On the main interface, it does not filter out the tagged networks packets. It sends tagged and untagged packets to the VM’s that are on that interface.
When you need a VM to communicate on different vlans, it is easy for it to work.
When you want your VM to be isolated, you need to have it on a vlan. This is a Very important thing to be aware of.
For a better security posture, no VM should be on the main interface in XCPNG.
I have NetAlertX up and running. It is configured to see all devices on all networks (vlans) from ARP requests.
Still to do.
One project that I have been pondering for a while is using Home Assistant in my home/home lab to have some home automatons (lights, water plants, AC, Thermostat) and integrate an LLM for voice and audio interactions. In a nut shell, make my own “alex, siri” and keep it all isolated to my home and on my network.
This will be a fun and informative experience. It is also a lot of small pieces, it can be built out slowly, bit by bit over time.
I have an alert and notification in Graylog that sends me a slack message when one of my systems runs Alsible pull. (Pulled from Sys Logs)
I do not need a fancy or in depth message, just that X host has run. Here is my custom message.
${foreach event.fields field}
${field.key}: ${field.value} ran ansible at ${event.timestamp}
${end}
I also have a custom field set up under the alert as
template: “${source.source}”require_values: true
When I have developed my Ansible playbooks more, I might implement this into my ansible deployment.
https://xen-orchestra.com/blog/virtops3-ansible-with-xen-orchestra
The services that I am planning/pondering self hosting in my home lab.
Core Services
WAN Services
LAN Services
This is a current list of the services that I have running in my home lab.
Core Services
WAN Services
LAN Services
Redacted
As funds/resources allow, I am planning on upgrading my main switch to a 10GbE switch. I am still deciding to go either SFP+ or RJ45. Either way, I will need to buy some RJ45 to SFP+ modules.
My current AP does all that I need it to. I am still wanting to upgrade it to a UniFi AP with WiFi 7 and a 10GbE port. My current AP will then be moved to my parents place to be in the mesh therefor greater coverage and stability.
As always, upgrade/add servers to the rack. My production server is still running with a v1 XEON server. When I am able to find a V4 based server with more than 32GB of RAM, it will be upgraded next. The last server, the “cluster,” will be the last server to be updated when my resources can allow it.
Hardware wise, the last task that I need to complete is to have both of my UPS’s monitored, and automated to shutdown the home lab in a staggered progression, to maintain the core services up time. I have not decided if this will be in a VM on the production server, or if it will be on a dedicated “miniPC.”
The following diagram, the first one I have made, is the current layout of my home lab. I am in the process of building the Kuberneties cluster, and will fully install it soon.
