Second posting in my “new home network” series. Before you plan what you going to build, always do an inventory what you have. On the left side of the picture above you see my current physical setup. A few things to point out:
- our house has a cellar, a ground floor (living room and kitchen), first floor is for sleeping, top floor is my office
- we bought an existing house, running cables was difficult. I put in a new CAT6 cable from top to bottom, there was a cable from the basement into the living room (but with 4 wires only) and a CAT5 cable from the 2nd floor to the first floor.
- I have a small network cabinet in the basement containing my DSL router, a small server (old Mac Mini), an 8-port switch, and my existing security gateway.
- Also in the basement there is my “TV room”, with another 8-port switch (connected via CAT6 cable to the first one), everything which has a wired port in that room (including my NAS for backups) is connected to that switch.
- In my office on the 2nd floor a 16-port switch connects all equipment there and is also connected to the basement.
- I have two WLAN access points, one on the first floor (connected to my switch on the 2nd floor) and one in the living room (connected to the basement).
So the physical setup is not very complicated. On layer 2, all switch interconnects are trunks carrying multiple VLANs. As I use Ubiquity switches and access points (yes, I like them) they want their management LAN on VLAN 1 (the disadvantage of using consumer hardware, but everything else is too expensive).
So on the logical side (right side of above picture) you see three LANs (actually its only two, until now the external LAN which interconnects the Fritz!Box with my security gateway is just a cable):
- an “internal LAN”, where all our desktops and mobile devices are connected to, also my home made sensors (using ESP8266) and entertainment devices which still receive security updates.
- a “guest LAN”, with “untrusted” entertainment devices (my TV which did not receive an update for 10 years), also for guests who bring there own devices.
Both of them have their own SSID (the access points can serve a maximum of 4 SSIDs), the home LAN is on VLAN 1, the guest LAN is on VLAN 11.
So that’s what I have currently, in my next post I will write about my planned migration scenario and about the target setup.