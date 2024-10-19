If you're a developer, sysadmin, hobbyist, or IT professional, enhancing your skills in networking can feel like a bit of an uphill slog. There's a very real chicken-and-egg problem of not having access to the most advanced hardware to learn on until you've got the experience to prove you can do so responsibly, which can be hard to acquire without access to a proper setup, advanced features, and examples of how things are done properly in an enterprise environment.

This can feel like a predicament, but there can be a good solution. Buying ex-enterprise gear is a good way to pick up hardware capable of high performance and advanced features on the cheap, and an ideal method to develop your skills and understanding.

What are the pros and cons of ex-enterprise hardware?

We've covered ex-enterprise gear before on XDA, specifically the considerations for using ex-enterprise gear in your home lab, and there are certainly some pros and cons. We won't rehash them completely, but one of the big ones is power usage. If you're in a country where power is expensive, like I am in the UK, the energy bill for ex-enterprise gear in your home lab can quickly outpace any cost savings you'll have buying old gear as opposed to buying newer, more power-efficient gear.

This is less of an issue if you're using your lab for learning though, as opposed to just running services, as you can more easily shut it down for extended periods when not in use. The same applies to concerns about noise - if you're just using it for a short period of time, then there's less concern about where to leave something as noisy as a vacuum running 24/7.

The serious downside here, though, is that you might end up buying hardware with much less long-term use potential (or none at all). Once you've finished using it for learning, it will likely no longer be useful and effectively become e-waste. This particularly applies to things like enterprise-grade network switches, firewalls, and routers, which once out of support, are available at extremely cheap prices but can be difficult to sell or recoup value from.

We're not going to provide advice on specific hardware here - what's cheap, available, and appropriate might vary massively from region to region. We'd suggest browsing eBay, local sites, or online communities like r/homelabsales to get a feel for what is available.

What are the learning goals to keep in mind?

What you should focus on to improve your knowledge of networking will vary dramatically depending on your background and what you're trying to get out of the exercise. If you're a software developer, for example, it's unlikely you'll need too much knowledge about routing and management (unless you're working specifically in that field), so you might want to focus on tools for debugging and diagnostics, or common protocols like HTTP or DNS. If you're a full-time sysadmin, you might want to consider the hardware you buy and how it impacts your work.

Here are some basic tips for getting started, with a few projects you can get set up at home to dip your toes into more advanced networking.

Core networking concepts

If you're not already familiar with basic home networking concepts like IP addressing, gateways, NAT, DHCP, and other settings available on consumer routers, we'd suggest you get up to speed there first. There's plenty of content here on XDA on everything from basic network settings, to deeper dives on NAT, or even on IP addressing from our partner site.

We'd recommend brushing up on these topics even if you're more experienced with networking, as any cracks in your understanding could slow down your progress significantly once you're working with more advanced tools, with more potential to break things.

Setting up VLANs and routing

A great first project to get running on some ex-enterprise gear is setting up some VLANs to segregate devices on your home network. This might be on the basis of different security profiles, like keeping Internet of Things or guest devices isolated, or reducing broadcast traffic across your wider network. You'll get exposure to concepts like tagging and untagging, trunk and access ports, and some experience using your hardware's interface. Normally, you'll be configuring enterprise gear via a rudimentary web interface or command line interface, both of which have some quirks to get used to.

You'll also encounter some terminology that might be new if you're coming from a more casual networking background, like layer 3 routing or spanning-tree protocol.

This is a great project to get started with using some ex-enterprise gear, and you'll learn a lot along the way. Be prepared for some debugging though, as it isn't always straightforward to get up and running using ex-enterprise gear.

Firewalling and security

Source: Unsplash

Firewalls are critical for network security, and working with enterprise-level equipment will expose you to features and configurations not found in consumer devices.

Straight off the bat, you'll learn about access control lists (or ACLs). ACLs are used to define rules that control incoming and outgoing traffic based on a range of criteria, which can be a nice introduction to packet filtering more generally. All firewalls are fundamentally filtering packets based on a set of rules and policies. These rules reflect your security policies, and help protect individual devices, segments of your network, or the whole network from unauthorized traffic.

By configuring zones or interfaces (e.g., LAN, WAN, DMZ) on an enterprise firewall, you’ll continue to learn about network segmentation and how to isolate different types of traffic, improving both security and performance. You can also experiment with stateful inspection if your hardware supports it, which monitors the state of active connections and allows or blocks traffic accordingly.

Basic monitoring and diagnostics

Setting up some monitoring or diagnostic tooling is another great way to learn not only about enterprise networking, but also to increase your overall exposure to managing and troubleshooting a network. If you're looking for a job involving this kind of tech, this is a key skill to develop. With enterprise-grade equipment, you're often afforded access to more advanced diagnostic and debugging tools, but they may be tricky to use or make sense of at first.

To start, most ex-enterprise switches, routers, and firewalls support SNMP (Simple Network Management Protocol), which is a key protocol for network monitoring. By configuring SNMP on your devices, you can collect performance data like CPU usage, memory utilization, and bandwidth statistics. Once set up, you can use tools such as Cacti, Zabbix, or PRTG to visualize and analyze the collected data.

Syslog is another key tool to get accustomed to with enterprise gear. Syslog enables networked devices to report logging information back to a central location, making it easier to store and access. You can set up a Syslog server, either temporarily or in a more permanent location, to collect and review logs from all your network devices.

More common tools are also available and useful to gain experience on. This might be everything from basic packet captures, which many enterprise-grade solutions support, to more basic tools like iPerf, Ping, Traceroute, and Telnet.

Ex-enterprise gear can help level up your knowledge

Going out and buying some old enterprise gear to play with isn't the only way to expand your knowledge of networking, far from it. But if you're like me and learn more from building, implementing, and solving problems than I do from a book, then splashing some cash on older hardware to play with is a great way both to keep your interest and provide a platform to learn on. Building a few simple projects at home will dramatically increase your knowledge and hopefully enhance your skills, all without the fear of causing some critical downtime on an important system elsewhere.