just a local drive. And the benefits of that is that you have the fastest read and writes because you have the speed of whatever lane you’re using, but it is single host, so that data just pretty much lives on the host.
And there’s no network limits because you’re not sending that data over the network. And it is also probably the cheapest to deploy local storage. So we also have network storage too, which is something you can consider.
And this allows you to have storage that is shared over the network and other computers can either access that over different file share protocols.
And they have block and file. And the downside of this is that there’s obviously some network limits that come involved with network storage.
So depending on fast your LAN network, your local LAN network is will dictate how fast you can read and write files, and it increases some of the latency.
It’s really great for file storage. Not as good for block level storage, which is pretending to be the operating system or pretending to be a drive.
So with that being said, let’s talk about NASs. So the idea is that we could buy some disk and put it in our computer and that’s our local storage or we could use it over a network.
And to do that we might want to build a NAS, right? So, in that case there’s a couple options out there for building a NAS. I just wanted to kind talk about them.
First is TrueNAS. If you haven’t played with this, it’s come a long way in the ecosystem. It’s a CFS file system, so it has that software rate I was talking about. You can actually virtualize VMs on TrueNAS.
TrueNAS scale supports Docker’s and K3, which is actually Kubernetes, but just in general, think Docker containers. It also supports ISCSI, so you could actually have on disk be assigned to a remote machine over the network, and the machine will think that the disk is local, using the ISCSI protocol.
It also supports the file sharing protocols NFS/ SMB. And yeah, so that’s one good option. Another one too for home labbing that is pretty popular is Unraid.
So Unraid is a kind of different interesting take. TrueNAS uses ZFS as the heart of its file system. Unraid kind of has its own, not necessarily file system but way of rating that’s not actually rating.
The file system is actually XFS is what the file system of each drive is, but it does have a way of doing parity. It does have some benefits, which I’m not really going to get into all the details, but the biggest one is that you can just keep adding drives at will and you don’t have to worry about them being all the same size and some other stuff like that.
Some other features of Unraid is that you can run virtual machines on them. You can make different pools that have SSD, for example, to run VMs and a slow pool that would use something like Unraid. You can also run Docker containers on Unraid.
And it does support NFS and SMB, but it doesn’t support any block level storage protocols like ISCSI. That kind of plays into when you get into something like ESXI, we’ll talk about virtualization, but in general you can still use NFS if you want.
If you don’t want to build, so I talked about TrueNAS and Unraid, those are just two options, there’s some other ones, but those are pretty popular, you can also buy, so Synology is another very popular solution.
And if you do buy a NAS for storage, you’re going to get hardware support. It is a little bit higher cost versus building, but obviously you’re getting this box that you just open up and you add some hard drives and you don’t really have to hopefully too much configuration, simplicity and support documentation, so on and so forth.
I know that Synology, their operating system does support Docker and it does support VMs as well. But just something to note about Synology, for example, is they typically don’t have a ton of computing resources inside of them, so just be considerate of that.
And they’re more of just the storage device, so network storage that you could save a bunch of stuff to over the protocols. NFS, SMB are supported ISCSI as well, supported on something like Synology.
There’s some other brands out there, QNAP and some other ones like that, that also have buy prosumer I would say to enterprise, stuff you can buy off the shelf.
The other benefit of these is they’re pretty low power platforms. When I talked about TrueNAS and Unraid, those are stuff that you’re going to have to build on existing platform or you can combine them together. All right, so we’ve talked about networking, we’ve talked about some storage, a little storage concept about RAID, I talked about kind of the different drives you could buy and what the benefits are, speed being one of them, and then space and cost.
So let’s talk about compute. So we have CPU and right now one of the more prominent or dominant architectures for our computing architecture is x86- 64, I’m just going to refer to it as x86 for simplicity, but most of our systems, now operating systems, are 64- bit.
We also have ARM, which is kind of the up and coming architecture. I say up and coming, it’s been out for a long time, but it’s starting to move more into your traditional computing space.
Another part of compute, we have RAM. We’ve got our PCI lanes, I’m just going to talk about those. We also have GPUs. You can add a GPU. Every system pretty much needs one if you’re going to actually have to interface with it with a monitor, but you could get more powerful GPUs to do things.
We also have management, so a management could be as simple as a mouse and keyboard or it could be more advanced. And then the form factor. So what is it? Is it a laptop, is it a desktop, is it a server that goes in the rack?
What are all the differences and size really? So laptop, mini PC, and then a server. A server could be a mini PC technically, or it could be something that’s much bigger and takes up a lot more space.
All right, so for x86, pretty much general purpose CPU, this is probably what most people are running right now for either their servers or their main operating system.
Obviously has the largest OS support, Windows being one of those. Intel and AMD primarily make x86 architecture processors.
The x86 platform is typically higher power compared to something like ARM. It is probably the best for a server CPU or at any time you’re going to do virtualization. It does have also the largest software support even though a lot of what applications are being re- compiled for arm and it’s not that.
