Course Content

Every profession has its tools. As a network engineer, we need networking devices. Not only to build production networks but also to study and build labs or prototype networks. This is why we can utilize a home network lab. If your goal is just to pass an exam, you might not want to build a complete home lab. If networking is just part of your job, this could be an option. The information in this course about emulators and simulators should still be useful to you.

If you want to become a networking professional, a home lab is a great investment. Your goal should not be to pass one or a few exams, but to become a lifelong learner. A decent home lab will help you throughout your career. You can try anything in your lab without messing things up. Do you encounter problems at work that you can’t figure out? Rather than testing something on the production network, recreate the issue in your own lab. Want to learn something new? Build it. You can build anything and tear it down.

You could argue that providing a lab is your employer’s responsibility, especially when dealing with expensive equipment. However, learning new technologies and closing knowledge gaps is your responsibility. One major advantage of networking compared to other professions is that we can learn a lot in the lab without leaving the comfort of home and without the risk of messing things up on the production network.

Your home lab should be simple and convenient. If it’s a hassle, you won’t use it. A home lab isn’t something you build once and finish. Instead, over the years, you will add and remove hardware.

In this lesson, I will outline what you need to build a home network lab. We will answer the following questions:

• Should I buy hardware like routers or switches, or use emulators or simulators?
• What hardware should I buy?
• Is this router or switch suitable for CCNA/CCNP/CCIE?
• What emulator should I use?
• What software do I need?

I will explain your options and the pros and cons of each. Let’s dive in!

Hardware

Nowadays, you can virtualize many networking devices. Vendors offer many Virtual Network Functions (VNF). For example, Cisco has these virtual devices:

• CSR1000v
• Firepower NGFWv
• ASAv
• vEdge Cloud

However, not everything can be emulated. Some things work better on real hardware. I will explain this further in the switching section. You don’t want to waste time figuring out whether the issue you’re encountering is caused by the emulator, simulator, or a configuration error.

Let’s look at some hardware options.

Cisco

Let me explain how to figure out what hardware you can buy. This may take some time, but it’s a valuable skill. If you want to study for the CCNA, CCNP, or CCIE exams, and whether you need to design a production network, you need to figure out what hardware you can use.

You need two things:

• The exam blueprint for what you want to learn. For example, this is the CCNA blueprint.
• Cisco’s Feature Navigator.

You can find out what features different router and switch models support. For example, I can see if specific IOS (XE) versions of the 3560CX and 3850 support MACsec:

You can look up any feature, model, and IOS version to see if it’s supported.

Licensing

As explained in the IOS licensing course, licensing can be complex. Even if this is a home lab, you should have a legitimate license. On older Cisco devices, it’s easy to download an image that contains all the required features. Newer devices have all the features, but you need a license to unlock or activate them. Your employer may have a support contract with Cisco; you might be able to obtain a license through them. If you buy used hardware, check what licenses that device has.

We cannot provide any Cisco images. The only official way to obtain a license is through the Cisco website.

Switches

Switches use ASIC to perform some tasks in hardware rather than software. This is why some things work more effectively on real switches than on simulated switches. One example is IGMP snooping. You can configure this on a simulated switch, but you will get some strange results.

If you want to practice Quality of Service (QoS), you can use a simulator and see “clicks” in the access list. However, if you want to see real traffic patterns, you should use real hardware. If you want to test features like VSS or Stackwise, you also need real hardware. Switches are also useful when your IP phones or wireless access points require Power over Ethernet (PoE).

Many switch models have 8, 16, 24, or 48 ports. Compared to models with more ports, 8-port models typically are quieter. If you buy a real switch, I would get at least three. This allows you to test protocols like Spanning Tree without any issues.

Routers

Routers are easier to virtualize than switches. Most protocols you can configure on routers do not require ASIC like we do on switches. If you have real hardware, I recommend buying three routers. You need at least two routers to route packets between them, but in some cases, you need at least three routers. For example, OSPF DR/BDR.

Servers

Besides networking devices, you also need to run some software. This can be emulators or simulators, but there are also some other applications like iPerf or FreeRADIUS that are very useful in the lab. We will discuss this further in the software section. Let’s look at some hardware options to run such software.

