Home network upgrade 2nd opinions sought

In a few days I’ll be upgrading my internet connection from a VDSL to Fibre connection. Time to upgrade the home network too! And as they say “a picture says more then 1,000 words”, here’s the planned topography:

Some notes:

  • Server 2 doesn’t exist. Yet. I’m currently considering whether or not to purchase the hardware, given that’s a significant outlay, even for the base system (EPYC 7551P, Supermicro H11SSL-i mainboard, 4x 32GB RAM is some 700€-ish and I still need to buy a suitable rack case for it) Do I need server 2? No, not now, but I’m also considering “upgrading” servers 1 & 2 to a HA cluster with some disk shelves for mass storage.
  • The data connection to the backup server is optional.
  • The Management connection to the router is optional too. I actually have 3 choices for said router: install the supplied router for the fibre connection, re-use my existing router (according to ISP documentation this appears to be a viable option) or replace with a OPNSense box based on a Gigabyte EPYC 3151 integrated SoC board, which has the management option both ISP routers don’t have.
  • The Fibre Switch is (similar to) a unit reviewed recently by STH.
  • Server 1 will primarily be a storage/backup server for my main PC. I’m not a coder nor have home automation, but I am a bit of a data hoarder (depends on what data :stuck_out_tongue: ) However, I’m planning on running at least one website from the server, although I’m less keen on running webservers alongside (private) data storage on the same machine. I guess VM’s 4-da-win? So far I haven’t gotten it to work so it won’t be live anytime soon I reckon.

If you’ve read this far, thx for your time. :heart_hands:

Did I overlook something, anything unclear, other questions, remarks, encouragements? Let me know!

@wendell ?

I would caution about the multiple network routing if you plan of having dhcp setup.

For a simplified example at home i have a home desktop with a “LAN” port, and a server (let say freenas) with a LAN and an MGT port.
SSH is only bound on the MGT of the server obviously.

Then if i ssh on the server, my desktop see the MGT IP, go through the router and reach the server. But because it’s routing and not natting, when the server want to reply, he see a direct path between his lan and the desktop lan, don’t go through the router at all, and the router drop the connection due to asymmetric routing.

Some device can have advanced routing config to fix this, other like freenas appliance under BSD don’t have easy “reply on the same interface” capability

1 Like

Thx for your thoughts, appreciated!

I forgot to mention that the fibre switch is actually a L3 managed switch. The Dell Powerconnect 2848 (I have 2 (both used), but I’ll use only one for now) will be reset to a pure switch function. Meaning that the router will be the only DHCP server on the network. I’ll put some basic DNS in place if I go the OPNSense route (s’cuse the pun :stuck_out_tongue: ) to map internal IP addresses to server mgt port names (something like alias 192.168.1.100 server-1-mgt)

Also worth noting that all servers will be running Devuan (I don’t do systemd, very bad for my digestive system :face_vomiting: ) as well as the media-centre and main PC. The media-centre needs a hardware upgrade first, so that’s a longer-term project for later.