A Virtual Private Network (VPN) is a way to securely access a private network over a public one such as the Internet. For example, when I am away from home I may want to access and use my desktop computer located in my home study. But I do not want other people who may have access to my connection, (think of WiFi hotspots in many places such as restaurants, hotels, and businesses), to see what I am doing or typing. A VPN provides an encrypted (unreadable) tunnel between my device, such as a laptop or a tablet, and my home network. That way I can access my home network securely and as if I was connected to my home WiFi. A VPN can be used to securely connect two private networks, (such as between a home and a vacation home), over a public one. However, my goals for a VPN are fairly simplistic and are as follows:

  • Be able to access the home network from a variety of devices, (namely Windows and Android-based devices), when away from home
  • Access region-restricted or region-tailored services to which I use or subscribe, (e.g. Netflix, Amazon, iTunes, Google, etc.), from outside my home country

DNS and DHCP are core services that many home networks provide. Usually these services are handled by an appliance such as a router provided by a person's Internet Service Provider. Even though one of the major goals of the 2021 edition of the Stein Home Network is to simplify the infrastructure, (see Stein Home Network - 2021 Edition), the appliances I have are not flexible enough to handle things such as reserving an IP address for a specific device or providing services with different configurations for individual VLANs. Therefore a virtual machine running a version of Linux will still be employed to provide those services. However, complexity will be reduced by no longer having multiple physical and virtual servers with a shared data store and fail-over capabilities. This means that a server outage can impact these vital services, but some redundancy has been built into the design to mitigate the impacts of outages as much as possible. (For a detailed description of the redundant DNS and DHCP configuration previously employed see DNS and DHCP - 2017 Edition.)

The main goals for DNS and DHCP are:

  • Allow configuration of dynamic and static IP assignments
  • Work across multiple VLANs and subnets
  • Handle IPv6 lookups and assignments
  • Provide internal subdomains hosted locally and not exposed to the Internet
  • Update internal forward and reverse DNS with dynamically-assigned DHCP client information
  • Outsource top-level DNS to a third party with dynamic DNS support
  • Simplicity
  • Privacy

When computers connect to each other over the Internet or on your home network they usually use something called an IP address to know how to reach the destination computer. Unless you have a "business class" Internet package, you are likely given a single, Internet-accessible IP address for your home network. Your network equipment then usually provides computers on your home network with IP addresses from a "private" pool. Those IP addresses are only used on your home network and cannot be accessed from the Internet.

DNS or domain name service is a way to translate a human-readable address such as karylstein.com and turn it into an IP address that a computer understands such as The problem with most companies that provide home Internet is that your Internet-accessible IP address can and will change over time. That means if you want to be able to access your home network over the Internet using an easy-to-remember name, you need to make sure that the DNS server will provide the correct IP address even when it changes. That is where dynamic DNS comes into play. The main goals of the dynamic DNS service on the Stein Home Network are:

  • Automatically update DNS servers on the Internet when the Internet-accessible IP address for the home network changes
  • Be able to update multiple translations such as thesteins.org, karylstein.com, www.thesteins.org, etc.

Every year over the holiday season there are usually changes to the Stein Home Network. This is because I have extra time with vacation and the like to work on projects. Usually those changes are limited to one or two modifications such as installing some new equipment, switching an existing service to a new technology, upgrading operating systems, or expanding a capability. However, for 2021 the Stein Home Network will undergo a major overhaul by moving some services to a third-party or appliance. The downsides of these changes are a reduction in capabilities such as fail-over of certain services, loss of control over some data, and additional financial costs due to third-party subscription costs. The benefits include simplification of the network, a reduction in hardware and energy consumption, and less regular needs to perform various maintenance tasks.

The main goal for this iteration is to simplify the network by reducing the number of servers and amount of software to maintain. To meet this goal, the following things are planned to be addressed:

  • Move email hosting, (including SPAM filtering and virus detection), to a third-party
  • Redesign offsite backups
  • Reduce the number of virtual machines maintained
  • Retire one physical server from full-time use
  • Expand home automation functions

Go to top