I’ve written a few posts now about my Home network v2 project. What’s the plan? Let’s go through that now.
It started back in May, when I bought a MikroTik smart switch to use on my home office desk. I liked it a lot and ended up replacing all my Unifi switches with MikroTik.
Then I stumbled onto a used MikroTik Core router which, which I purchased and started learning more about RouterOS and networking in general. This really sparked an interest to do more with my home network.
I’ve used VLANs for many years, but quite frugally; LAN and DMZ, secure and not secure basically. Everything is on the LAN, unless it’s publicly exposed, or a guest device — then it’s on the DMZ.
The complete plans are still a bit fuzzy in my head, but I think it will become clearer as I start the journey. There are two parts to this, the logical and physical. Let’s go through it.
- Replace EdgeRouter with MikroTik CCR1009
- Set up a virtual VyOS router
- Move homelab into own LAB net, behind the VyOS
- Share routes between VyOS and RouterOS using OSPF
- Move WireGuard server from container into VyOS
- Set up client, or consumer, network
- Move all “regular” devices to this network (phones, laptops, IoT, etc)
- Make management network
- Move access points, switches, UPS, etc to this network
- Bind SSH on all servers to this network
- Servers with fiber will also be connected to this network with Ethernet
- Properly configure RSTP on all switches
- Make guest network, Wi-Fi basically
- Make CoLo network, for equipment which is not mine
- Possibly a services network, for things like DNS, NTP, etc
I like the approach of keeping clients and IoT on the same network, it just makes everything so much easier. Multicast, discovery, it all just works.
Using the firewall; I can open services on the homelab up to certain clients.
I’ve had plans to run network cables since we first moved in here, about a year ago. Time to get started on that 🙂
- Wired CAT6 to the garage, 6U network rack and PoE switch (done)
- Installing a network socket by the living room TV and media center
- Move the openly installed network cable to the hallway access point, to a conduit in the wall
- Get two network cables to the attic
- Use one for a ceiling mounted access point in the 2nd floor living room (the den), replacing the current in-wall
- Try to improve the weak spots there were uncovered during my Wi-Fi mapping
I really like my network to be completely hidden — no visible cables, mounting access points as discreetly as possible. My wife shares this view 😉
This is a big network change, I’m basically tearing it apart and putting it back together. But I am doing it in steps, my EdgeRouter currently uses the CCR1009 as its WAN source. My plan is to slowly and steadily move each network from the EdgeRouter to the CCR.
This way I can take my time to test and verify during the migration.
Writing this it kind of seems like rambling, and I’m not sure it’s a useful read to anyone else… But it sure was nice to get it out of my own head and down in written form 🙂
I will be writing more about these changes, as they start to manifest themselves. So stay tuned for that, if you find these sorts of things interesting 🖖