It’s one thing to have the book knowledge, and another thing to actually implement and maintain.

This general lab design is inexpensive to implement (ISP fees not figured in) and through virtualization will open doors to learning almost any aspect of information technology.

Network Design

Network is split out into VLANs. Trunk port between the router and the switch, and another trunk port between the switch and one of the GigE ports on my workstation (carrying VMware guest tagged traffic). I have an IPv4 /29 routed to me by my ISP, and a IPv6 /48 routed to me by another ISP. While you can get away with dynamic DNS, I highly recommend getting a public block. For science.

If your ISP does not deliver IPv6, I recommend creating a free tunnel through Hurricane Electric.

Mikrotik makes a range of routers and switches that are based on a custom Linux kernel. Configuration can be difficult, but if you are comfortable managing Linux systems it’s not hard to grasp. Very powerful scripting, firewall, and routing functions (even MPLS). Get on the software defined bandwagon cheap.

This Mikrotik model also supports a wide range of wireless capabilities (VLANs, capture portal, authentication, encryption, etc. etc.). Plenty to keep you occupied.

Another alternative is Ubiquiti Networks; or Ebay for used Cisco, Juniper, HP, Avaya, or ADTRAN equipment.

24 port Gig PoE switch. Easy to configure and maintain, make sure you have the latest firmware installed. Fits on a desk and the fans aren't too loud. If you don’t need or want to play with the PoE feature, the X1026 (note the lack of a P in the model number) is shorter and completely silent. The switch can also mirror up to eight interfaces for network monitoring (this is key).

Compute Design

• Windows Host System
• VMware Workstation Professional
• Linux (Debian or Ubuntu, CentOS) VMs
• BSD (OpenBSD, FreeBSD) VMs
• Windows Server VMs
• VMware ESXi (Nested Guest)
• Security Onion VM

Microsoft has a number of "free" virtual machines you can download.

While VMware offers generous trial periods for their software, you can sign up ($200/year) for their VMUG Advantage Program.

VMware Workstation has multiple VMnet interfaces mapped to VLANs, so for example I can keep lab traffic segregated from my get-stuff-done network. Be sure to limit your day-to-day use of the Host System as any system errors could have a negative affect on your virtual machines.

VirtualBox is an open-source alternative to VMware Workstation. I still recommend purchasing Workstation; in my experience it has better performance and stability.

I recommend spending some time researching and then purchasing a used rackmount or tower server for any homelab endeavors. Checkout /r/homelab for ideas and purchasing links. You can get some very powerful hardware for $500 or less, just be mindful of power consumption.

RAM and I/O are going to be your biggest resource bottlenecks. I rarely run into CPU over-utilization unless a VM hangs at 100% usage. Get as much RAM as your motherboard can handle and more than a few hard drives. Any disks hosting virtual machines should be SSDs wherever possible.

Used for 802.1x and various other projects. These are great little computers, and cost $35 or less. I also highly recommend the Raspberry Pi Wireless Zero.

Voice Design

VoIP phone(s) on separate VLAN utilizing PoE. Inexpensive VoIP service can be purchased from voip.ms.