Hardware Changes, ESXi Returns, and CUCM
When it comes to budgeting for a homelab, you have to think critically of what you spend your money on, and how you execute your plans. Spend too much on switching and wireless, and you might not have enough for infrastructure and storage. Lock yourself in to an ecosystem, and it's hard to escape.
Ubiquiti hardware is way overpriced, for example, take a USW-48-PoE and compare it to something like a Cisco 2960S-48-FPS-L, both have 48 ports, 4 SFP ports, and POE+ (at). Yet, the Ubiquiti switch is $600 used (at minimum), vs $80-100 used for the Cisco equivalent.
Sure, Ubiquiti has "cloud managed" capabilities, and a fancy GUI, but at a fundamental level, both devices can perform the same tasks.
Ubiquiti has this way of "trapping you" into their ecosystem; it's like Apple, you buy one product, and next thing you know you've got every product they make.
This is exactly why I decided to completely ditch Ubiquiti completely, and switch over to Cisco for switching, wireless, and telephony.
Switching
Keeping things simple, for my distribution switch (whole home networking) I got a 2960S-48LPD-L, 48 ports, PoE+ (AT), and 2 SFP+ ports for core switching back to the rack.
This switch does an excellent job powering my APs, phones, and whatever else I throw at it, and runs iOS 15 codebase, which met all of my goals. And, it only cost me $70 on eBay.
For the rack core switch, I went a little "above and beyond" selecting a WS-C3750X-48P-S, and opting for a C3KX-NM-10G module for 10GB network connectivity.
This switch opens up the possibility for layer-3 switching later on down the road, although for now I've elected to stick with an easy to manage layer-2 network model, leveraging a router-on-a-stick inter-VLAN communication setup.
I purchased this from a mutual for $60, as he does equipment recycling and said he could hook me up.
For my 10GB Network, I had a hard time determining what to deploy, it needed to have at least 16 ports, and of course, be rack mountable.
After eBay sleuthing for a couple of weeks, I came across a stupid-to-pass-up deal on an Arista 7124SX. Sure it's a datacenter switch, and it might be a bit loud, but for $100, how could I possibly say no!
This switch is a bit "hungry" in terms of power, sipping 100w+ from the wall, and sounding like a jet engine at times, but boy does it "just work" and that's good enough for me to keep it.
Wireless Connectivity
This one was a bit of a headscratcher. I wasn't honestly sure what I was going to go with. At first, I was going to use Cisco wireless APs in Mobility Express mode, but I'm always itching to have fine-control over how my hardware operates. To do that, I had to opt for a Cisco vWLC, or "Virtual Wireless LAN Controller" which is a virtualized appliance.
Sure there are other options, like the c2504, or the c5508, but they both run older codebases, and I like the newer stuff Cisco has to offer in terms of management panels and compatibility.
I picked some APs on eBay that were fairly priced, 2802i's and a 1810w, and got to work.
I elected to use the 9800CL vWLC, it's modern, supports a lot of devices, and runs on almost anything. Licensing is weird, Cisco uses an "honor system" on alot of their products, basically you don't "technically" have to license anything, but if you get audited they might fine you, or terminate your service contract.
There were a few compatibility issues, apparently the 28xx series was "unsupported" and then "readded" to a later revision of 9800CL firmware, it's weird, but I guess enough companies complained and Cisco waivered.
Then, the 1810w wouldn't work, so I had to go back a few more revisions to a compatible version, but not too far back to lose 28xx support, eventually I found the sweet-spot where everything is supported and stuck with it.
Finally, I ran into issues with getting packet routing to work, basically in a nutshell, there's 3 important (VLANS) "networks" (I'm going to say VLANs, since it's easier) that you have to setup.
- Management VLAN (Accessing the GUI, aduh)
- CAPWAP VLAN (Sending instructions, and generalized network traffic to APs)
- and network traffic. (I'm grouping these together, but various access VLANs associated with SSIDs)
Cisco calls this deployment method "Central Switching" or "3rd Generation"
I found that you CANNOT tag a wireless network with VLAN 1. No matter how much I tried, or how I went about doing it, it just wouldn't work. So I had to setup a separate network for my wireless clients and configure ACLs to allow communication on my router.
After all that headache, I finally got everything working. Wireless clients connect, traffic flows, and everything is Hunky-Dorey.
Is this overkill for a home network? Oh yeah, absolutely. But was it fun? Sure, if you like torturing yourself.
In the end, the APs are cheaper than dirt at like $15-40/ea for AC/B/G/N, WAVE2 capable devices, and the controller is technically free as long as you're okay with spending a few hours troubleshooting things.
Telephony
Phones, nobody uses them at home anymore! Why bother?
