setup multiple subnets with DHCP question



  • hi I tried googling for answer and came on old posts 7 yrs old but I didn't get answer I was looking for..
    now I not truly sure what I need I read info on VLans in 3rd Layer switchs etc

    but im looking on making 3 subnets.. all 3 with DHCP servers

    so I have 192.168.0.x (for my current home network)
    then I want
    192.168.20.x (for IP cameras of my house I wanna add )
    192.168.30.x (for guests either WiFI or ill have Guest wired port)

    so id like to know if pfsense can setup 3 dhcp servers for each subnet. and if I need special things.. as I was thinking I needed 4 nics in my pfsense computer 1 for WAN and 3 for the different subnets.. but if there is a easier way id like to know what you guys have done..
    and id like it so guests cant access my local network or the IP cameras.. but my own computer id be able to access the Cameras. either from my computer or from remote location just checking up on the cameras..

    now I don't know if this is possible.. but I figured I ask you experts if its possible to do this or what not as its just a simple home setup.. I no expert at this

    thank you for listening



  • pfSense can run a DHCP server on each interface, no matter if it's a physical or a virtual one (VLAN).

    My pfSense (virtualized) has a WAN, DMZ (virtualized), LAN and Wifi interface. The AP has 4 SSIDs, each assigned to a seperate VLAN (2 Secure, IoT, guest).
    For the VLANs there are virtual interfaces assigned in pfSense. So pfSense is capable to control all the traffic between all subnets.



  • is there any documentation to set that up.. and do I need a special switch I need to purchase... as im used to only 1 dhcp server in past etc

    id like to simply do what you have setup



  • and do I need a special switch. I read layer 3... then I seen smart switch or managed switches etc



  • https://www.netgate.com/docs/pfsense
    https://www.netgate.com/docs/pfsense/book

    If your pfSense hardware has 4 NICs you're fine.
    For separating a guest WiFi from secure one, you rather need a special Access point which supports multiple SSIDs and VLANs.



  • You will want a "managed" switch that supports vlans. In marketing jargon, a "smart" switch usually refers to one with advanced power management functions like "green" ethernet that powers down unused ports automatically, and reduces power on short cable runs. Small switches like the Dell Powerconnect 2808 and 2816 are both "managed" and "smart". They can be had used on eBay for under $50 if you shop around.



  • for my pfsense . I just have 2 nics for now wan and lan

    as for switchs I goto www.canadacomputers.com which would be a good one? or bestbuy.. or where do you buy this special access point or the right managed switch as I also like POE switch too



  • when you say green eithernet.. is that the POE too or is that something else I want too.. I googling in Canadian that Dell Powerconnect 2808 is 440 Canadian.. new so I looking on ebay too



  • and I looked at those 2 articles you sent but I didn't see where it had dhcp for vlans
    or I missed it



  • @comet424 said in setup multiple subnets with DHCP question:

    and I looked at those 2 articles you sent but I didn't see where it had dhcp for vlans
    or I missed it

    On the DHCP Server page, you should see all interfaces, physical or VLAN listed at the top in red letters. You go into each one and configure DHCP as appropriate.



  • ya I finally got it.. the Cameras Vlan wasn't populating till I did a reboot of the pfsense...even that filter reload I been told to use instead of a reboot didn't work.. but a reboot made it work.. I appreciate it..
    and ill look into these routers

    is there one that does the smart and managed and poe all together.. as I typically only shop at www.canadacomputers.com or www.bestbuy.ca never bought anything off amazon or ebay


  • Rebel Alliance Global Moderator

    Not sure where he got that idea that smart means green... Smart has been used to reflect "not" dumb forever.. A smart switch does not mean its grean, it means it "more" then a dumb switch..

    https://blogs.cisco.com/smallbusiness/understanding-the-different-types-of-ethernet-switches
    Smart Switches (also known as Lightly Managed Switches):
    This category of switches is the most blurred and fastest changing. The general rule here is that these switches offer certain levels of Management, QoS, Security, etc. but is “lighter” in capabilities and less scalable than the Managed switches.

    You if you state smart switch - I know of no one that would think that means "green" from a power point of view..

    What is your budget? And why do you think you need POE? Your Camera's? What version of POE are the cameras? are they 802,3af or at? ie poe or poe+ Are they passive? Before you just go fork over cash for a fully managed poe switch, etc.. Lets work out what you actually need and what your budget is..

    what are the POE devices you are going to be using - make and model so we can validate what sort of poe switch you need and how much power it needs to be able to provide.. How many cameras?

