1
General Discussion / double nat design considerations?
« on: December 12, 2023, 11:21:11 pm »
So today at home I have one network running on the router supplied by my ISP. The only thing I have done is add a pi hole dns and that's it. The family runs lots of stuff on the network and I kind of do not trust it. Vacuum cleaner, phones and tablets, streaming boxes TV's and all kinds of trinkets. And if you EVER do something to make that network go down, well I guess you know what happens...
So my thought is to make another network inside this one where I run my stuff and can play how ever much I like. Maybe gradually move devices (that I trust) to my network and leave ISP's network just for streaming devices and things I do not trust. If I'm sucessful maybe also replace the pi-hole with opnsense's unbound DNS. So I would have access from the new network to the internet trough my ISP's supplied network and also maybe grant some access to some things on "my" network.
So I would run a opnsense and behind that connect my devices to the newly built network. I've read up some on double nat and from what I understand it would work as long as you do not "Block private networks". Are there any more considerations I should be aware of?
The network supplied by my isp's router is 192.168.1.0/24 and I'd prefer not to change that.
So I was thinking of attaching WAN to this network and a new LAN inside of it, maybe 192.168.3.0/24?
Is this a good or a bad idea... ?
Not a network engineer but I'm trying to learn.
So my thought is to make another network inside this one where I run my stuff and can play how ever much I like. Maybe gradually move devices (that I trust) to my network and leave ISP's network just for streaming devices and things I do not trust. If I'm sucessful maybe also replace the pi-hole with opnsense's unbound DNS. So I would have access from the new network to the internet trough my ISP's supplied network and also maybe grant some access to some things on "my" network.
So I would run a opnsense and behind that connect my devices to the newly built network. I've read up some on double nat and from what I understand it would work as long as you do not "Block private networks". Are there any more considerations I should be aware of?
The network supplied by my isp's router is 192.168.1.0/24 and I'd prefer not to change that.
So I was thinking of attaching WAN to this network and a new LAN inside of it, maybe 192.168.3.0/24?
Is this a good or a bad idea... ?
Not a network engineer but I'm trying to learn.