Making Home Labs Publicly Available

By stretch | Thursday, September 30, 2010 at 4:59 p.m. UTC

Recently I've been getting a lot of emails from people who run their own networking labs at home and want to do something similar to what I've done with the community lab. While their initiative is commendable, I unfortunately haven't been much help to these people. The root problem is that the solution I devised for this site's lab is a custom assembly of both off-the-shelf and original code, built specifically for the framework on which this site runs. It was never intended to be portable or scalable.

Of course now, nearly a year later, I realize that there is demand for such a solution. It's got me thinking about the potential for a new site, perhaps even a new business to help people make their home labs public. My initial brainstorming has come up with a hosted scheduling and authentication service, which would handle user reservations and provide upstream authentication for console servers via RADIUS or TACACS+. While it would be ideal to also offer a Telnet/SSH proxy to perform command filtering, I suspect that adding a middleman to the connection between user and device would too often push latency beyond the the acceptable limit.

So, I'm looking for some feedback.

  • How many of you with your own home labs would want to rent them out to others for a small hourly fee?
  • How many of you already have a console server of some type for your lab?
  • What else would you want to see from such a service?

As always, questions and comments are appreciated.

About the Author

Jeremy Stretch is a network engineer living in the Raleigh-Durham, North Carolina area. He is known for his blog and cheat sheets here at Packet Life. You can reach him by email or follow him on Twitter.

Posted in Announcements

Comments


Ray (guest)
September 30, 2010 at 5:16 p.m. UTC

I co-wrote and application much like you describe and it is in production at a community college where I teach. It has been working for 5+ years with few problems. It is not fully developed and no work has been done to keep it up to date, it runs on an old version of Debian. It is a LAMP based system. I would love to see this work progressed further. I had been intending to try to make it an open source project for a few years, but have not gotten around to it.

I hope you are interested, I can give you a web-ex type demo of the ins and outs, both the end user experience and the back end systems.

Ray


Ter (guest)
September 30, 2010 at 5:54 p.m. UTC

Currently I have been thinking much the same thing. Issue has become getting down to writing the custom code and really implementing it. In my Netacad class they have a "Netlab" that operates via scripts and what I could only assume is a LAMP solution. Honestly Stretch, you would do well to implement this.

Ter


Ben
September 30, 2010 at 6:45 p.m. UTC

Do you need some help to develop this service? I would be interested by the project :)


Paul L (guest)
September 30, 2010 at 6:58 p.m. UTC

JS

As you are aware, I have my own Nortel Lab.

http://blog.paulleroux.net/lab

As I only use it about 3 or 4 hours a week, so I would love to make it accessible the other 164hrs.

I would be willing to share my lab. I would only want compensation to offset the cost of Power. My two Nortel ERS8603's both have HUGE power demands. Perhaps also a dedicated link for the remote access.

I would require a console server. I tried to find one on Ebay, but even a used one is out of my price range.

if you want more info, please let me know. This is something I would be interested in getting involved with.

Paul


josehelps
September 30, 2010 at 8:33 p.m. UTC

JS I would not mind lending my lab to the community. Im barely on it although is not as develop as yours Im working on adding routers. I also have added a linux box in between to sniff traffic and also to write some snort rules. Its would be a great asset to study security and I can load it with more tools. Please keep me in mind as a resource.


arnotron
September 30, 2010 at 8:42 p.m. UTC

I would go even further - I work at a small ISP in Germany, and I could imagine making our small assortment of devices available to others. Currently, it is all plugged together on demand, but we will be moving soon and I hope to develop a permanent cabling layout for these devices.

What would be absolutely great is if there could be a collaboration between labs, e.g. by using l2vpns to connect equipment in different locations.


abester1
September 30, 2010 at 9:27 p.m. UTC

Great idea... while I dont think i can participate in sharing Lab time (lack of hardware to offer). It would definitely be worthwhile working on the development of such a solution. More importantly, the documention and sharing the final design/implementation steps with the great community as this concept would be a great learning experience.

Additionally, I would suggest the development of a solution that will try to leverage as much open source projects as possible for authenticaion, proxy, etc (e.g. linux based software). This will give the opportunity for others to replicate this type of configuration (or a subset of it) locally (since the application would be easier to acquire and get community support).


Maurice (guest)
October 1, 2010 at 4:29 a.m. UTC

I've been contemplating on renting my rack also. Its currently 1:1 of the INE CCIE R&S lab, it does have a few extras such as Juniper routers, netscreen firewalls, cisco 6509, ASA, cache enignes, etc.. Like Paul I'm not on the rack much and can offer a few hours of rack time. An inventory of gear would be great also to figure out what can be offered. I think all interested parties should get together an discuss the possibilities, perhaps IRC?


