Adjust your home network for better performance
Adjust your home network for better performance
Hello! Here’s a revised version of your notes:
Hello! I’m currently preparing to enhance my home network. The main goal is to upgrade to a 10Gb connection and replace the existing ISP router. Additionally, I plan to use multiple VLANs within my home and start hosting a website. The project will be carried out in three phases.
1. Install 10GB cards on the gaming rig and the Unraid server.
2. Begin the contract process with my new ISP.
3. Purchase the necessary hardware for the major upgrade.
I’ll include a network diagram showing both the current and planned configurations. I’m still uncertain about the best hardware and software choices, but I hope it aligns with my expectations.
First, once I receive my new ISP’s router, I won’t need the old setup. However, if possible, I’d like to loadbalance it for maximum bandwidth. Also, I want devices from the previous network (my friends’ PCs) to still access Samba shares and WebGui from the Unraid dockers. Can PFSense handle loadbalancing as I imagine? If not, would adding another device be a solution? (See link: https://www.amazon.de/TP-Link-TL-R470T-B...B004UC9V8Q)
Regarding the devices, I’m unsure if it’s feasible to route both networks together. Would it work as a Loadbalancer? If not, could an extra device handle it?
I plan to attach two network cards initially, focusing on the 10GB connection for these machines. This would be a routerless subnet. Does Unraid support this setup? Also, can I connect my network card to my current Balanced TBL5 bond only for the gaming rig?
My goal is to have four VLANs:
- One for trusted devices (like Unraid, gaming rig)
- One for IoT and guest Wi-Fi
- One for trusted machines (e.g., Unraid, gaming rig)
- One just for Nginx to isolate it.
I’m considering using Port 443 and 80 for the website, with ports 22 and 3389 open only within my 192.168.0.0/24 network. When I redirect traffic to my web server, can I still access other ports or simulate local IP addresses for security? Also, on my Unraid machine, are there specific ports open and what security measures should I take?
I need to know if I require an extra van for the web server. My main concern is protecting access to the Unraid array and sensitive data. I’m thinking about assigning an Ubuntu VM with a 1Gb card to run the web server directly inside the pfSense box, isolating it further. However, I only have limited PCI slots.
The primary purpose of the VLANs is to separate devices, but can I still allow selected devices to communicate freely? Is this approach secure? Also, how can I access my printer or IoT devices from a different van?
I’m also curious about potential risks and recommendations for hardware. What should I avoid? What are the best practices for setting this up?
Lastly, what are the most important steps to take when starting to configure a home network? And how risky is it to open ports if I’m new to networking and hosting?
I’d appreciate your insights!