Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    New network design

    Scheduled Pinned Locked Moved Off-Topic & Non-Support Discussion
    4 Posts 3 Posters 626 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      WarOfDevil
      last edited by

      Hello everybody, I just bought a 22U server rack and I am trying to design my future home lab network connection. I just got to the point where I don't know what to do anymore, I have the feeling that everything is becoming complex and I am always concern about security.

      Network

      The picture below shows the hardware that I already have at home and how I was planning to connect everything. Can I get suggestions and tips on how to better configure my network setup (VLAN needed?) according to what I need to do?

      What I would like is the following:

      • My PfSense machine with the Tyan board will have VPN connection. I am using the integrated NIC's for WAN/LAN to the switch.

      • FreeNAS will be used to store my files and expose file system via iSCSI to my Proxmox virtual machines via 10Gbit Network card. And also NextCloud and Plex to be exposed over internet.

      • Proxmox will take care of running: Database server, IRC ZNC Bouncer (Expose via internet), few virtual machines for software development, Home Assistant.

      Now, how many VLAN do I need to create for my network? Is it safe to connect to the IPMI page of my servers via VPN (My UPS will also have a network card)?
      Shall I use the 4 SFP connector of my switch to connect my Proxmox and my Freenas box? At home I do have a few SFP network cards and copper multi-ports gigabit network cards if needed.

      Any help will be appreciated :)

      NollipfSenseN 1 Reply Last reply Reply Quote 0
      • A
        akuma1x
        last edited by

        I would make a minimum of 2-3 VLAN's on this setup.

        1. IP Cameras
        2. IPTV & other IOT stuff
        3. Wifi Access points, if it supports VLAN and you want to offer a guest network

        Run all of these on the same wire as your LAN network, just VLAN onto it as the parent interface.

        Have you built or used VLAN's before?

        Jeff

        1 Reply Last reply Reply Quote 0
        • NollipfSenseN
          NollipfSense @WarOfDevil
          last edited by

          @WarOfDevil said in New network design:

          I have the feeling that everything is becoming complex

          Not at all...I have a similar setup except I have a Mikrotik RB450Gx4 between the pfSense and the managed switch. That way, I separate my personal network from my guest network as Akuma1x suggested. Also, that way I need not use VLAN(s). Also, I run IDS/IPS inline block mode only on WAN and on my guest network while alert mode on my trusted personal network.

          pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
          pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

          1 Reply Last reply Reply Quote 0
          • W
            WarOfDevil
            last edited by

            Thank's for the tips, I have never used VLAN before but I will definitely look into that right now. Just a few more questions:

            • If I add a 4 port network pci card into my proxmox machine, is it possible to dedicate 1 port to a specific virtual machine? Maybe this way I can easily split the network traffic using the managed switch.
            • My switch has 4 Gigabit SFP ports, will I have any benefits if I connect the hypervisor and the freenas machine to the switch using SFP port with a DAC cable? I mean I know it's still a 1Gbit port but I don't know if I will get benefits on speed using that.

            Thank you :)

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.