network @ home
intention
get internet for all, but separate some chinese ware and other dubious things (iot and guest) from the main network.
it would be better to separate backup storage further … we will see.
network schema
-
192.168.69.* transfer network wan*
-
home-lan (10.0.0.0/8)
| IP Address | VLAN | DNS | Description |
|---|---|---|---|
10.10.10.1 /23 |
VLAN-1 |
reghome |
home network (trusted) |
10.10.40.1 /23 |
VLAN-4 |
regiot |
iot network (limited) |
10.10.60.1 /23 |
VLAN-6 |
regguest |
guest network (limited) |
10.10.80.1 /23 |
VLAN-8 |
regoffice |
office network (limited) |
10.11.20.1 /23 |
VLAN-20 |
regserver |
proxmox network (dmz) |
notable components
-
network infrastructure
-
m-net fiber internet access and an otn
-
AVM Fritzbox as edge router and DECT station "fritz.box - 192.168.69.250"
-
unifi cloud gateway firewall "reggateway - 192.168.69.102"
-
unifi access point eg "wlanregeg"
-
unifi access point og "wlanregog"
-
unifi vlan capable managed switch
-
-
server infrastructure (vlan internal)
-
synology NAS for storage and backup target (regstore and regstore2)
-
raspberry pi based home assistant
-
philips hue zigbee bridge (light bulbs and plugs)
-
network laser printer (oki color and brother mono)
-
network ink A3 printer (brother)
-
smart lock with finger print sensor
-
-
IOT (mostly via wifi, vlan IOT)
-
amazon echo show (4)
-
sonos speaker (3)
-
reolink camera
-
eufy camera
-
blink cameras with local sync module
-
shelly devices (plug, humidity, temperature)
-
base station x-sense (smoke detectors)
-
-
clients (vlan internal or guest)
-
familiy phones, tablets, laptops (android, ios, macos and windows) via wifi
-
-
office (vlan office)
-
one cable attached workplace (home office, company provided laptop)
-
-
vpn **access from remote (mobile)
-
dmz
-
intel nuc as proxmos server vor VMs (vlan regserver)
-
vm: regsaltmaster salt server
-
-
diagram source
Unresolved directive in <stdin> - include::./home-network.puml[]