ShadowFlash
New Around Here
Hello Everyone. I've enjoyed and found useful many article here and thought it may be a good place to ask some questions. Long time Lurker, first time poster yada, yada, yada 
. The questions may be common, or not...but I can't seem to find a specific example scenario via search, and am not yet skilled enough to relate non-specific answers to my situation unfortunately. Sorry if the whole "multiple network" question is redundantly nauseating, but I really just need a better understanding of what is possible before I dive into the hands-on portion of learning.
I actually have very lofty and complex goals for my home network, but I think I can reduce my query down to it's simplest form before diving into the psycho stuff towards the bottom sorry for being long-winded, it's my first post here and I wanted to be thorough! ...so here goes...
"Server"
NIC 1:
Currently, this is a Wireless Card providing internet via ICS to the local network from another network's router. This could be changed at some point to a dedicated wired NIC to a larger network or a modem.
NIC 2:
Desired, Full File Sharing and internet. Simple default so-far, but wait! there's more!
NIC 3:
Desired, File Sharing Only...no internet traffic allowed. Complete Isolatation from the "general-use" network would be the goal here. What's the best way to isolate ONLY file sharing here, with no internet allowed? This is probably my biggest need of advice/understanding.
Multi User VM Server (Linux & KVM using hardware pass-through )
NIC 1:
Host (Bare Metal) "shared" (virtualized) as Internet Only to all Clients from "Server's" NIC 2 "general-use" network.
What's the best way to isolate ONLY internet here, or at a switch with no file sharing allowed? This is my second biggest need of advice/understanding and is similar to my first question but reversed.
NIC 2-3:
Hardware Pass-through individually to two clients (one each...for now).
This hopefully should only handle file sharing with no internet activity in complete isolation from "Server's" NIC 2 and "VM Host's" NIC 1. How?
Other Computers and Private WAN
Single NICs each
Tablets
Game Consoles
Roku
Etc.
All connecting to "Server's" NIC 2 for both file sharing and Internet...aka "general-use" network.
The goal here is that "Server's" NIC 2 provides the full network to a switch(s) for the general-use network, and internet only to the "VM Server's" Clients. Whether file sharing reaches the VM host, and is blocked there locally before reaching the VM Clients, or is also blocked from the switch is not important. Advice?
This scenario would hopefully allow the VM Clients an Isolated Hardware Data Network, and a separate virtualized adapter for internet only. The VM Clients (and any other NICs on that switch or VLAN from "Server's" NIC 3) should not "see" past the server (or switch/VLAN), nor any other devices (such as the WAN, etc. running off Server's NIC 2 general-use network) be able to "see" the VM Clients. Advice?
Switches, Etc.
Netgear FVS318G
Basic 8-port Gigabit Switch
Netgear FVS318N
8-port Smart Switch providing local WANs.
4 Ports can/will/should run as a VLAN for the isolated Data Network as they provide Jumbo Frame Support and several other features I'd like to use.
OS's
Initial Setup: (above hardware)
Win7 on Server and VM Clients (just for ease of proof-of-concept).
RedHat KVM on VM Host Bare-metal (I'm learning Linux for the very first time too on this project!!!! )
Note: I'm not opposed to '08 R2 for Server and/or VM Clients if necessary for the initial setup, but the "Server" is being repurposed for this project and already is fully operational with Win7. The "Server" will also be getting a hardware refresh during the below Upgrade Path, so I'd prefer not to re-format just yet while having to do it all again in 3-6 months anyhow.
Upgrade Path Setup: (see below)
Server 2012 R2 on Server and VM Clients (converted to workstation for VM clients)
Arch Linux w/ KVM on VM Host Bare-metal (assuming this old man learns Linux well enough, lol)
Hardware Upgrade Path (aka, I'm nuts)
Netgear M4100-D12G
This should provide me with Server 2012's SMB Multichannel support for increased file transfer performance on the data network (both inbound and outbound basically doubled). This also gives me needed "wiggle room" for additional VLANs, increased port-count Jumbo Frame support, Expansion room, and some other weird ideas long-term.
Server:
2nd Proc Socket populated
NIC 2 >> Dual Port...ANS, ALB, RLB, SLA (performance for multiple media streams, anti-congestion, and failover redundancy)
NIC 3 >> Dual Port...SMB Multichannel (maximum file transfer throughput performance)
VM Box:
Client NICs 2-3 >> Dual Port each for SMB Multichannel (hardware pass-through)
Addition of dedicated single port NIC hardware Pass-through for each client replacing the virtualized adapter for internet-only. This may require additional questions in data vs internet isolation eventually, but hopefully by then I'll have learned enough.
Side note: Upgrade the hardware pass-through Client GPUs as well.
This upgrade will come shortly after proof-of-concept testing using current hardware. This kind of project is my Hobby, so I tend to take my time and enjoy the journey.
So....I've read, researched, and studied for about a month now on my own, and think I know enough to finish some odds and ends ordering for the project. I have no idea "how" exactly to make all this work the way I want it to, but I'm pretty confident it's possible. I was a RAID junkie for years and decided to try a new hobby in pointless overkill, so I've got a TON to learn....Networking has always been my Achilles heal, but this is how we learn right?
