Setting up a Nested Internet for our Homelab - Part 1
Title seems a bit strange and even a bit overly optimistic.
However, we are not reinventing the Internet, what we are doing is just simulating a small scale Fake Internet to allow us to play around with some dynamic routing and simulate inter-datacenter connections inside our Homelab without the need of multiple physical sites.
In this post we will focus in the Logical Level of the setup, leaving the details for following posts.
Creating our “Fake Internet”
Since we are doing this in a HomeLab and everything will be nested datacenters, we will need to create our own “Fake Internet” to allow us to simulate our _inter-DC connections.
A Fake Internet will need Fake Providers and Fake Peering
In our case we will use Lab Router as our Fake Provider peer, and will us BGP to keep it similar to the Real Internet.
For our Fake Internet will use Autonomous System Numbers (AS) from the private range: 64512 – 65534
We will give to each of our nested datacenters their own AS number to allow us to give each of them a Public Segment and to play around with some BGP.
Also we will use some IP private ranges for our Fake Internet and Nested DCs public address space.
BGP Peering between our datacenters and our “Internet”
Lets use DC01 as our example of how we will setup the BGP peering between our datacenters and “Internet”.
For each of our datacenters we will setup an eBGP peering with our “Internet Provider/Carrier” router (Lab-Router). We will be propagating using BGP all the “Public Segments” assigned to each of the datacenters (in green).
How will we do it
We will be using VMware vSphere as our Virtualization platform since it will give us all the performance, flexibility and stability that we will need for this, and also it is the current installed platform in my Homelab.
For the network components of the solution we will be using:
- Free Range Routing (FRR)
- Cumulus VX
- pfSense
- VMware NSX - NSX-v and NSX-T)
I will not cover the installation of each of these components on this series, since there are multiple ways of installing it and multiple flavours to choose.
In my personal case, for example, being a Slackware user, some compiling and tweaking was needed to get FRR up and running on my DC01 router, since I decided to use my Home Network gateway as the DC01 router instead of installing an additional appliance.
However, most of the installations are straight forward if we keep under the “supported options”.
Goal
Our main goal with this setup, in first instance, is to use BGP routing to propagate our Public DC segments throughout our Fake Internet and make those segments reachable from any datacenter.
This will allow us to create inter-datacenter connections over our Fake Internet.
Once we get that working, we will kick off with the 2nd part of our setup, which will be setting up IPSEC tunnels between datacenters to allow us to reach their internal management networks.
In summary, we will be setting up a SD-WAN wannabee solution to allow us to setup full inter-datacenter connectivity.