Home Networking 101

I decided it was time to clean up my home network, so I blew the dust off a 12 year old compaq, and downloadedOpenBSD 4.1, wrote it to a CD, and installed it, along with a couple of NICs. All was good, I then looked at the patches that I would have to install and realized that I would have to compile them. This made me a little sad, as there was no way the old compaq could manage it.

So, with the wonders of NFS, I mounted /usr/src and /usr/obj from my linux machine to the openbsd one, and I downloaded the sources. I then downloaded the trial version of VMware Fusion and intstalled it on my macbook. I started VMware and installed OpenBSD on it. You know where I am going with this, right? Yep, I NFS mounted /usr/src and /usr/obj in the VMware image on my macbook and built the updates there, when it was all done, I installed on the compaq. In case you’re wondering why I did not simply install VMware server on the linux machine, I’ll tell you. The macbook has 4 times the RAM and twice as many cores as the linux machine, it is only deficient in disk space (which the linux box has in abundance).

Which gave me an OpenBSD firewall and router. Yay! Of course, that was not enough. I have used dyndns.org for a while, and have been happy enough with it. I also subscribe to a lot of mailing lists, and finally, this year, decided to use fetchmail, dovecot and a custom Python script to deal with the mailing list subscriptions.

So, all mailing lists (and stuff marked as possible spam) ends up going through fetchmail and onto my linux box, where it gets sorted into IMAP mailboxes. All very neat and tidy, but it does mean that, in order to check my mailing list mail, I have to connect to the linux machine on port 143. This means setting up ssh tunnels when I am not at home. It is not hard, but is a bit of a pain just to check list email.

Between that, and IPv6 being in the news a little lately, I decided to get an IPv6 subnet. I went to go6.net and got a /48 subnet. I installed their client on the OpenBSD router, and viola, it “just worked”, IPv6 autoconf gave all the machines behind the router IPv addresses. Yay 2!

That’s not all! Can’t have IPv6 without reverse DNS working, right? So, a quick google turned up freedns.afraid.org, and I used their services to add AAAA records for a number of my computers! Now, I can reach individual machines while away from home without having to use ssh tunnels! Or can I? Well, no, actually, because I set the OpenBSD Packet Filter to block most incoming traffic, including IPv6. Oh well

Then, being a little obsessed, I decided to make everthing on the local network resolvable. So I started named, and made a zone file for the internal network, so now, as well as the entries in /etc/host, I can rely on my nameserver to resolve names of the half dozen or so comupters running in the house… Of course, I could remember the IP addresses for them anyway, so you might wonder what the point is.

Having done all that, I also wonder what the point is. There was not really a necessity to do any of it. The $20 netgear router was working okay. As far as my wife can tell the internal network has not changed (she never has, and probably never will, consciously connect from one internal machine to another, so the whole nameserver thing is pretty meaningless for her), and access to the “internet” is the same as it ever was.

It looks like I set up a pretty home network, but, perhaps wasted my time Oh, well, I learned stuff, right?