At present, I have ISP provided device (Sagemcom) which I eventually want to convert to wifi access point…
My current hoemlab setup is:
- ISP Combo device (Router/Switch/Wifi)
- RPI (DNS homelab.local.domain.)
- Node0 Promox on Minipc (DNS homelab0.local.domain.; Rev Proxy; Storage etc.., K8s mini cluster)
- Node1 Promox on Linux Workstation (DNS homelab1.local.domain.; Rev Proxy; Storage; K8s Not so mini cluster)
- Small Syno Nas
- Family devices
- Work devices
- Smart TV
.... etc...
Note:
- RPI DNS can forward DNS queries to sub domains
Plan will be to run the following services:
- Mutiple Internal VLans (Family, IOT, Homelab, Guest, DMZ?)
- Similar DNS setup with Internal DNS resolution for home N/w devices
- VPN (may be wireguard) into home NW from work network
- DHCP
- Advanced features such as bandwidth control, VLans etc ...
- Url filtering and time internet access ( similar to squid proxy)
- Web based management features
- Good firewall to host public facing services etc..
- My Linux workstation support 2.5G LAN but not sure if I really need 2.5G network at present..
Not keen on getting involved too much in the command line…
I would preferably want most features configurable via web console…
My current thinking is Omada stack or Pfsense Netgate with some of the shelf gear.
There is so much to research so need help…
In this video there was a mention about Ubiquity/Unifi stability, but I am not a big fan due to cost…
Any advice, tips, things to consider, posts to read, are welcome and appreciated…
I built my network stack on OPNSense and TP Link Omada hardware and have been very happy with it. I have found that the Omada ecosystem to be intuitive and capable. With that being said, some of the network services available are buried deep within the menus. Outside of that I wish the Omada gear would support network connection speed between 1G and 10G but they for some reason ignore the 2.5 and 5G connection speeds. All told I am happy with my TP Link/OPNSense network stack and do recommend it for prosumer grade network hardware.
I have a SG3428XMP switch and a OC300 controller with a EAP772 (a couple actually) on the way. For my router/firewall I have a DIY OPNSense box built on Zen 3 architecture.
I’m using a Qotom ali expres box. Well its working well. But did you hear about the pT-link botnet. Not sure if i thrust the qotom or tplink device that hard with all The china isue’s . I do have to say that i really like pfsense. But if you want to do vpn’s The qotom box can be a nice option because it has intel Qat acceleration. and 10gb over the Intel procesor. not a lan chip.
This one is fun. if you also want to connect some device’s to a 10gbe network
My provider uses a vlan for the wan connection. I discoverd that when i was configing pfsense at home. It is better to know the things yous i.s.p. wants in its condection. Same with the tv network signal. It can be its on a vlan. The website of your i.s.p. should have this information.
I use PfblockerNG to act as some kind of pihole. Its not pi hole but it do’s the same thing filer all the adds and badd site’s away. I really like the option.
Why not go forbiden router route. And slap a 4x nic in one of the proxmox box. The money you safe buying a router box. Spend it on a more trusthworthy brand of switch. If i look at your network that would be the best option.
But one of the downsides. Or upsides. Depends how you look at it is wifi. Wifi can be don on a pfsense box. But accespoints work better. so that is one network that you should make. And this do’s add to the cost.
Do u want the rest of the network on the same network. ? Or do u want family split of the proxmox machines. That will dictate how many Switches you need.