All right, so I’m going to talk about some CPU performance. So I’m going to show you guys two things. Me and Corey sometimes go do is go look at PassMark’s, the different CPUs just to see how powerful they are.
And I wanted to show this as kind of a comparison. This is the AMD Ryzen 9 5950X. And what I’ve done is I went to this website called PassMark. You could just type in the CPU model and look up your PassMark number.
You could do this on your computer right now. And this is kind a general metric of how fast this CPU and how much number crunching it can do.
And the Ryzen 9 5950X is a pretty recent CPU. AMD actually just released their next line, but for this case there is score of 45, 000, and there also is a single threaded performance of 3, 463.
So this is kind of a general how much work it can do. Don’t take this as it will be fast at this. It’s just a general idea. And then you can also see the typical TDP of 105 watts, so you can kind of get an idea of how power hungry this thing is.
I want to show you the next slide, which is the laptop version of that CPU. So this is the fastest Ryzen 9 CPU that you can buy in a laptop form factor, and it drops down to 25, 000.
Now, I just want you to be considerate when I talk about a laptop, a laptop that will have this CPU is a monster. This thing is absolutely not very portable.
Don’t think Ultrabooks, think gaming machine that is four inches thick pretty much. Now, the reason that is the truth is because of its typical TDP, while it’s down at 45 watts, it can boost up to something like 100 and something watts.
So they’ll have a power brick to go along with it. It just gets bigger and bigger. But I just wanted to know about the CPU mark. This is kind of when you do start your home lab journey or whatever and you’re looking at how fast is this, this is just a good easy way to figure out what’s the comparison.
And also looking at that single threaded performance will tell you how snappy something like Windows might be. All right.
So that’s x86 and let’s talk about ARM real quick. So ARM has amazing performance per watt. So this is the other architecture which actually a lot of us use all the time.
And it’s primarily used in our phones, so your iPhone, Android, all of that, the running on ARM. The reason they use ARM is because it’s low power, and you want a battery that lasts all day.
But recently Apple has actually taken that same ARM architecture and applied it to their general purpose computing or Mac OS, not just their phone.
And they did that with the Mac M1 and M2, which are actually very powerful processors in their own right. And with programs that are compiled for that architecture, you get some of the benefits of the power while also unleashing some of the performance that is actually possible with ARM once you give it more power.
There’s also ARM servers out there. We’re not going to go into them, but there are ARM computing platforms. AWS has some. And there are ones that you can actually buy. They get a little expensive, but they can run as a general purpose server.
Raspberry Pi is probably another great example of ARM. So the Raspberry Pi is an ARM- based platform. The Raspberry Pi 4 is actually pretty decently fast. And that is kind of a quick way if you want to play with ARM.
ARM does have general limited Windows support. This was a licensing deal I believe with ARM, but it started to open up. There is Windows for ARM, but in general most people don’t operate Windows out of ARM, so like I said, limited Windows support.
To be determined in the future if Microsoft, for example, releases some laptop that’s ARM- based. It’s also not very good for virtualization because most likely you’re trying to virtualize something that’s not on the ARM platform.
Ipso facto it becomes a little bit more difficult, right? All right, let’s talk about… So, the CPUs that we’ve mainly talked about x86, which is probably what you’ll end up going with, and then we had ARM.
All right for RAM… Also with compute, we got a CPU, we got RAM. Just quickly, there is a couple things to think about when you’re looking at ram, the size of the RAM, so you have DIMMs or SODIMMs.
SODIMMs are usually in a laptop, DIMMs are in your desktop, so there’s just different sizes and the memory chips that go on top of them. There’s also embedded, so depending on if you have a laptop that is really small, they may just solder the RAM right on there and you can’t upgrade.
Another thing to consider is the speed. So DDR3 is an older standard. There’s DDR2 as well. DDR4 is pretty modern. DDR5 I think is the latest standard in memory for a host operating system.
Okay? There’s also registered and ECC. That typically refers to server memory. I bring this up, so if you’re looking at RAM and you’ve got this server, some servers only accept memory that is registered in ECC.
ECC memory has error correction and it’s supposed to be better for overall applications that need to make sure that RAM or memory has not been corrupted.
Also with compute we have our PCI lanes. So we have CPU, we got RAM, we got some PCI lanes depending on the motherboard or if you get a laptop, you probably have PCI lanes but you might not be able to add anything to it.
But with that being said, there’s a couple of PCI different versions out there. This relates to how fast you can transfer down these PCI lanes. So they’re up to version six, but right now version four is pretty mainstream, version five is just starting to move into regular production with consumer hardware from the Intel line.
And they have different speeds and different bandwidth. If you’ve ever looked at a motherboard, these are what the lanes look like. So you have a 1X, a 4X and 8X and 16, but what that means is the more lanes that are in there, the more throughput you can see on this graph here that a 4.0 PCI express with 16X lanes is 31 gigabytes per second.
