Isolate devices on network by IP

Started by jhob101, January 24, 2025, 12:14:16 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 24, 2025, 12:14:16 AM
Hi all, I'm a techie (web dev), but know very little in-depth about networking and am trying to learn more by setting up my home network.  So don't worry about over-explaining anything, I need it!

The N100 mini PC I ordered to use as a router arrived last week and I got OPNSense running and configured for my simple home network without too much bother.

I've sorted the basics, but there's a couple of points I could do with pointing in the right direction on next.

Attached is a network diagram of what I have currently.  In summary it's:

PPPOE 300MB FTTP > OPNSense Firewall > Switch > Tenda Mesh in Bridge mode.

Unleashed DNS is turned off and AdGuard is turned on.

My next goals that I'd appreciate some guidance on are:
  • Isolate IOT devices on the network.
    I had previously intended to create a vlan for this, but have since learnt that the Tenda MW12 mesh does not support 802.1Q and I'm not aware of other options. I've decided not to create a separate Wifi for these, at least for now, and am exploring alternative ways that I could hide other devices on the network.

    What other options do I have here?  All known devices have static leases within set ranges, and my thinking was that I could utilise this to create rules.
  • Optimise PPPoE
    I've read that PPPoE not well optimised, and potentially laggy.  I'd like to try and maximise the conditions, particularly for my son's xbox - he frequently rages at 'lag' on EA FC25!  What should I be looking at to do this and what's the best way of monitoring the quality?
  • Better visibility of 'what's going on' on the network
    One of the reasons I've struggled with networking in the past is that it's a bit of a black box to me, I've not known enough to know what metrics to look at, if they even exist, to diagnose an issue and trouble-shooting has always felt like stabbing in the dark.  I'd like to get some traffic monitoring set up so that I can visually see what's happening on the network better. I don't know enough to know what would be most useful.  Could anyone suggest tools/dashboards available in OPNsense that would help with this sort of monitoring?

There's a few other bits that I'll get to it in time, but these are my priorities.

I'd welcome hearing from more experienced voices here as to how best to proceed.

TIA for any helpful replies!
Print
Go Up Pages1
User actions