I have begun a project I call “The Pocket Internet” wherein I incorporate all the techniques I have learned in the design, maintenance, and integration of all servers, routers, switches, desktops, etc. required to stand up an ISP grade network. This page will be dedicated to showcasing the highlights of this Pocket Internet, including all the back-end work that went in to making it a reality. For example: a SIGNIFICANT amount of Linux Bridging was required to tie together resources in GNS3, Linux-KVM virtual machines, and my physical lab network. Conceptually, it’s all represented in a GNS3 project, but in reality there were some limitations in GNS3 that took some creative problem solving and design to address.
I will be looking to add configurations examples, how-to’s, and other helpful materials to not simply showcase what I’ve done, but if possible help others find some direction in their own lab projects.
Here’s an overview of my personal “Pocket Internet”:
The red block is where I’ve connected access to my physical lab. It’s basically the door to the “real internet”. The purple-ish block is my “home office”. I have an OPNSense firewall between the real world and the home office which also serves DHCP to the home office. There I have my original L2 OpenVPN test (which I need to get rid of, actually), a Workstation, and another firewall leading into my data and transport centers.
The dark green blocks are my data / transport centers. I am currently running MikroTik as it is probably the best lab router there is. It can handle all the protocols I need in one neat package for little to no cost. I have experimented with using OpenBSD and FRR, Nokia SR-Linux (this has a FASCINATING tale behind it regarding how I managed to implement the system “in GNS3”), and Linux with FRR, but they all are lacking in one or two protocols only found in one of the others. Nokia SR-Linux came the closest as an alternative, as it can at least handle SIMILAR protocols, but I’m trying to represent a very specific environment, and in that environment I need: BGP, VPRN, VPLS, VRRP, and OSPF.
The light blue blocks represent my Direct Internet Access. Not much to say there. They’ll peer with each other and they’ll peer with a contemporary of mine who was inspired by my project to start his own. We have even managed to use OpenVPN to establish a Layer 2 tunnel so that his DIA router and mine can establish BGP adjacency as if they were directly connected. The yellow blocks are we I establish that link. The light green blocks will be for a similar link but instead will represent peering directly between two ISP’s. So think of light blue and yellow as your Level 1 providers and think of light green as two ISP’s peering directly.
Lastly the brown blocks represent end-users or “customers” of this little pretend ISP. I am using OpenWRT to represent the customer router and a lightweight linux desktop beyond that for the LAN side devices.
See my Linux Administration section for some discussion of HOW I set these up.