    Also if all you need to is tag some vlans, then your run of the mill 30 to 50$ smart switch can do that.. You do not need a fully managed layer 3 switch...

    How many ports do you think you required wired devices? Larger POE switches can really push the price up!! So you might want to get a smaller poe switch vs the larger port density switch that does not do poe..



  • ah ok I dunno what green ment anyways..
    as for tagging I not sure I just learning this as I go along.
    I rewiring my house and my shop on same location had a few break ins.. and looking to buy Technets POE 8mp camera I seen at canadacomputers.. or I seen qsee.. so I wanted no power cord but use this poe setup one cable.. and planning on setting up 4-6 cameras around house 1 200 feet away by the entrance of my property as people cut my gate to gain access... and I want like 4-5 cameras on my shop that's like 200 feet from my house
    as for my house I wanted to setup like 2 ethernet ports at say a tv or where I setup computer one be home use or 1 be guest.. and wanted a wifi guest
    and I wanted my computer I use that's on 192.168.0.x to be able to access cameras that will be on a 192.168.20.x and I don't want guest network 192.168.30.x to be able to access my 192.168.0.x or 192.168.30.x

    as for a budget cheap as possible I not a enterprise just home user wanting secure setup...
    and im just learning this managed unmaged smart stuff

    I still have a 8 port dlink 10/100 still running in my house network for some computers for 20 yrs hasn't let me down.. so im used to only regular switchs… I just learning as I go



  • oh and forgot I wanted switch I read I needed special for
    having my unraid server to maximise its use to have link aggression as a friend has a extra 4 port nic card so was going to set that up too



  • @comet424 said in setup multiple subnets with DHCP question:

    is there one that does the smart and managed and poe all together.. as I typically only shop at www.canadacomputers.com or www.bestbuy.ca never bought anything off amazon or ebay

    Those are generally switch functions, not router. Switches combined with routers tend not to have all the features of separate switches.



  • ah ok I figure some of that.. I just researching online at moment but least got some of my questions.. I appreciate all the help …

    i just getting cable and running lines so not ready yet but i was just inquiring all the info so i was ready... thanks


  • Rebel Alliance Global Moderator

    @comet424 said in setup multiple subnets with DHCP question:

    Technets POE 8mp camera

    Make and model?? That you saw - link to it? That doesn't tell me anything about which poe it uses. Or how much power..

    BTW link aggregation is not some magic fix for "maximise" anything.. You can load share connections over this to get more bandwidth if you have multiple clients. Not going to fix up 1 client for speed, etc.. So now you need a switch that can do 4 port link aggregation to get you what exactly... Doesn't seem like you even know... Your running this unraid currently on 10/100 - going to gig is going to be freaking Rocket Ship!! Needing to setup a lagg doesn't seem like something you need, when until the other day you didn't even know what a smart switch was or tagging a vlan ;)

    Also cheap as possible is NOT a budget!!! Is it 0 or is 1000? What I told you 900$ was the cheapest you could get the switch you need? Is that fine? Still haven't said port density either.. Now it seems you want to setup 4 port laggs - that is going to drastically raise the price of this switch because of more ports needed ;)



  • so for the camera its this one
    TV-IP319PI
    https://www.canadacomputers.com/product_info.php?cPath=37_498_500&item_id=121090
    and TV-IP318PI
    https://www.canadacomputers.com/product_info.php?cPath=37_498_500&item_id=119926
    ah ok.. and my budget be under 200 for a switch.
    thanks for the input so far most appreciative


  • Rebel Alliance Global Moderator

    @comet424 said in setup multiple subnets with DHCP question:

    house 1 200 feet away

    Is that 100 to 200 feet away or 1200 feet away?

    200 is not going to cut it... Lets look at this one for example
    https://www.canadacomputers.com/product_info.php?cPath=27_1045_349&item_id=071622

    Camera's look like 9w max each, that above switch says can do 75 total... So your right at the very limit.. And its 50% over your budget.. And its only 10 port with 8 of them being poe.. So doesn't leave you ports for much else.. The next size at 28 ports is close close to $500..

    So your talking 8 x 250ish or 2 Grand in Camera's but your at 200 for your switch to run your whole network??? Makes NO Sense!!

    You can save some money if you use power ejectors with your camera's vs using a POE switch.. Many come with them, some you have to order separate. This allows you to inject power into onto the ethernet without having a poe switch. This is fine when you have a couple of poe devices. But if your wanting to run 6 or 8 camera's then yeah your prob going to want a switch.. You could get say that low end one - but not a lot of wiggle room for total poe power available. And then you would want another smart switch for your non poe devices. Which prob put you close to the cost of the bigger poe switch anyway.