Ricardo (guest)
October 1, 2010 at 10:17 a.m. UTC

Hi Jeremy that is a wonderful idea, I've in my home lab the actual INE CCIE RS lab and additionally a Linux box running Olive connecting the rack also, and since I'm using it too much during the day I don't mind to share it with the community.


jmalacko
October 1, 2010 at 1:54 p.m. UTC

I already deployed something similar to what you are talking about. Its available here: https://lab.ghoudakis.com. I did it for the reasons that most already cite. I'm not on the equipment much but I do need it from time to time for my consulting activities. My original thought was there are plenty of professional consultants out there that would like to use a lab. I would've preferred to use someone else's rather than my own but I couldn't find anyone offering it. What I've learned is there is far more interest from folks who are seeking certifications than those who are practicing professionally.

I've seen there's several people who do this already on the net. The deal for me is offering your lab at no cost in my opinion attracts a small amount people who will generally just make trouble. By charging a nominal fee that eliminates trouble makers in my opinion. So my hats off to anyone willing to do it for free. While I'm sure the vast majority are appreciative - I bet you lose a non-trivial amount of time because of a few jerks.

My guess is what most people would really want is a flexible system that offers a matrix of scheduling, equipment, and cost.


alvarezp
October 1, 2010 at 3:36 p.m. UTC

I have two switches (and that's basically it) but I could set them up for lab. I liked arnotron's idea about sharing resources across lab via LAN links over the Internet. A big wide lab could be made this way.

But, electricity bills would be important. Is there any device that could connect and disconnect devices on demand?


ciscotophat
October 1, 2010 at 4:53 p.m. UTC

I'm quiet curious how to do it in general. Not worried about charging or any of that jazz. The connection, command prevention, schedule, and automated username/password delivery system would all be very interesting topics.


LTuned
October 2, 2010 at 1:12 p.m. UTC

Jeremy this sound great. I can offer my lab but my only concern would be the electric bill. I built the lab mainly for the CCIE SP but could also be used for the CCIE R&S and CCIE Security.

The lab consist of 2851, 2811, 2801, 2621, 2620, 1841, 1812, 1811, 1805 routers; 3560, 3550, 2960, 2950 switches; PIX 515, ASA 5505, IDS 4215, VPN 3005, MARS, CCA(NAC), ACS and a few more devices.


quuh
October 3, 2010 at 8:23 a.m. UTC

i have a home lab, but its emulated using dynamips. its just there on my local network so that some of my friends can telnet too. i have the routers spread up with hypervisors in two different ubuntu machines, one on my laptop and other two on a desktop. its odd, but as long as i can practice for my ccna exam, its all good.


chrismarget (guest)
October 4, 2010 at 2:33 p.m. UTC

Stretch,

I'm sorry to see your tweet about some jerk removing the software image from your 3550. It seems like a timely issue given the topic of this blog post.

I'm curious how the opengear filtering let you down, and what you're planning to do about it.


TheLonePacket
October 4, 2010 at 10:42 p.m. UTC

This is a good idea, but would it succeed? The Packetlife open lab is always full for one reason or another, but mainly because it is free to use, often it is hard to get someone to open their wallet for something they previously received for free.


Job
October 4, 2010 at 11:08 p.m. UTC

@chrismarget @packetlife

It might be worth to write some scripts that can recover the standard cisco suspects once every couple of hours. Something that would power cycle the device, send a break, enter ROMMON, make it boot with TFTP from a predefined image, whipe the startup-config and put a template config on it with authentication and some predefined layer3 stuff.

That can save some time if people delete images or make the device inaccessible.


A guest
October 5, 2010 at 12:57 p.m. UTC

I use an old Windows 2000/PIII box for terminal server. It has 4 serial ports (2x2port ISA) which is fine for working on a small group of routers in the same room with me. If I was to do this as suggested, I might try to setup 2,3 or 4 PCI 4 port serial cards to connect all my 15 routers and switches at once. Then I just RDP ro from my PC.

Also, I port mapped my external DSL, RDP (3389) port to my terminal server. With a fixed external IP, I can access my lab from the cottage with MSTSC.


A guest
October 5, 2010 at 10:56 p.m. UTC

I would very much love it if you would implement this - I have a lab that I would love to share with my friends in the networking community, but I'm worried about security, specifically, if an unauthorized person broke in and tried to run malicious commands, i.e. disabling password recovery on a Cisco and then blowing away the firmware and rebooting it...


jsicuran (guest)
October 6, 2010 at 6:14 p.m. UTC

I have an online lab I used to rent to the public for general use and CCxx training from the early 00s

http://www.amilabs.com

I use it now mostly for internal research(TGS project) and offer it only to my consulting clients if they don’t have a lab. I will be expanding it with some new gear shortly. I remember proposing back in 02 to the Groupstudy folks on building out a “skynet” of labs. A Lab of labs if you will, of everybody connecting their labs together in an organized manner to facilitate sharing of technology assets, learning and experimenting. Somewhat of another NFSnet but for packet heads. Of course the hard part is logistics and automation. Heck even just getting a bunch of folks as a hobby project to learn and connect the labs and then overlay many different protocols would be cool. Or a “Lab Challenge” where we start with one lowly access point with a wireless client and from that client he has to connect through all of our labs, via many different protocols and topologies, all the way to another lowly wireless client on the other side. Then run voice and video through our lab of labs configuration. We can do VPLS, MPLS, IPv6 bones, GREes and AT over anything etc. You get the picture.

