Past projects involving networking…
When I became System Administrator at the now-defunct E-Z Rent-A-Car, there was no WAN. Sites were using locally-setup routers without proper firewalling or rules in place: one site was even using public IPv4 addresses on workstations. It took several steps to mitigate this situation, given a limited budget + need to stabilize things.
- Rental counter workstations were steadily migrated from XP-Home to Ubuntu-Linux installations.
- During the Summer of 2007, several older computers were set up at remote sites to use as local caching and relaying for on-site units.
- Programs were located to route critical IPv4 traffic over the IPv6 WAN, as needed. Concurrently, printers were migrated to IPv6-enabled Brother laser and MFC units.
- I discovered tinc as a VPN solution and converted the on-site boxes to act as IPv6 routers.
- Over the next year, on-site routers were replaced with ASUS WL-500g Premium units that ran OpenWRT. Over the next few years, tinc was combined with quagga and/or babel to maintain site-to-site connectivity. Spare routers were kept; that could be re-configured and mailed out with ease.
- Around 2010-2011, a third party installed a Cisco-based phone solution with T-1 circuits. The local IPv4 networks were fully updated, and this network remained overlaid on that one.
- This network remained active until at least 2013 (my departure from the company) and some time afterward. The company later merged with a competitor and folded during COVID.
A previous employer was trying to share resources between two sites on different continents. This was originally a Meraki setup with the same IPv4 subnet on both ends and a router-hosted VPN.
- One site was migrated to an ARM-based router, running a Linux distribution and enabling IPv6 WAN access.
- Another site was migrated to a similar router, but technical issues involving the ISP WAN access forced migration to an OPNsense VM on a PC-hosted Proxmox setup.
- ZeroTier was deployed as an IPv4+IPv6 VPN solution for workstations and cloud VM resources.
- Morro Data was deployed to provide cross-site cloud+local file storage.
A previous employer was attempting to provide for remote-work needs post-COVID.
- Cloud resources were procured, and VMs created for different needs.
- A WireGuard instance was created on a dedicated Linux VM. That VM was used to route IPv4 and IPv6 traffic between the other VMs (also on the VPN for logistical reasons) and off-site Windows users.
- An old router was flashed with OpenWRT, and made into a one-armed router for linking the WireGard network with the LAN at the company HQ.
- The on-site WAN was later updated to fiber-optic, and a PC-based OPNsense router was used to consolidate the functionality of the two older routers.
- SAMBA installs in the cloud and on-site were used to manage user resources and DNS-based resource management.
A previous employer managed equipment in disparate data center racks with no common network access.
- Based on the Mikrotik platform, new routers were deployed to each rack.
- The data center enabled IPv6 provisioning for each rack circuit.
- Mini-ITX PCs running Windows Server 2022 were provisioned to each rack, and Active Directory was enabled.
- Firewall traffic was locked down between the three racks, and IPv6-only traffic was permitted locally between the three racks.
- DFS was used to share resources between systems being worked on via a remote access solution.