PC/Laptop

You can use a PC or laptop, but dedicated servers are a better solution. There are three reasons:

• You might spend days on some labs and larger topologies. Constantly shutting down and restarting is a pain.
• Some labs require a lot of CPU cores and memory. For example, an SD-WAN topology with multiple routers needs 10 CPU cores and ~32GB of memory.
• Dedicated servers may have extra NICs that you can connect to switches and routers.

What dedicated server should you get? Let’s take a look.

Retired Servers

With technological advancements, servers reach end-of-life (EOL). Companies decommission these servers. This is a great opportunity to acquire servers for your lab. There are a few things you need to consider:

• Form Factor: Servers come in tower or rack-mounted formats. We will discuss racks in the server rack section.
• Power: Some servers consume much more power than regular laptops or PCs.
• Noise: Many rack-mounted servers are designed for data centers with limited physical space. These servers use small, high-speed noisy fans.
• Heat: Depending on power consumption, some servers can generate a lot of heat.

Two popular server vendors are:

• Dell: R610 or R710 servers are popular.
• HP: ProLiant servers are well-liked.

Be cautious not to buy servers that are too old. Some older servers have CPUs that modern hypervisors do not support. I will explain what a hypervisor is in the virtualization section. VMware has a useful compatibility guide to verify which version of ESXi your server can run.

Remote Management

You don’t want to walk to the server every time you want to power it on, reboot, or install new software. Your server should support remote management. This allows you to remotely:

• Power on or off the server.
• View the screen and use a virtual keyboard and mouse.

Some remote management tools allow you to remotely mount ISO files so you can install operating systems on the server. Some examples of remote management software are:

• Dell: IDRAC
• HP: iLO
• Supermicro: IPMI

Intel NUC

The Intel NUC is a mini PC but with powerful hardware. These systems do not require much power, do not produce much noise, and do not take up much space.

Since the 7th generation NUC, some Intel NUCs offer AMT vPro: Intel Active Management Technology. This allows you to manage and control Intel NUC remotely. Intel NUC is an excellent choice for a home lab.

Raspberry Pi

Raspberry Pi is a popular choice. You often see these in home labs. They are inexpensive and do not consume much power. However, the hardware is limited. They can be used for applications that do not require much CPU power, memory, network bandwidth, and I/O. One downside of Raspberry Pi is that they use SD cards for storage. These can easily fail when power is lost or when you write too much data.

Dedicated servers with virtual machines (VMs) and containers are easier to work with.

CPU and Memory Requirements

How many CPU cores and how much memory do you need? It depends on what you want to run. Below is an overview of the requirements for different virtual network devices:

A small lab with three CSR1000v routers and three IOSv2L2 switches requires 6 CPU cores and about 8GB of memory. Some labs require a lot of CPU cores and memory. For example, an SD-WAN controller requires about 8 CPU cores and around 20GB of memory.

Console/Terminal Server

If you are using networking devices, then you must use a console to configure the devices. Cisco devices have blue console cables. Other vendors use similar connections.

When working with the lab, you don’t want to move the console cable from one device to another. Depending on your hardware choices, you may want to move the lab to a place like the attic or basement where noise and heat won’t disturb you.

Having a central device to which you connect all your network devices with console cables makes it easier.

You can build something yourself with Raspberry Pi, or buy a Cisco terminal server. This works effectively, but you also waste time patching and getting the terminal server to work properly.

It’s better to buy a dedicated console server. These appliances are expensive when buying new, but very cheap when buying retired appliances.

I’m using an Avocent ACS 6032. You can use regular UTP cables as console cables, which is convenient because you don’t have to create your own cables.

I like using UTP cables that match the color of the Cisco console flip cable.

You can access all console ports via telnet, SSH, or GUI. Here are some other console servers you can check out:

• APC AP9303
• Digital CM32

If you know of any other good console servers, let me know and I will add them to this list.

Power Distribution Unit (PDU)

If you put the lab in another location, you don’t want to go there every time you want to power it on or off. A Power Distribution Unit (PDU) is a device with multiple power sockets that you can control remotely and individually via GUI, telnet, or SSH.

