Network Design Lab
The lab I use for network design, validation, and the things I want to break before they touch a customer environment. Cisco Modeling Labs runs on the Proxmox cluster for Cisco platforms (IOS, IOSv2, NX-OS, IOS-XR, ASA). EVE-NG handles non-Cisco vendors, starting with Fortinet, with more being added.
What’s running
L3 BGP Hot Cut — BGP migration topology for practicing live cutover work. Mirrors the customer onboarding and route policy migration I did at Cogent, with the freedom to break it on purpose.
securebytes-failure-series-01 — Failure injection topology. Convergence behavior under partial peer drops and asymmetric paths. The point is to see how a design fails before it ships.
L2 — HSRP active and standby, STP root election, VLAN segmentation, port-channel trunking.
Akwaaba Tech Solutions Lab V2 — Multi-site enterprise topology with distribution-layer redundancy.
FTD lab and v2 — Cisco Firepower NGFW iterations.
Fortinet lab — FortiGate policy, NAT, and VPN topologies on EVE-NG.
Network Automation Lab — Test environment for the Ansible work happening on the homelab platform. Configuration drift detection, idempotency testing, rollback rehearsal.
Stack
- Cisco Modeling Labs running on the Proxmox cluster, hosting Cisco platforms (IOS, IOSv2, NX-OS, IOS-XR, ASA)
- EVE-NG for non-Cisco vendors. Currently Fortinet FortiGate, with Juniper planned
- Topologies built and validated locally, with YAML exports for portability
- Connected via management VLAN to the rest of the homelab platform
What’s next
- More multi-vendor interop work as Juniper comes online in EVE-NG
- Data center fabric topologies (leaf-spine, VxLAN, EVPN) for study
- A sanitized topology repo on GitHub once the dual-repo workflow is in place
Field notes
Topology files and configs live locally for now. A clean public reference will go up once it’s run through the same dual-repo sanitization workflow as the NOC stack rebuild.
Stack