No worries, I just wanted to make very sure that the risks for #1 were properly understood.

VPN might be able to work with split tunneling, but I haven’t tried it myself. It’d probably be more complicated than it’s worth!

I’d also lean towards the public AdGuard servers in this case, for the same reason! I’m happy to field certain calls from friends and family, but I don’t want to get the “my internet isn’t working!” calls at 2am-- I get enough of those from work! 😁

DO NOT run a public DNS resolver. It’ll get used as part of a DNS amplification attack, and your system will be used to DDOS somebody else.

The only viable solutions here are to either have OPs friends VPN all traffic through OPs network (there might be a way to use split tunneling to reduce total traffic used, though I’m just spitballing here), to deploy hardware locally on their network, or to use a public solution. Everything else is going to be a security risk.

It certainly can. The VMUG subscription helps out there a little, but it’s definitely a little pricey.

I run a few older things.

In my rack, I have:

• 1x 48-port POE Juniper EX220 used as a core switch with a fiber backbone to my upstairs switch; wish it was 10gig, but it was cheap and I needed ports.
• 1x Dell R720 with 2x Intel Xeon E5-2697 v2 @ 2.70GHz, 256GB RAM, and 80TB of raw storage in a RAID-5 array (64TB usable).
  • Runs ESXi with VMs for everything from vSphere to Plex to some websites I host myself.
• 1x Dell R710 with 2x Intel X5650 @ 2.67GHz, 40GB RAM, and 24 TB of raw storage.
  • Currently unconfigured since I recently migrated off of this server to the R720.
• 1x Dell R610 with 2x Intel 5550s, 96GB RAM, and no drives.
  • Got this on a whim, planned to use it for a project, never got to it, now it sits on the bottom of my rack and reminds me of my folly.

Upstairs I have another 48-port Juniper EX220, and I plan to fill most of the ports with 4+ Ethernet drops to every room in my house, plus extras for WAPs, cameras, and remote sensors.
I also use Ruckus R710s for wireless connectivity; I have two right now, and plan to eventually get one of the outdoor-rated Ruckus WAPs to mount on my chimney since WiFi coverage gets a little sparse when you get halfway across my yard.

I was remarking to a friend the other day that I’ve managed to build myself a pretty stellar setup for the early 2010s, at a fraction of the cost it would have taken back then. Though it definitely eats lots of power!