So to answer some questions:

* How many of you with your own home labs would want to rent them out to others for a small hourly fee?  I am in.

* How many of you already have a console server of some type for your lab?

I do, it is a Digi and can be telnet or http accessed

* What else would you want to see from such a service?

Now this is a stretch, taking our labs collectively, meshing them and providing a virtual environment, non monolithic of course, so the lab experience appears to the customer as a Dynamips GN3 type application for the client to use as a virtual sandbox with our hardware behind it.

A fun thought but who has the time?


jsicuran
October 6, 2010 at 6:43 p.m. UTC

I have an online lab I used to rent to the public for general use and CCxx training from the early 00s

http://www.amilabs.com

I use it now mostly for internal research(TGS project) and offer it only to my consulting clients if they don’t have a lab. I will be expanding it with some new gear shortly. I remember proposing back in 02 to the Groupstudy folks on building out a “skynet” of labs. A Lab of labs if you will, of everybody connecting their labs together in an organized manner to facilitate sharing of technology assets, learning and experimenting. Somewhat of another NFSnet but for packet heads. Of course the hard part is logistics and automation. Heck even just getting a bunch of folks as a hobby project to learn and connect the labs and then overlay many different protocols would be cool. Or a “Lab Challenge” where we start with one lowly access point with a wireless client and from that client he has to connect through all of our labs, via many different protocols and topologies, all the way to another lowly wireless client on the other side. Then run voice and video through our lab of labs configuration. We can do VPLS, MPLS, IPv6 bones, GREes and AT over anything etc. You get the picture.

So to answer some questions:

* How many of you with your own home labs would want to rent them out to others for a small hourly fee?  I am in.

* How many of you already have a console server of some type for your lab?

I do, it is a Digi and can be telnet or http accessed

* What else would you want to see from such a service?

Now this is a stretch, taking our labs collectively, meshing them and providing a virtual environment, non monolithic of course, so the lab experience appears to the customer as a Dynamips GN3 type application for the client to use as a virtual sandbox with our hardware behind it.

A fun thought but who has the time?


Brandon Carroll (guest)
October 7, 2010 at 3:06 a.m. UTC

Ascolta has TONS of gear and we use of for our business of course. We would be interested in offering a portion of it perhaps to the community. Either way, we are interested in discussing further.


Maurice (guest)
October 9, 2010 at 6:53 a.m. UTC

This is getting interesting. I'd love to be a part of it, can we get something more organized?


systole
October 9, 2010 at 7:09 a.m. UTC

As a student I am very interested in the concept. To answer the question of console server, I decided to utilize a rackable systems half-depth server with a terminal server to provide access to the lab with dedicated linux screen screens. What would be required?


Jay (guest)
October 11, 2010 at 7:00 a.m. UTC

jeremy, as i said earlier when we spoke, i was just looking at ways to allow others to use my lab when im away on work trips or what have you. let me know if you need any testing because ill soon be a metro ride away :)


chrismarget (guest)
October 11, 2010 at 3:15 p.m. UTC

FWIW, I use cheap and obsolete terminal server and remote power stuff in my lab:

xyplex terminal servers can be had on ebay for $1 per serial port. They're pinned just like cisco ports (use rollover cables) and you access each serial device by TCP port (just like Cisco reverse telnet). They're a little funky to set up. More funky if you don't get a flash memory card with it (it's hard to find one that works) because you'll need to store the OS and configuration on a TFTP server.

Baytech RPC units are also mostly unloved on ebay: about $2 per power outlet. They're pinned funny, but mine have had an internal jumper cable which, when replaced, make them look just like a router pinout-wise. I've bought undesirable units with L5-30 input cords, then replaced those with regular 5-15 power cables.


Jimster (guest)
October 13, 2010 at 12:36 a.m. UTC

Great points!

Another thing that might help is a config library to go with labs. I dunno of people like to share or not, but I love reading config examples, especially when they have short explanations with them.

Perhaps Packet Life could hold a contest, "Coolest Config", of the month or something.


chrismarget (guest)
October 19, 2010 at 12:03 a.m. UTC

@jimster:

A config library would be difficult because not everybody has exactly the same topology handy. Just porting interface names/numbers from one topology to get it running in another is more tedious than it might sound.

But a config library with a bootable (dynamips) topology to go with it would be dynamite.

And somebody is all over it already: http://gns3vault.com/


James J (guest)
October 21, 2010 at 2:27 a.m. UTC

I'm down. I have 3 Catalyst 2924s, a Foundry ServerIron XL. I'm working on getting an ASA, and a Cisco router of some sort.


systole
November 28, 2010 at 5:17 a.m. UTC

Hey stretch, any progress on this? What would be needed to make this a reality?


marco207p
March 1, 2011 at 2:30 a.m. UTC

I'm in and already have a free cisco lab setup.... just waiting to publish it to the world. Let me know whe you are ready...

Comments have closed for this article due to its age.