Not bits, bytes. So lots of bandwidth. All right. So, also if you’re dealing with compute, you could be adding a GPU like this early production 40, 90 or whatever this thing is here.
So, why would you want to add a GPU for home labbing? Maybe doing password cracking. This is a good one for security standpoint.
And also possibly crypto mining. Not a great time, but it’s something that that’s the reason the GPUs are really hard to get. ML and AI, so doing those, what do you call it, different kinds of machine learning.
A lot of that uses GPUs to make that work. Obviously having a GPU for your desktop and GUI maybe usually also for playing games, but talking from a home labs perspective.
There are some downsides to adding a GPU to your system. Obviously if there’s an increase to cost, that could be expensive depending on how fast the GPU is. It can also definitely increase the power of something like the new 40/ 90 I think takes like 600 watts or something.
It’s not. Obviously that power increases when it is going all the time. That can increase the overall cost. It also increased the size of the case and not being able to fit that side there.
All right, so we got CPU, we got RAM, we talked about PCI lanes, so those would be for expansion cards too. GPUs, whether you’re going to get a more powerful GPU or not, and then also management.
So anything that managing your compute could be something as simple as an external monitor or keyboard or maybe something like IPMI, which is very common in server platforms.
And this allows you to remotely manage the host without a keyboard or mouse over the network. Also, you could buy a KVM. If you already have a monitor and keyboard and you put an extra computer as your server or home lab device next to your laptop for example, you could just use a KVM to switch it when you do need that.
But IPMI makes it a little bit easier to manage. There’s also this other really cool device called the Pi KVM. So if you don’t buy a motherboard that has IPMI and you don’t want to use a traditional KVM, meaning that you don’t want this device to be right next to your monitor, you can actually build a little device called the Pi KVM.
I actually have one right here, just sitting here. And you can plug this in and you can use that to remotely access that device.
Super useful and portable. You can use this for a lot of other use cases too. Good kind of home lab Swiss Army Knife. All right, so we kind of talked about some of the concepts of compute, and we’ve talked about storage and we’ve talked about networking.
Let’s talk about some devices in the compute. So home lab level one, you could just use your laptop. So, what are some benefits? Well, low power, low CPU performance.
It does have some thermal limits. And it obviously has some RAM limits because you can only upgrade so much. It’s not always online, and there’s really no expansion.
But you do it to reuse your existing hardware, so you’re reusing your laptop, you’re just home labbing on it, right? It definitely has some limits though. Okay. Next step you could move to a mini PC.
So this is a little bit higher power, but you could use maybe a consumer CPU, and moderate to high CPU usage, or it could have a dedicated GPU if you’re moving into a desktop size, so like a smaller desktop.
RAM limit’s around 128 in the consumer platforms. And it can remain online all the time. So you have your laptop, that’s one option, or you could build a little small mini PC or a little desktop that you run all your stuff on.
And it does offer some expansion depending on how big of a case you get. And you could reuse some of the hardware. The next step would be a server. So this probably is your highest power consumption.
You could use an enterprise CPU and you could have multiple CPUs in a server. They could be high CPU performance, so you could have CPUs that are very fast. You could have dedicated GPUs in this kind of setup.
Your RAM limits could be in the terabytes. So one system with terabytes of RAM. Obviously a server can remain online all the time. You have something dedicated for this. You could get a lot of expansion depending on the size of the server, whether you put it in a case or you put it rack mount.
And obviously it’s dedicated hardware. And in some of the server class items you have redundant hardware. Okay? All right, let’s look at some computing options.
This is where all the opinions start flying, but all right, the first one: buying a mini PC. Okay, so a small footprint, low power, obviously limited on RAM because it’s kind of a mini PC, but you can put it wherever.
And limited on expansion because it’s small, but you can also easy to cluster. So this computer here I’m looking at is the Dell Optiplex 7070 Micro. You can pick them up for about $ 300 or whatever on eBay, which I’ll talk about where to get parts.
But something like this is great as an entry level home lab server. Has x86, all the other fun stuff. It’s nice and small, and you can buy a couple of them if you want. All right.
I put a link in here for the tiny home lab. I think I saw that one fly across the screen just a little while ago, but that’s a little redo about that. Or you next step after the mini computer would be building a desktop.
You could use your existing hardware downward. If you stay in the consumer GPUs when you build this desktop, you can get a little cheaper. You can keep low noise if you use large fans that keep quiet.
There’s lots of hardware choices when you’re building your own desktop. It’s going to be kind of fun. You have the flexibility to expand to a new chassis or add new stuff later if you want. You can focus on the performance that you want and cheaper upgrade, so building a desktop is a great way.
As far as CPUs, I do like the Ryzen 59 series or the 30 series is actually pretty fast. And I would avoid anything 12th gen or newer for the Intel if you’re going to do virtualization because Intel’s newer CPUs use a big little architecture and it uses efficiency and performance scores and.