Setting up a home lab network can be an exciting endeavor for tech enthusiasts. It can often come with challenges, especially when it comes to public IP addressing. If an internet service provider (ISP) doesn’t provide you with static IPv4 addresses, your ISP uses CGNAT or IPv6 exclusively, you may have issues making your lab available to the wider internet. You could get home lab static IP addresses on a business connection but this can be several times more expensive than the residential connection you already have. Fortunately, at Core Transit we offer a solution – tunneling IPv4 addresses to your home lab! In this post, we will discuss the high-level requirement to set up IPv4 tunneling with Core Transit, allowing you to put your home lab on the internet!
Home Lab Static IP Address Basics
Core Transit’s entry level offer is a service that provides IPv4 tunneling solutions, allowing you to access your network over the public internet. This service enables us to route you a dedicated block of IPv4 addresses over a tunnel. With this tunnel and route in place you can allocate these addresses to devices, servers, a firewall, NAT Pool, etc. just like an enterprise would allocate IP addresses.
Prerequisites
Routing Knowledge
To take advantage of this functionality you will certainly need some routing knowledge. Understanding the separate tunnel types and how to configure them is important. The good news is that this isn’t terribly difficult. You likely wouldn’t be here if you didn’t already have some idea of how do to this, right?
A Compatible Router
Of course custom routing will require a router. This will need to be a platform that supports tunneling such as a Mikrotik, PF Sense, Cisco, Juniper, etc. Simple SOHO routes won’t cut it. In addition to tunneling you might want VRF support to segment your underlying connection traffic from the traffic of the tunneled network that runs over it. Finally, if you choose to run BGP with us ensure that is a supported feature set as well.
Network Design
With the knowledge and equipment, you will need to design a network to support you home lab with this tunnel configuration. There are no right or wrong ways but you will want to factor in traffic paths and security depending on your layout. Remember, these are internet routed IP addresses so bad actor could easily end up poking around. Ensure you know what you need to do to keep them out and your network safe.
Home Lab Static IP Tunnel Types
Now that you’re ready to configure your static tunnel you can navigate to our ordering portal and make your selection. We offer GRE and L2TP tunnels today with other on the near term roadmap. There a few key factors when selecting a tunnel type. We always suggest your use case drive the decision rather than the other-way around.
NATed / CGNATed Connections
If your network is connecting from behind a CGNATed ISP you will need to use a client-type tunnel. Today we have L2TP as the key option here. Because your router will act as a client to connect its connection status will be tracked by NAT to ensure the encapsulated tunnel traffic packets make it back to your system. This is often the case with ISPs such as Starlink, T-Mobile, Verizon’s 4G/5G services, and many small rural ISPs.
Single Public IP Address
If you are fortunate enough to have a single IP address assign by your carrier you could terminate the tunnel on your router as it connects directly to the ISP. GRE is a simple protocol and would require this type of configuration. GRE doesn’t always traverse NAT well as it does not use a TCP or UDP encapsulation similar to other tunnel types. Additional, the tunnel configuration on the Core Transit hub router will need to specifically specify an IP address to send tunnel traffic back to. If that address cannot be reached the tunnel setup will fail.
Conclusion
In conclusion, setting up a tunnel between your network and Core Transit isn’t terribly complicated with a bit of routing knowledge and the right equipment. If you still have questions be sure to check out some of our other technical articles for help or connect with us directly!