Advice, Links, Corrections, Article, Etc... Every comment is extremely welcomed and appreciated. Thanks for taking the time to read!
ShadowFlash
. The questions may be common, or not...but I can't seem to find a specific example scenario via search, and am not yet skilled enough to relate non-specific answers to my situation unfortunately. Sorry if the whole "multiple network" question is redundantly nauseating, but I really just need a better understanding of what is possible before I dive into the hands-on portion of learning.I actually have very lofty and complex goals for my home network, but I think I can reduce my query down to it's simplest form before diving into the psycho stuff towards the bottom
sorry for being long-winded, it's my first post here and I wanted to be thorough! ...so here goes..."Server"
NIC 1:
Currently, this is a Wireless Card providing internet via ICS to the local network from another network's router. This could be changed at some point to a dedicated wired NIC to a larger network or a modem.
NIC 2:
Desired, Full File Sharing and internet. Simple default so-far, but wait! there's more!
NIC 3:
Desired, File Sharing Only...no internet traffic allowed. Complete Isolatation from the "general-use" network would be the goal here. What's the best way to isolate ONLY file sharing here, with no internet allowed? This is probably my biggest need of advice/understanding.
Multi User VM Server (Linux & KVM using hardware pass-through )
NIC 1:
Host (Bare Metal) "shared" (virtualized) as Internet Only to all Clients from "Server's" NIC 2 "general-use" network.
What's the best way to isolate ONLY internet here, or at a switch with no file sharing allowed? This is my second biggest need of advice/understanding and is similar to my first question but reversed.
NIC 2-3:
Hardware Pass-through individually to two clients (one each...for now).
This hopefully should only handle file sharing with no internet activity in complete isolation from "Server's" NIC 2 and "VM Host's" NIC 1. How?
Other Computers and Private WAN
Single NICs each
Tablets
Game Consoles
Roku
Etc.
All connecting to "Server's" NIC 2 for both file sharing and Internet...aka "general-use" network.
The goal here is that "Server's" NIC 2 provides the full network to a switch(s) for the general-use network, and internet only to the "VM Server's" Clients. Whether file sharing reaches the VM host, and is blocked there locally before reaching the VM Clients, or is also blocked from the switch is not important. Advice?
This scenario would hopefully allow the VM Clients an Isolated Hardware Data Network, and a separate virtualized adapter for internet only. The VM Clients (and any other NICs on that switch or VLAN from "Server's" NIC 3) should not "see" past the server (or switch/VLAN), nor any other devices (such as the WAN, etc. running off Server's NIC 2 general-use network) be able to "see" the VM Clients. Advice?
Switches, Etc.
Netgear FVS318G
Basic 8-port Gigabit Switch
Netgear FVS318N
8-port Smart Switch providing local WANs.
4 Ports can/will/should run as a VLAN for the isolated Data Network as they provide Jumbo Frame Support and several other features I'd like to use.
OS's
Initial Setup: (above hardware)
Win7 on Server and VM Clients (just for ease of proof-of-concept).
RedHat KVM on VM Host Bare-metal (I'm learning Linux for the very first time too on this project!!!!
)Note: I'm not opposed to '08 R2 for Server and/or VM Clients if necessary for the initial setup, but the "Server" is being repurposed for this project and already is fully operational with Win7. The "Server" will also be getting a hardware refresh during the below Upgrade Path, so I'd prefer not to re-format just yet while having to do it all again in 3-6 months anyhow.
Upgrade Path Setup: (see below)
Server 2012 R2 on Server and VM Clients (converted to workstation for VM clients)
Arch Linux w/ KVM on VM Host Bare-metal (assuming this old man learns Linux well enough, lol)
Hardware Upgrade Path (aka, I'm nuts)
Netgear M4100-D12G
This should provide me with Server 2012's SMB Multichannel support for increased file transfer performance on the data network (both inbound and outbound basically doubled). This also gives me needed "wiggle room" for additional VLANs, increased port-count Jumbo Frame support, Expansion room, and some other weird ideas long-term.
Server:
2nd Proc Socket populated
NIC 2 >> Dual Port...ANS, ALB, RLB, SLA (performance for multiple media streams, anti-congestion, and failover redundancy)
NIC 3 >> Dual Port...SMB Multichannel (maximum file transfer throughput performance)
VM Box:
Client NICs 2-3 >> Dual Port each for SMB Multichannel (hardware pass-through)
Addition of dedicated single port NIC hardware Pass-through for each client replacing the virtualized adapter for internet-only. This may require additional questions in data vs internet isolation eventually, but hopefully by then I'll have learned enough.
Side note: Upgrade the hardware pass-through Client GPUs as well.
This upgrade will come shortly after proof-of-concept testing using current hardware. This kind of project is my Hobby, so I tend to take my time and enjoy the journey.
So....I've read, researched, and studied for about a month now on my own, and think I know enough to finish some odds and ends ordering for the project. I have no idea "how" exactly to make all this work the way I want it to, but I'm pretty confident it's possible. I was a RAID junkie for years and decided to try a new hobby in pointless overkill, so I've got a TON to learn....Networking has always been my Achilles heal, but this is how we learn right?
Advice, Links, Corrections, Article, Etc... Every comment is extremely welcomed and appreciated. Thanks for taking the time to read!
ShadowFlash
