The new heart to my home network is a Layer-3 Switch:  a Cisco Catalyst WS-C3750G-24T.

This replaces my Linux box w/CentOS, which could do everything I asked it to do.  Alas, the Cisco is lacking in just one area:  it doesn’t seem to be able to do NAT with the crypto (ssh-capable) IOS.  Fortunately, I had an IP pool that I could set up for DHCP addresses.

Those who know Cisco gear might be thinking my choice of “home” router is like killing a mosquito with a sledgehammer — and they’d be right.  But I wanted to keep my feet wet with Cisco IOS configuration, as well as develop a kind of “working lab” in my home.  (Who knows, maybe I’ll test for a CCNE certification.)

I also have a few ideas regarding DoS detection using flow stats, (possibly) coupled with tcl scripts running on the router.  Maybe.

I might also set up a vpn link to my colo for purposes of developing a secured virtual network for handling sensitive traffic, such as talking to Sonic.net systems.  This would also require setting up Linux to be a vpn client to our Cisco vpn concentrator — something I’ve done with Fedora already, with the NetworkManager-vpnc package.

For starters, I thought I’d cover the DHCP setup.

I’ve configure the Cat to act as a DHCP server for easy config of devices on my network.  The configuration looks something like the following (but with assigned, globally-routeable IP addresses):

ip dhcp pool PUB
 network 10.10.10.224 255.255.255.224
 dns-server 208.201.224.33
 domain-name ponzo.net
 default-router 10.10.10.225
 lease 5
 class CLASS1
 address range 10.10.10.228 10.10.10.254

Once the pool “PUB” is globally-configured, you can reference it in a vlan interface definition:

interface Vlan1
  ip dhcp client class-id CLASS1

Again, these are dummy IP addresses.