Like console servers, PDUs are expensive when buying new servers but very cheap when buying retired servers. There are horizontal and vertical models. Here is a picture of an APC vertical PDU:

Vertical PDUs are called Zero U because they do not require horizontal space on the rack. You install them vertically next to the rack.

Uninterruptible Power Supply

Unless you live in an area with frequent power outages, you really don’t need a UPS. If you do, get a UPS with a maximum runtime of 5-10 minutes. This should be enough time to save your work before you lose power. If you buy a used UPS, make sure the battery is still in good condition.

Make sure to check the UPS regularly to ensure the battery is still in good condition.

Topology

If you buy real hardware, you need to consider the topology you will be using. Every time you want to create a lab, you can start from scratch with the cabling, but this becomes cumbersome.

Physical

I recommend connecting switches in a triangle like this:

If you have four switches, connect them in a square:

By connecting switches like this, you can mess around with Spanning Tree and Ethernet channels without having to reconnect anything.

Connect routers and other network devices to the switches:

Most routers have two built-in Ethernet interfaces. This physical topology allows you to practice almost anything without having to re-cable your lab.

Logical

Our physical topology allows us to create any logical topology we need. For example, using VLANs or sub-interfaces, I can create this topology:

The physical topology looks like this:

Once you’ve built the logical topology, you can save the configurations of your routers and switches in NVRAM. This allows you to quickly reuse the logical topology in the future.

Wiring

If you have a larger lab, you might want to use a label printer that supports cable wrapping labels. For example, I use a DYMO Rhino industrial 5200 label maker. Printing and sticking labels take 30 seconds, but later when you have to identify cables, you will save time.

The more devices you have, the more cables you have. I have 6-8 UTP cables going to one server. Following UTP cables can be painful. If both ends have cable wrap labels, you can quickly identify cables. I use a random 4-digit hexadecimal value.

Server Rack

If you only have a few devices, it’s fine to stack them together. With a larger lab, you might want to consider a server rack.

Server racks are designed to organize and accommodate IT equipment. Server cabinets are similar to server racks but enclosed with doors and side panels. For a home lab, I prefer open racks because they allow easier access to everything. You will see server cabinets in data centers for optimal airflow.

Besides rack servers, there are some other options like desktop open rack mounts or wall mounts:

Server racks are measured in “U”. One rack unit (1U) is 44.45 mm or 1.75 inches. Rack-mounted devices are typically specified in height in U. For example, a 1U server or a 2U network router. Full-size server racks are usually 42U.

For devices without rack-mounted options, you can use rack shelves:

If you are looking for a server rack, pay attention to its depth. Most network devices like routers, switches, and firewalls fit any rack. Servers or data center switches are usually much deeper. For example, the Cisco Catalyst 3850 switch is about 44 cm / 17 inches deep. The Cisco Nexus 5548 switch is about 75 cm / 29.5 inches deep.

I have a StarTech open rack with an adjustable mounting depth of 22 to 40 inches.

Purchasing

Last but not least. Where do you buy (used) hardware? eBay might be the most familiar option. In the US, there’s Craigslist. I would also keep an eye on auction sites. Sometimes, you can find deals under the radar and get equipment cheaper than what you usually pay if you purchase from people familiar with price sites.

Software

Now that we’ve covered enough about hardware, let’s look at the software.

Emulators

Emulators “simulate” Cisco IOS (or other operating systems) so you can practice configuration, show, and debug commands. Emulators do not run real operating systems; they just mimic commands and output. As long as you try things within the emulator’s scope, everything is fine. If you want to go further than what the emulator offers, you’re out of luck. Two examples of emulators are Boson’s Netsim and Cisco’s Packet Tracer. If you only use the emulator for a specific goal, then the emulator might be useful. For example, Cisco’s Packet Tracer was created for those studying for the CCNA exam.

Simulators

Simulators are more advanced than emulators because they run real operating systems on different hardware. Simulators are a great option either as your primary lab component or as an additional component alongside your real hardware.

Let’s look at some simulators.

GNS3

GNS3 is one of the earliest simulators. The first version was based on the Cisco Router Simulator Dynamips. Dynamips could simulate Cisco 1700, 2600, 2691, 3600, 3725, 3745, and 7200 routers. These routers are now quite old, and you can no longer run the latest Cisco IOS images on them. Over the years, GNS3 has improved. Nowadays, you can simulate network devices from over 20 vendors, including the latest Cisco images. The software is free.

