Embarking on a serious home lab upgrade to solve my biggest networking headache.

It’s funny how these things start. My home lab began as a single, unassuming desktop tower, an HP ProDesk 600 G2 that I crammed with 64GB of RAM. It was supposed to be a simple server for tinkering. But as anyone who’s gone down this rabbit hole knows, “simple” doesn’t last long. Now, I’m staring at the blueprint for a major home lab upgrade, moving from a simple all-in-one box to something a bit more serious.

My little HP ProDesk has been a real workhorse. It runs Proxmox VE, a fantastic hypervisor that lets me slice up that i7-6700 processor and all that RAM into a bunch of virtual machines. Inside, it’s a whole universe of services:

• pfSense: This handles my entire network, acting as my main router and firewall.
• Pi-hole: To keep ads off my network.
• TrueNAS: Managing a couple of 4TB hard drives in a RAID configuration for storage.
• Docker VMs: Running the usual suspects like the “arr” stack for media, Emby, a Homarr dashboard, and Nginx for proxying.

It’s an efficient setup, all running on one machine. So what’s the problem?

The Pain Point: Why I Need This Home Lab Upgrade

The biggest headache is my network. Or rather, the lack of a real one. My 2Gbps fiber connection comes into the ProDesk, and the LAN side goes out to a dumb, unmanaged 2.5G switch. From there, it connects to my desktop, a Wi-Fi access point, and everything else.

A while back, I had pfSense set up with multiple VLANs to create separate, isolated networks. I wanted one for my main computers, another for my work-from-home PC, and a third for all the random IoT junk that I don’t fully trust. But here’s the catch: a “dumb” switch doesn’t understand VLANs. It just passes all the traffic along to everyone.

So, all my network separation was basically an illusion. My work computer, my personal desktop, and that weird smart plug from a company I’ve never heard of are all chatting on the same subnet. Even with firewall rules in pfSense, it just feels… naked. It’s a security mess waiting to happen, and it’s not going to scale as I add more devices.

My Home Lab Upgrade Shopping List

I finally decided to pull the trigger and do something about it. I’ve been scouring forums and online marketplaces, and I’ve put together a plan to completely overhaul my network backbone.

1. A Dedicated pfSense Router: The first step is to free pfSense from the ProDesk. I bought a fanless mini-PC with an Intel i226 chip, giving me four 2.5G network ports. It’s got 8GB of DDR5 RAM and a small NVMe drive, which is more than enough to run a dedicated firewall. Moving pfSense to its own box means my network won’t go down if I need to reboot my main Proxmox server. This is a huge win for stability. You can learn more about pfSense Plus software here.

2. A Proper Managed Switch: This is the heart of the upgrade. I found an incredible deal on a used MikroTik CRS328-24P-4S+RM for just $150. This thing is a beast. It has 24 PoE ports (Power over Ethernet), which is perfect for security cameras or access points, and four 10G SFP+ ports for high-speed uplinks to my server and desktop. Most importantly, it’s a fully managed switch, which means I can finally use VLANs properly and truly segment my network.

3. Future-Proofing: This is just the beginning. I’m already planning to get another box just for running network simulations in Eve-NG. My current TP-Link access point also doesn’t support VLANs, so that’s next on the replacement list.

Next Steps: Racking and Stacking

Right now, my “lab” is more of a pile. The ProDesk sits on the floor, and cables are everywhere. The long-term vision is to get a proper 16U or 18U server rack.

I want to do it right: with a power distribution unit (PDU), patch panels for clean cable runs, and brush panels to keep the dust out. A tidy, well-managed rack isn’t just about looks; it makes troubleshooting and future upgrades so much easier. Taking this mess of wires and organizing it into a clean, professional setup is the final piece of the puzzle.

It’s a big project, but I’m excited to finally build a home network that’s secure, robust, and ready for whatever I throw at it next. If you’ve ever used a MikroTik switch like the CRS328 in your own home lab, I’d love to hear if there are any gotchas I should know about!