The Goal

Here is my goal.

Now keep in mind, if you’re working on your own network, mine is likely overkill for most, yet not enough for the more technically astute.  However if your network is simple, there’s still information here that can be of benefit.

I have a Cisco 1811 router which I obtained as a used item, yet it’s still functional.  This I will use to connect to the Internet via DSL and then ALL other devices will connect with it.  This is a good thing because it is capable of doing a lot more than what a basic residential router can do.  i.e. VLANs, GRE tunnelling, etc.

I do have the need for wireless connectivity for a Laptop, Nintendo Wii and a DS.  For that I have a Linksys wireless router.  Of course, be sure to enable the wireless security on your own wireless connections.  A few years back I drove through a neighborhood with NetStumbler loaded on my laptop and within 10-15 minutes time had detected 80 or so wireless signals with 80% of them unsecured.   The last thing you would want is someone doing something illegal on your internet connection because it will be linked back to your connection.

Also attached to my network (where the 8 switch ports on the Cisco1811 will come in handy) are 2 desktop computers, a printer and an XBOX.  I have a spare computer which is going to come in handy with this project in that it will have Linux on it for running various servers.  I have another old PC that will also have Linux on it as well.  Your old computers can still be useful for something.

One of these Linux boxes will be an Apache server for serving up web pages from my network.  I do not intend on running a domain from this, but rather just have a place for accessing files I might need remotely, or for sharing with friends and family.  It will have any easy way to access the information, but will have a degree of separation from my network for security purposes.

The Linux box inside the network (VLAN 1) is going to have other services running.

Nagios is a good service for monitoring the status of the network.  It can monitor the network connections of all the  devices you need to keep your network operational.  It could keep track of whether ALL devices are connected and on, but you would need to keep ALL devices powered on then.  Otherwise it will show alot of downtime when the device is turned off, giving the impression that there’s a problem on your network.  It can even e-mail you or in many instances text message you of any problems.   You can also have it keep track of services running on your Linux servers, again notifying you of any trouble.

Cacti is another service that can monitor SNMP messages from your routers and servers, giving you a graphical display of things such as processor usage, memory, bandwidth of each interface, etc.  (If you’re interested in that.  I will be, so you can visit again at that time that I delve into it.)

Apache will need to be installed on this machine, due to the fact that both Nagios and Cacti provide details via web interface.

Squid Proxy Server is another server that hopefully I can get installed and working properly.  I was successful a while back, but they have since changed things in the configuration, so I’ll be starting anew.  A Proxy Server will cache web data when computers on your network visit sites on the Internet.  So my more regular websites will be served faster since alot of the data won’t need to be downloaded from the Internet again but rather from my local Proxy and it’ll cut down on my bandwidth, due to the same reason.  Since my ISP has a bandwidth cap, this may come in handy.  We’ll see.

One more note on Squid, is the ability to setup a 3rd party service that creates a database which can be updated regularly that blocks web sites that you chose by category.  Once Squid is setup and working, that will be the next task to tackle.

A Mail server is also in order for notifications.

As shown in the planned layout, the network will be divided into 2 VLANs where VLAN1 will have access to the server in VLAN 2, but VLAN 2 will not have access to VLAN 1, keeping out anyone who may try to compromise the server.  This is where having a Cisco router/switch will be an asset.

If you’re curious about the device above the printer, that is a Network Attached Storage.  It’s a great place to store files that you can then access from the other computers on the network.  It stays on, therefore when you want to listen to an mp3 you have, you don’t have to make sure that the PC that has the mp3 file on it is turned on, you just need to access your NAS through your network.  I may eventually move this service to the Linux server with an additional hard drive and create a file server on it instead.

Plans are subject to change as we go along.  Every day it seems I find something else new and useful.