Need some help with my homenetwork design and configuration

Started by malli2602, March 24, 2024, 12:33:05 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 24, 2024, 12:33:05 PM Last Edit: March 24, 2024, 12:43:59 PM by malli2602
Hello you lovely networking guru's.

I am about to bring my home network to the next level and want to segment it a little.

Here is my hardware overview
Router for internet connection: Fritzbox 6660 Cable
Router for internal firewalling: OPNsense VM on Unraid
Managed Switch: Mikrotik with Router OS

Scheduled network segments
Fritzbox Network // 10.10.10.0/24 // DMZ & Wi-Fi for Gaming and non-trusted stuff
VLAN11 // 10.10.11.0/24 // Work Network
VLAN12 // 10.10.12.0/24 // Private Network

I do not have a lot of experience in networking stuff as an old endpoint management horse   ::)

What I try to archive here:

  • Fritzbox should still open the internet connection
  • OPNsense should be there to route and manage the traffic between DMZ and the VLANs
  • Mikrotik is basically there for switching the VLANs
  • Wi-Fi is provided by Fritzbox

Question 1:
Makes that structure any sense?

Question 2:
Where to configure VLANs and how

  • Mikrotik oder OPNsense and give it to mikro over thrunkport
  • something that is counting for OPNsense here is that I have access to VLANs in my Unraid, or am I wrong.
  • Point for Mikrotik is probably speed and better management

Question 3:
Where to place DNS (Adguard / PiHole)?

Question 4:
Even if the Fritzbox network 10.10.10.0/24 is not manageable, is it possible to place a VLAN10 with that net in the OPNsense Router to forward it to some of the free ports of the unraid or some VM's

Question 5:
How does the routing table need to look like for every of that network devices?

Question 6:
Do I need NAT here in that scenario and if yes how that works?

I attached a google drive link to PDFs with the planned network structure.
https://drive.google.com/drive/folders/1P-U3V01cpTxVZDVkrgBTYBLwlfy0AYwf?usp=sharing

Thank you very much for any information.

Cheers!
Stephan
March 27, 2024, 10:49:23 AM #1
Not much going on here.
Do I something wrong? Is there more information that I can provide?
March 27, 2024, 10:59:20 AM #2
It's a very complex scenario. Judging by the word "oder" I guess you are german.

Here in the german forum is a big thread that explains a lot of things regarding Fritzbox and OPNsense.

https://forum.opnsense.org/index.php?topic=39556.0
Hardware:
DEC740
March 27, 2024, 01:29:06 PM #3
Hey your right.
I'm from Germany.
Thank you for sharing that information with me.
Really doesn't thought that this architecture is so complex
March 27, 2024, 01:35:26 PM #4
Yeah, a lot of people underestimate it and then they're getting trapped by the technical debt they're experiencing. It's good that you think about this beforehand and make a plan and stuff.

But in the end, you have to think about the can of worms that gets opened up.
Hardware:
DEC740
Print
Go Up Pages1
User actions