For this project, I initially deployed an OPNsense router in a Proxmox virtual environment running on an older enterprise server. However, Proxmox’s dependency on quorum conflicted with the master–slave architecture I originally implemented, which led to the entire setup being migrated to XCP-ng. XCP-ng offered a more reliable and compatible foundation for the topology. As part of this setup, I also configured a robust and complex DNS system to ensure stable and accurate name resolution across the network.

The network consisted of multiple servers using a combination of older enterprise hardware and repurposed desktop systems. After the migration to XCP-ng, virtualization became more predictable and better aligned with the intended system design. Within this environment, I implemented an Active Directory system using Samba4 on Zentayl OS, hosted in a dedicated virtual machine that centralized user authentication, permissions, and management for the classroom.

The servers were originally named using a very simple scheme such as “master,” “slave-1,” and “slave-2.” This was eventually replaced with a standardized naming convention inspired by astronomical bodies and phenomena. This resulted in a more professional, consistent, and scalable naming system. Examples of current server names include Orion, Cassiopeia, Vega, and Lyra.

In addition to managing the infrastructure, I developed several small open-source tools to help students learn essential networking concepts. One of these tools was designed for a packet-sniffing exercise. I built a simple web server that hosted a login portal, and when credentials were entered, they were intentionally transmitted insecurely over HTTP to a backend that checked them against a static credential set. Students used Wireshark to capture and analyze the unencrypted traffic sent from a separate victim client machine, which they could not directly access. From this traffic, they extracted the credentials and then used them on their own local versions of the portal. This activity helped students gain practical experience with network traffic analysis, insecure communication, and basic security principles.

We also expanded our internal tooling by introducing a homegrown inventory management system built with NocoDB and deployed through Coolify. This provided organized and easily accessible records of hardware, virtual machines, and other network assets, greatly improving visibility and operational efficiency.