On 4/8/26 00:20, Roy wrote:
I’d like to set up a homelab with a LAN and a DMZ. I have a PC with
three network interfaces. The idea is to separate the DMZ so I can
publish a demo website. This is not for professional use, just for
tinkering as a hobby.
If anyone has experience with firewall/router setups, would you
recommend using Debian for the firewall/router PC as well, or using
OpenBSD for the firewall/router and Debian as a KVM host for services?
Alternatively, should I just use Debian for the firewall/router with
nftables?
I’m asking because I have the impression that Linux has accumulated a
lot of overhead and is no longer as suitable for personal tinkering,
but is more geared toward enterprise use.
Building a gateway/router/firewall using a PC, multiple NIC's, and a
general-purpose FOSS OS distribution is possible. Been there, done
that. Similarly so with purpose-built distributions (IPCop).
I came to the realization that I just want to *use* the network, not
become a networking expert and build everything from scratch.
Especially when each and every device had its own web GUI and I had to
synchronize settings across all devices manually.
Then I discovered Ubiquiti Networks UniFi. The products are Linux on
the inside, if and when you ned that. The killer feature of UniFi is
that you control everything using one web GUI in the cloud -- routers,
switches, Wi-Fi access points, cameras, etc.. And, everything just works.
If you want to experiment with a web server on the public Internet, get
a VPS. Professional hosting companies take care of networking
(including security), VM installation, VM backup, etc., so you can focus
on your services.
David
