Back to Blog
☆☆Beginner⚙️ Operations
HomelabCCNPCisco CMLEVE-NGStudyCareerLab SetupCertification

My Homelab Setup: Tools I Use to Study for CCNP and Beyond

April 11, 2026·7 min read

Why a Homelab?

After 8 years managing production networks, I still keep a personal lab running. Not because I need it for my job — my employer has Cisco CML deployed for production testing. I keep it for three reasons:

  1. Break things without consequences. A production network can't absorb experimentation. A lab can.
  2. Stay ahead of what I haven't deployed yet. IOS-XE features I haven't touched in production, NX-OS VXLAN/EVPN, Palo Alto PAN-OS features — the lab is where I get reps before they appear in a real change request.
  3. Certifications. Preparation for CCNP and above requires building and troubleshooting real topologies, not reading. There's no substitute for watching a BGP session come up after you configured it from scratch.
// Homelab Physical Layout LAB SERVER Intel NUC i7 64 GB RAM 2TB NVMe SSD VMware ESXi 8 CML 2.6 VM GNS3 VM Ubuntu VMs HOME ROUTER Mikrotik hAP VLAN aware Lab VLAN 99 ACCESS SW Cisco SG350 Managed L2 4 VLANs CISCO 891 IOS 15.x (phys) Real hardware WORKSTATION SecureCRT ASDM / VCO Internet 100Mbps

The Hardware

Lab Server — Intel NUC i7

I built my lab server around a 13th-gen Intel NUC Pro because:

  • It fits on a shelf (no rack needed)
  • 64 GB RAM is enough for 15–20 simultaneous lab nodes
  • 2TB NVMe means fast boot times for every VM
  • Low power draw — less than 35W at idle, around 60W under CML load

Alternatives I considered:

  • Used Cisco UCS C220 (cheap, powerful — but 250W power draw, loud fans, wife said no)
  • HP ProLiant ML30 (good for a proper rack setup — overkill for personal lab)
  • A spare laptop (works fine for 5–8 nodes — storage I/O becomes the bottleneck)

Network

  • Mikrotik hAP ax³ as the home router with VLAN support — Lab VLAN 99 is isolated from the home network
  • Cisco SG350 8-port managed switch — VLAN-aware, connects the NUC, physical router, and workstation
  • Cisco 891 router (physical, bought used for ~$30) for scenarios where real hardware behavior matters — especially IOS quirks that QEMU emulation doesn't reproduce

The Simulation Stack

I run three simulation platforms, each for different purposes:

ToolBest ForMy UseCost
Cisco CML 2.xCisco-heavy labs, production testing, API automationBGP, OSPF, ASA, NX-OS, full topology tests~$200/year (Personal)
EVE-NG CommunityMulti-vendor labs, Palo Alto, VeloCloud VCEFirewall labs, SD-WAN simulation, mixed-vendorFree
GNS3Lightweight Dynamips labs, scripting demosQuick topologies, Python netmiko scripting testsFree

The three platforms can coexist on the same ESXi host. I give CML 32 GB RAM (it gets the most use), EVE-NG 16 GB, and GNS3 8 GB. They share the NVMe storage.

Study Resources I Actually Use

The internet is full of Cisco study resources. These are the ones that work for me:

Books:

  • CCNP and CCIE Enterprise Core ENCOR 350-401 Official Cert Guide — the foundation. Read it, but don't only read it.
  • Routing TCP/IP Vol. 1 & 2 by Jeff Doyle — deeper than any cert guide, explains the why behind BGP and OSPF design decisions.

Video:

  • CBT Nuggets CCNP series — good for building mental models, not for hands-on depth
  • Nick Russo's YouTube channel (INE guest videos) — best BGP and MPLS deep-dives I've found

Practice:

  • Cisco Learning Network — sample exam questions, but limit to final prep
  • Building topologies from scratch and troubleshooting them > any video or book

Flashcards:

  • Anki with custom decks for CLI commands and RFC numbers — used during commute

My Core Study Topologies

I have three saved CML topologies that I return to repeatedly:

Topology 1 — BGP Multi-AS (CCNP Focus)

4 routers, 2 ASes, eBGP + iBGP full mesh, prefix filtering, local preference, AS path prepending. I practice this until I can build it from memory in under 15 minutes.

Topology 2 — OSPF Multi-Area with Redistribution

OSPF area 0, two non-backbone areas, an ASBR redistributing EIGRP routes in, a stub area, and a totally stubby area. Covers the full OSPF area type comparison.

Topology 3 — ASA Firewall Lab

ASA in single and multi-context mode, NAT (static, dynamic PAT), ACLs with logging, VPN (site-to-site IPsec). I rebuild this whenever I need to refresh firewall skills before a production change.

The Most Important Lab Habit

Lab everything before you touch production.

Every significant change I make in production — BGP policy change, firewall ACL, OSPF redistribution — I build in CML first. Not to prove I know the command syntax, but to confirm the behavior. IOS sometimes surprises you. Better surprised in the lab than at 2am during a P1.

Build the lab, run the change, verify, then write the production runbook from what the lab taught you.

Getting Started — Minimum Viable Homelab

You don't need 64 GB RAM to start. Here's the minimum setup:

ComponentBudget OptionWhat You Can Run
ComputerAny laptop with 16 GB RAM, SSDEVE-NG Community, GNS3, CML Personal (5–8 nodes)
SimulationEVE-NG Community (free)IOSv, IOSvL2, CSR1000v, Ubuntu hosts
ImagesIOSv 15.x (Cisco DevNet free trial)Full L2/L3 CCNP topology
Study materialENCOR Official Cert Guide (~$50)Full CCNP ENCOR content
Total cost~$50 if you have a laptopComplete CCNP study environment

The expensive option is the dedicated server with CML. It makes the lab faster and more capable — but it is not required to pass CCNP. Candidates pass every year on a single laptop running EVE-NG.