Getting started with sever networking can be tricky. Here’s some guidance for your AI hosting server setup.
Getting started with sever networking can be tricky. Here’s some guidance for your AI hosting server setup.
I'm a seasoned PC builder, yet completely new to server networking. I’d love some guidance on what to purchase and what to skip. Here’s what I need from my setup:
1) A budget mobile data modem that can instantly switch to as a backup internet source if the main Comcast network goes down. Once it’s back online, it should revert automatically. You mentioned you might want a dual WAN VPN router—what options fit your needs best? I’m unsure which mobile data solution offers the most reliability and value for this purpose.
2) A way to safely expose your server’s IPMI portal over the web so remote access is possible anytime.
3) Routers or switches that won’t slow down my high-speed Comcast connection.
Let me know your thoughts!
It’s hard to address (1), but I’d suggest using a budget VPS for such services instead of setting them up at home. This usually eases connectivity issues and keeps your personal network safe from outside threats. It also helps avoid problems like ISPs blocking certain ports or lacking a public IPv4 address.
2) For basic protection, SSL/TLS is essential, which needs a certificate and a domain name. A domain either demands a static IP or a DDNS service. You can obtain a free SSL certificate from Let's Encrypt. The rest depends on the platform and your chosen credentials. If the portal has weaknesses, SSL won’t fully secure you.
3) This shouldn’t be an issue if you have gigabit or faster hardware. Check your connection speed—most homes offer around 1 Gbps down and 50 Mbps up. The real bottleneck is usually the connection to the server.
sounds just bad! you must use VPN — OpenVPN, Wiregurad or so
I’m choosing the VPN option because only I’ll be handling the server remotely. My BMC already has the static IP I gave it and is currently linked just to its managing PC, not the internet via Ethernet until all networking is set up. Would I still require an SSL certificate, or does using a VPN make that redundant? For recommended VPN solutions or routers that come ready to use, let me know!
First, verify your public IP address. Does it belong to the range 100.64.0.0/10? If yes, your ISP likely uses cgNAT, which blocks you from hosting services at home. Even if not, some providers default to blocking incoming ports for security. You might get exceptions if you request them. Assuming you have a valid public IPv4 address and no ports are restricted, proceed. The most secure method for VPN authentication involves client and server certificates, though these aren’t typically SSL certificates signed by a recognized CA. SSL certificates are usually for web servers. Since only you use the service, a widely trusted certificate isn’t essential. The simplest choice is a built-in VPN on your ISP router—some models include it by default. These aren’t always top-tier in security. Based on update frequency and patch speed, they can have hidden flaws that remain unaddressed. Consider OpenVPN or WireGuard instead. Tutorials are readily available for setting either. A small device with two Ethernet ports should suffice. Clarification: I’m referring to a fixed public IP assigned by your ISP, not an internal static address used for domains. This is rare in non-commercial agreements; for a domain name, you’ll need a DDNS service like Cloudflare or DuckDNS. ISP routers often support one or more of these services. If not, you can host the client on another device—like a RasPi-like unit—making it easier to manage and remember (e.g., "myvpn.cloudflare.com" instead of a random IP).
This post is meant to guide you through the process carefully. You’re still in the early stages of learning, which is okay. The goal here is to grasp the concepts properly before moving forward. Avoid sharing IPMI with the public or any unsupported service. Instead, set up a VPN inside your network and connect it to your home network. Only expose the VPN client itself—consider WireGuard for better performance. It’s wise to proceed slowly, invest time in understanding each step. Mistakes can jeopardize your entire network security. For multi-WAN setups, choose a router that supports them, such as Ubiquity, pfSense, or OPNsense. I usually run pfSense, but if starting fresh today, Ubiquity would be a solid option. Most importantly, never expose sensitive data to the internet.
WireGuard is typically the preferred choice and is widely available. Although setup can be a bit time-consuming, it works well for configuration. For management tasks, I recommend using a VPN network with limited access. When it comes to chat features, image creation, or video generation, I suggest installing GPUs on a VPS. Attach your domain, install a VPN client on the server, and configure your dashboard to use the VPN API address. This way, your main PC acts as the backend while the VPS serves as the frontend, keeping your AI system protected behind a firewall. I usually pick VPS or server models that support Let's Encrypt and Cloudflare for enhanced security. This setup offers public access through a login-based ChatGPT interface, allowing others to join via shared accounts. Your API IP remains secure, only reachable through the VPN connected to your VPS. It requires some effort but is worthwhile for production use. Good luck!