this post was submitted on 20 Apr 2024
18 points (90.9% liked)

homelab

6651 readers
30 users here now

founded 4 years ago
MODERATORS
 

cross-posted from: https://lazysoci.al/post/12664364

Everyone was kind enough to ram my brain chock full of knowledge about switches and I came away feeling like I can explain it to other people. (please don't test me on this, I'll fail)

But now I'm trying to figure out how I want my network to look and so it's best I ask the people smarter than me that actually understand what I'm trying to do.

My house is an average sized, end of terrace in a big city and so while I can get decent Internet speeds, I get lots of WiFi signal congestion with neighbours, buildings, etc.

In my present router, which I really need to replace, I have my NAS and cable box plugged in via Ethernet, everything else is connected via WiFi. That's a bunch of phones, a couple laptops, and a couple Raspberry Pi's (including my one with all my home services, like Home Assistant and my Pi-Hole).

The design I'm cooking up, is that my NAS would be on a virtual LAN with no direct access to the Internet, my Raspberry Pis would have Internet access. I don't need to worry about my smart home devices having Internet access since they're all Zigbee devices. But I plan to switch my cable box to an IPTV box and I'm also wanting to get a video doorbell and security camera for the garden, so that's at least three virtual local area networks. Four if I add a guest network.

My questions are really simple ones and you're probably gonna laugh at how stupid they are… can I do this all with a single switch? Do I need a separate access points for each VLAN or can I have multiple vLANs on a single AP? How many ports should I be looking at on my switch? Would four be enough for my set-up? Also managed is best right?

you are viewing a single comment's thread
view the rest of the comments
[–] scholar@lemmy.world 5 points 7 months ago (3 children)

It's worth noting that you will have to set up firewall rules on your new router to block internet access to specific vlans. By default your router will probably allow all traffic between all vlans.

If you want to segregate the video doorbell it works the other way around, allow internet access to that vlan and block access to your main vlan.

[–] sabreW4K3@lazysoci.al 4 points 7 months ago (1 children)

Good thing you said that. I thought the firewall rules were automatically set via OpenWRT.

[–] scholar@lemmy.world 3 points 7 months ago (1 children)

Yes, iirc in Openwrt the default rules allow all traffic between vlans

[–] sabreW4K3@lazysoci.al 1 points 7 months ago
load more comments (1 replies)