Cisco CML

Cisco’s first simulator was called VIRL. Later, they renamed VIRL to Cisco Modeling Labs (CML). Running Cisco IOS software on non-Cisco devices is a legal gray area. With Cisco CML, you can legally choose to run Cisco software for your lab. Cisco CML is not free. If you want to try it, you can use a sandbox for free for 4 hours.

CML runs well but only includes some Cisco images. Running anything else besides the built-in images is a pain.

EVE-NG

EVE-NG is a simulator that supports images from many vendors. You can also run virtual machines and Docker containers. There are free and paid versions. If you ask me, it’s more affordable than Cisco’s CML and easier to use than GNS3.

Miscellaneous

There are some useful software options for your lab. Here are some examples:

• Syslog Server: You need one if you want to send syslog messages from network devices to an external server.
• LibreNMS: This is one of your best options if you want to test SNMP.
• OpenVPN: This is a great solution if you want to access your lab from outside your network.
• FreeRADIUS: If you want to test AAA and 802.1X.
• TFTP Server: Want to store your configuration files elsewhere? The TFTP server takes care of that.

Do you have any other favorite tools? Let me know and I will add them to the list.

Virtualization

About twenty years ago, we ran an operating system on physical hardware:

Nowadays, due to virtualization, a single server has ample CPU power and memory, allowing us to easily run multiple operating systems simultaneously:

On top of our physical hardware, we run a hypervisor. This allows us to create what are called Virtual Machines (VMs). A good hypervisor is VMware’s ESXi. There are two reasons:

• You can download ESXi for free.
• Many vendors provide images that you can easily import into ESXi.

I use VMs to run some of the tools I described earlier, but I also use them as “hosts” or “desktop” devices. I have different Linux and Windows VMs.

Another virtualization option is containers. In short, containers are pre-built “packages” that include an application and its dependencies. Containers run on a container engine that runs on the operating system. A popular container engine is Docker.

A huge advantage of containers is that testing applications only takes seconds. You just need to download and run the container instead of installing the application yourself. For example, suppose you want to test FreeRADIUS. You can use this container. You just need to run this one-line command to start it:

docker run --name my-radius -d freeradius/freeradius-server

That’s it. One line and FreeRADIUS is up and running. This can save a lot of time when you want to try something in the lab. With containers, you don’t have to worry about installing software yourself.

Network Documentation

For most of us, documentation isn’t the most exciting topic, but it’s important. In the short term, writing down your thoughts takes a few extra minutes. In the long run, it can save you time. I recommend noting everything you learn. I also suggest taking notes for your lab:

• Create a network diagram showing how everything is connected.
• Write down MAC addresses and IP addresses.
• Write down VLANs.
• Write down how to start useful Docker containers.

To create notes and documentation, I recommend Obsidian. It’s free, and the ability to link notes together is fantastic. To draw network diagrams, you can use:

• Draw.io
• Creately
• LucidChart
• Excalidraw
• Microsoft Visio
• Google Drawings

I prefer Excalidraw because it integrates well with Obsidian. Make sure you use a tool that allows you to edit images later. If you create an image and save it only as JPG or PNG, it will be difficult to edit later.

Conclusion

This concludes this lesson on building a home network lab. I hope this helps you build your own home lab.

Of course, no home lab course is complete without a picture of my current home lab (on the left):

Here’s what I have from top to bottom:

• Cisco 3850 Switch
• Avocent ACS 6032 Console Server
• 2x ASA 5515-X
• Checkpoint Firewall
• WatchGuard Firebox M200
• Juniper SRX300
• Cisco WLC 2514
• Rack with 5x Raspberry Pi
• ESXi Server (2U chassis with Supermicro X11SDV motherboard and Intel Xeon-D CPU)
• 4x Cisco ISR4331 Routers
• 4x Cisco 3850 Switches
• 4x Cisco Nexus 5548 Switches
• 2x Cisco Nexus 2248 Fabric Extenders

I hope this lesson is useful for building your own home lab. Did you miss anything? If you have any questions or suggestions, please leave a comment below.