Network Configuration: Difference between revisions
From Sea of Fate
Jump to navigationJump to search
Wikisailor (talk | contribs) |
Wikisailor (talk | contribs) |
||
| Line 44: | Line 44: | ||
** VLANs 30, 110, 130, 120, 99, 111: Tagged | ** VLANs 30, 110, 130, 120, 99, 111: Tagged | ||
Port 2 (Kiwi - Host 2): | * Port 2 (Kiwi - Host 2): | ||
** VLAN 1: Tagged (Enables management over single NIC) | |||
** VLANs 30, 110, 130, 120, 99, 111: Tagged | |||
* Port 3 (Win11 Desktop): | |||
** VLAN 1: Untagged (Optional fallback) | |||
** VLAN 30: Tagged (For 2.5G production access) | |||
Port 3 (Win11 Desktop): | |||
VLAN 1: Untagged (Optional fallback) | |||
VLAN 30: Tagged (For 2.5G production access) | |||
Revision as of 18:33, 24 January 2026
Introduction
With the addition of a second host, Kiwi, some new decisions need to be made on how to access its services. At the same time now is a good time to increase the throughput in the entire Home Lab
VLANS
The old protected LANs on Pear were all simply unbridged networks now they are changed to VLAN aware networks and bridged to the new 2.5 GB p/s NIC.
- ISP Gateway: 192.168.1.1
- Management Subnet: 192.168.1.0/24 (Physical Dumb Switch)
- Production Backbone: 2.5Gbps Managed Switch (VLAN Tagged)
| VLAN ID | Name | Subnet | Purpose |
|---|---|---|---|
| 1 | Management | 192.168.1.0/24 | Proxmox GUIs, pfSense WAN, ISP |
| 100 | Production | 192.168.100.0/24 | Webservers, MYSQL servers, gameservers any other services |
| 110 | Infrastructure | 192.168.110.0/24 | Internal services (DNS, NTP, Auth) |
| 130 | VPNNet | 192.168.130.0/24 | WireGuard / OpenVPN VMs |
| 120 | Lab | 192.168.120.0/24 | Sandboxed testing / POCs |
| 99 | MGT (Internal) | 192.168.99.0/24 | Internal server management (Pfsense, Prometheus and etc) |
| 111 | Terminal | 192.168.111.0/24 | RDP / NoMachine gateways |
Switch Configuration
Dumb Switch (1Gbps Management) Connects ISP Router, Pear 1Gbps NIC, Win11 1Gbps NIC, and Managed Switch Port 1.
Managed Switch (2.5Gbps Backbone)
- Port 1 (Uplink to Dumb Switch):
- VLAN 1: Untagged (PVID 1)
- All other VLANs: Excluded (Prevents leaks to ISP router)
- Port 4 (Pear - Host 1):
- VLAN 1: Excluded (Management stays on 1Gbps NIC)
- VLANs 30, 110, 130, 120, 99, 111: Tagged
- Port 2 (Kiwi - Host 2):
- VLAN 1: Tagged (Enables management over single NIC)
- VLANs 30, 110, 130, 120, 99, 111: Tagged
- Port 3 (Win11 Desktop):
- VLAN 1: Untagged (Optional fallback)
- VLAN 30: Tagged (For 2.5G production access)