I swear I heard this like 100 times from my fiancée, each and every time I switch vendors he goes on this tangent about "why do we need a house phone, they're annoying, we'll get spam calls, etc."
He's not wrong, we don't need house phone(s), but there's just something so magical about running a whole PBX in-house for giggles. Not everyone can say they operate a call-center grade setup just to make and receive like maybe 5 calls a year.
That, and A LOT of companies run their business on CUCM / some sort of PBX, and being able to say "yeah I've setup, and maintained a PBX" is pretty handy in interviews.
Moving on; In my setup, I've got a handful of VMs that operate "the stack" as I dub it:
- You've obviously got CUCM for registering phones, managing end-users, etc.
- CUP for managing IM and presence, mostly for Jabber.
- CUC for voicemail and call-routing
- and, because you want to make inbound/outbound calls, a CSR1000v.
(Virtual Cloud Services Router)
This stack was the bane of my existence for a solid 2 weeks, I had to learn the fundamentals of how they all work together hand-in-hand, and how to connect them all together.
Another thing to note is Cisco doesn't like you running their appliances on non-approved virtualization hosts. I.e. Proxmox, XCP-NG, etc. They have a limited set of options, being mostly VMware and Citrix products (Of course). We'll circle back to this in a bit.
I noticed that Cisco likes to "split things up" compared to other vendors that tend to package everything in one VM, like FreeSwitch or FreePBX. It's weird, but I can see the reasoning. You want scalability when you have a setup with thousands or hundreds of thousands of phones across the country; a single VM isn't going to cut it. You need to split the load, and when it gets overloaded you just fire up another instance of whatever you need and connect it to your stack.
Previously, I'd picked up a few 7821's from a mutual, and converted them to MPP following Cisco's guidelines and using some sketchy licenses, but they felt really "half-baked" and I didn't use them with my own PBX, instead opting for VOIP.ms's free solution.
I converted those back to UC firmware, and picked up a few more UC devices:
- 8845 Video Phone for my desk, replacing an 8861, as it was 3PCC native (Migration license is expensive, not worth it)
- 7925 Wireless Handset
(These are dope, always saw them in hospitals and wanted one)
- A Telepresence device (DX80) for experimenting with.
I tackled provisioning those devices, grabbing firmware packs from the internet and uploading them to CUCM so that it has firmware to provide to the phones, and got everything onboarded and ready to go.
I also deployed Jabber on my mobile devices, as well as my desktop so that I could make / manage calls from anywhere, always nice to have the option.
After setting up "the stack" in an experimental configuration, I finalized things, and switched over my VOIP.ms call routing to send everything to CUCM.
Not too bad, although licensing is difficult w/CUCM. Cisco is a bit more "tighter" on the whole "no freeloaders" thing and doesn't do the honor system here. Instead, I opt for 90-day demo licenses and apply them as needed. A solid workaround, but I wish they had NFR/Lab licensing.
ESXi Returns
A while back, I picked up a 3rd VMhost from a buddy. He purchased a Hyve Zeus box after he saw I had purchased one, but ultimately decided it wasn't for him. I offered to buy it off him for a significant discount and he obliged.
I noticed that it supports ESXi 7.0, and because I love labbing everything decided to roll it on there for some specific labs.
I loaded it up with 128GB of DDR3 ECC, slapped in an Intel X520-DA2 and off she went. Super-simple setup, and runs just like my other 2 hosts!
I also opted to deploy vCenter so that if in the future, I add additional nodes w/ESXi, I can manage them centrally.
I'm still debating on migrating another host over to ESXi, I'm more accustomed to it, as my first lab ran ESXi, but alot of labbers are moving away from it as the Broadcom acquisition changed how licensing works, and took away free licensing.
Businesses aren't going to be willing to switch on a dime like that unfortunately, it costs a lot of money to migrate things over, and purchase new contracts, so it's not like it'll be useless knowledge. Most companies will still be using it!
Upcoming Projects, A Note From the Author
I've decided I'm going to probably continue gapping these posts, I don't have a lot of time these days to write these and work on projects like I used to. 4 months seems reasonable, and I can cram a lot more content into these posts that way, making them feel like a well-fleshed out article.
At work, I've picked up quite a few new responsibilities and the "downtime" that I used to have has withered away lately. Always a new fire to put out, or new problem to solve. Typical.
I've been trying to project manage more at work, picking up migration projects, deployments, etc. Really teaches me a thing or two about laying out an idea and planning on how to enact it with our team of contractors and my boss.
There are a few more projects planned down the pipeline; WIFI-HALOW / PTP networking, I want to build a backup server for Veeam, upgrade APs, etc.
I'll get to them eventually, I've got a few trips planned this year, and that may affect budget a bit. We'll just have to wait and see.
Until next time,
Thanks for reading!