Home Network with Linux

From Jonathan Gardner's Tech Wiki
Jump to: navigation, search


Introduction

The modern home seems to have multiple computers with multiple users. Considerable effort is spent getting all the computers to share the same login information so that a single user can use different machines. Data sharing is also problematic.

There are existing technologies that could make managing your home computer network much easier.

Problem Statement

The modern home (2012) has the following electronic devices:

  • One or more desktop computers running Linux, Windows, or Mac OSX.
  • One or more laptops, running Linux, Windows, or Mac OSX.
  • Virtual machines in one of the above.
  • Handheld smartphones, such as Android or iPhone devices.
  • Cameras that store images and videos.
  • Printers and scanners
  • Wireless network router
  • Internet connection

Managing user accounts and data on all these devices can be a chore.

Data also needs to be backed up outside of the home, securely, yet remain instantly available to various devices.

Individuals within the home maintain multiple, perhaps 20 or more, online accounts. These include high-security accounts such as banks or jobs, accounts which potentially hold private information such a Facebook, or sites that have access to some financial instruments, such as online stores.

The key problems are:

  1. Maintaining a grasp of how machines are organized and configured.
  2. Maintaining all machines to run the latest software.
  3. Data security, sharing, and storage.
  4. Account management, so that you can move seamlessly from one machine to another.

Tasks

  1. Setup the network. Ensure you have network connectivity.
  2. DNS name and IP address? Setting up a home DNS system can make life easier. Identify a bind server or set up your own. You'll want your servers to either have a fixed IP address, or to update the DNS server appropriately. The DNS server must have a static IP, and your router must be configured to use it.
  3. Setup sendmail. See Sendmail + Gmail for an idea how to do this. You want root's email to end up in someone's inbox. Life is just easier that way.
  4. Setup LDAP.

Networking

DNS

The ideal setup provide the following:

  1. A **correct** DNS caching policy. You don't need to send every DNS request out to the network, only those for records that are expired. Note that Java's DNS library has a bug with this.
  2. An internal domain name, IE, .home.

DHCP

Although you could leave DHCP assignments to your router, you may want to ensure that some have a fixed IP address.

If you want a separate, secure network for the computers, you'll need to know how to get that working.

Storage

NFS

NFS is a convenient way to share files across a network. This is a good server-server protocol, not necessarily the best.

Although you can download programs to allow your windows system to speak NFS, you can also provide SAMBA.

Samba

Samba is a windows-friendly system. We should use this for user's files. See Samba

Mixing SAMBA and NFS?

I think this is a big no-no. Make sure the same files are not shared both through SAMBA and NFS. Locking issues may arise.

Redundancy!

If you want to keep your data, you have to store it off-site!

  • Photos, videos, etc: These are ideally stored with something like SmugMug, Picassa, YouTube, etc... Try to use two services, just in case one goes bankrupt.
  • Documents: These can be stored in things like Google Drive or Dropbox.
  • System Admin stuff: A lot of this stuff isn't very important, except in the short-term. Store it locally.

S3 is probably the most reliable and accessible storage option, although it is not cheap.

Sharing With Your Friends

Say you have a few buddies, all with the same storage system. What you can do is store your backups, archived and encrypted, on their machines. You would allow them to do the same. If you have it stored on 2-3 places, that's pretty secure, as long as you don't share a flood plain, etc...

There could be a good balance here. The agreement could be that you agree to store 3x as much data as you share. Networks can be established in this way.

Data Management

Inside the home, one machine could be designated as the data storage device. This would be connected to the internet, synchronizing the data with an outside data store.

Because the machine is within the home network, the files can be accessed quickly through sharing. Sharing options could include NFS (Linux boxes), Samba (Linux, Windows, or Mac), a website to present certain kinds of data, etc...

It is important that the machine be robust. IE, if it were to fail, or a drive to fail, there needs to be a way to quickly restore the system. Using something like RAID would help keep the machine safe from drive failures. Having a failover would be better, so that if the entire machine fails, there is already a backup.


Why Local?

As of 2012, network connections are still really slow. An internal, home network can be set up running at 1 Gb/s with ethernet connections. That's 128 MB/s. A 30-minute TV show is about 300 MB, so you're transferring that much data in about 3 seconds. Wireless can get around 1 MBps. If you set up an 802.11/n network (eliminating all the b and g devices) you could probably get faster speeds, close to 100 MBps in practice.

Another problem is latency. Even if you can transfer large files quickly, a 40 ms latency can really add up and cause things to run slowly. On a wireless network, you should be able to get something less than 10ms, and for a wired network, much less.

Until network speeds improve dramatically, it simply makes sense to have local network storage.

User Accounts

Account management can be handled by an LDAP server. (This could be the same as the data store machine.)

Like the data machine, this would need to be reliable. If the LDAP server fails, accessing computers could be problematic.

A solution is to make each of the machines a slave of the central machine. They each maintain their own copy of the latest credentials, and are updated when things like passwords are change.

Question: Can a third-party service provide this over the internet? Is LDAP secure enough to present itself to the internet? Or would we need a tunnel?

User Home Directories

Having files on the disk is better than having them available over a share. Machines that a user commonly uses can contain the home directory of the user, replicated from wherever they last accessed it. There would need to be some kind of multi-master replication of the shared folders to ensure the best experience.

If all critical data is stored this way, on multiple machines, then perhaps the need for the central data management machine is eliminated.

Administration Interface

The network administrator would need to know when there is a problem. Various monitors and alarms could be automatically configured.

The types of messages they would want to know about would include the typical problems of any network or system management process.

Commercialization

Does it makes sense to produce a box that users can install in their home? Simply plug it in to the router, and it will show up with shares ready to go. Perhaps this is what the Apple time machine wanted to be?

Users can configure the device by logging into the ip address displayed. There, they could establish user accounts, setup where the alarms should go, configure the alarms, etc...

More thought to come...

Retrieved from "https://tech.jonathangardner.net/w/index.php?title=Home_Network_with_Linux&oldid=2134"