FiziksMayMays

joined 1 year ago
sorted by: new top controversial old
Advice on network layout for pfSense with roommates in c/homelab@selfhosted.forum
[–] FiziksMayMays@alien.top 1 points 1 year ago

Thanks for the comment! I'm not sure if the WAN is PPPoE on the pfSense box - is this something I configure or is it set by the ISP?

Oh wait I think I see what you're saying. My internet is through cable (not ethernet), so I think you are saying to do this:

internet
   │
   ▼
modem
   │
   ▼
managed switch──────────────┐
    │                       │
    ▼                       ▼
arris router           pfSense box

Isn't this a problem because then the managed switch is on the ISP's network?

Also, you said that the WAN interfaces of both the arris router and pfsense should be in that managed switch, but then also (last bullet) that the router and pfsense plug their LAN output into the managed switch? Was that just a typo?

1
Advice on network layout for pfSense with roommates (alien.top)
 

Hey guys, I'm hoping for some insight into how to set up my network. Feel free to let me know if this would be better in r/HomeNetworking!

Current setup

Currently, we have a very simply network setup - just a cheap modem/router/wifi combo that servers all of my roommates devices wirelessly, in addition to a line that I ran to a switch in my room.

https://preview.redd.it/hyhqizlan51c1.png?width=960&format=png&auto=webp&s=5c7a8499fae3ecb0a6b03e1bd12514d32142d7d5

Work in progress

I have a small homelab set up with a backup server and some raspberry pis, but I want to experiment with selfhosting a website just to build my knowledge.

To this end, I've looked into setting up a pfSense box. Right now I have pfSense installed on a protectli device, which is connected to the Arris router in a LAN-to-WAN configuration:

https://preview.redd.it/1v1x2gzvn51c1.png?width=960&format=png&auto=webp&s=3657751924bb653fe954ac6c9bd9e57dccd8723f

Ultimately, I'm trying to figure out the best way to set up the network for someone who is relatively new to networking. Ultimately I want

  1. To make sure I'm not interrupting my roommates' internet
  2. To be able to access the self hosted website
  3. To do this all securely

Proposed network

The pfSense box has multiple NICs, so if my understanding is correct I can completely segment my devices from my roommates'. Additionally, I have a smart switch, so I'm hoping to set up separate VLANs for my devices accessible from outside the network, as well as IoT devices

https://preview.redd.it/0lzvphgeo51c1.png?width=960&format=png&auto=webp&s=382f6bb24f32a9bc6ca4ff28c35b813f75b56a6d

Questions

I'm new to networking so any advice is much appreciated. I have a few specific questions, but I'm not sure if they cover all considerations I should be taking! In particular:

  1. Does my proposed network layout make more sense than just putting all my devices on the current LAN-to-WAN subnetwork I have? What needs to be done for this current setup to work - I can think only of port forwarding.
    1. Is one option better than the other for DDNS which I intend to setup with cloudflare?
    2. Is one option safer for my roommates' devcies (I presume my proposed one is)

If relevant, no roommate devices will need to be able to talk to any of my devices (I think that's what this pfSense Block RFC1918 Private Networks`option relates to?)

Thank you so much!

1
Advice on network layout for pfSense with roommates (alien.top)
 

Hey guys, I'm hoping for some clarity in terms of how I should be setting up my network for what I want to do

Current setup

Currently, we have a very simply network setup - just a cheap modem/router/wifi combo that servers all of my roommates devices wirelessly, in addition to a line that I ran to a switch in my room.

https://preview.redd.it/moqw85o9761c1.png?width=960&format=png&auto=webp&s=13cfce8a0196495d9cd8a3b7f33a5ec3278d6138

Work in progress

I have a small homelab set up with a backup server and some raspberry pis, but I want to experiment with selfhosting a website just to build my knowledge.

To this end, I've looked into setting up a pfSense box. Right now I have pfSense installed on a protectli device, which is connected to the Arris router in a LAN-to-WAN configuration:

https://preview.redd.it/izlxz94a761c1.png?width=960&format=png&auto=webp&s=cbd8a121a0057b36e7cec6de2b87da946f2b982d

Ultimately, I'm trying to figure out the best way to set up the network for someone who is relatively new to networking. Ultimately I want

  1. To make sure I'm not interrupting my roommates' internet
  2. To be able to access the self hosted website
  3. To do this all securely

Proposed network

The pfSense box has multiple NICs, so if my understanding is correct I can completely segment my devices from my roommates'. Additionally, I have a smart switch, so I'm hoping to set up separate VLANs for my devices accessible from outside the network, as well as IoT devices

https://preview.redd.it/yohn77ja761c1.png?width=960&format=png&auto=webp&s=8627725a1c8db23d4cac87417045e824cb8f8463

Questions

I'm new to networking so any advice is much appreciated. I have a few specific questions, but I'm not sure if they cover all considerations I should be taking! In particular:

  1. Does my proposed network layout make more sense than just putting all my devices on the current LAN-to-WAN subnetwork I have? What needs to be done for this current setup to work - I can think only of port forwarding.
    1. Is one option better than the other for DDNS which I intend to setup with cloudflare? It seems like the proposed network would be much better
    2. Is one option safer for my roommates' devcies (I presume my proposed one is)

If relevant, no roommate devices will need to be able to talk to any of my devices (I think that's what this pfSense Block RFC1918 Private Networks
option relates to?)

Thank you so much!

(cross-posted from r/homelab)

Running a secondary pfSense router in c/homenetworking@selfhosted.forum
[–] FiziksMayMays@alien.top 1 points 1 year ago

Good point - I hadn't thought about the upload. They are about 100 miles away.

I was planning on setting up cloudflare DDNS on the pfsense box to deal with changing DNS, and running a reverse proxy to point to the server.

2
Running a secondary pfSense router (alien.top)
 

Hey guys - not sure if this is better off in r/selfhosted or r/homelab, so let me know if so!

Currently I live with a few roommates and run a (currently very) small homelab. I want to build a media server soon and potentially expose it to the internet for friends and family. I intend to put the server on an isolated VLAN using pfSense.

I was hoping to just isolate all of my stuff on a pfSense router whose WAN is connected to the LAN of my regular apartment router (a cheap Arris surfboard). My question is - is this just a stupid thing to do?

I think I would, at the very least, have to port forward from the regular router to the pfSense router, and then from that to the media server, and it appears that the arris cannot do that. Would it be smarter to just set up the pfSense router as the sole apartment router and try to turn the old router into an AP?

What would the main considerations be for each method (pfSense solely vs pfSense secondary?

I appreciate any advice, I'm pretty new to networking!

EDIT: If relevant, I'm planning on running pfsense on this 4 port protectli vault

Is it safe to store a NAS with installed HDDs? in c/datahoarder@selfhosted.forum
[–] FiziksMayMays@alien.top 1 points 1 year ago

I got it on amazon

2
Is it safe to store a NAS with installed HDDs? (alien.top)
 

Hey all,

I recently got a Synology DS923+ for someone as a gift, and installed the drives/ran initial setup so that it will be good to go when they open it.

My question is - is it safe to repackage the unit in the box that it arrived in now that the drives are installed? It is almost all cardboard while the NAS itself came wrapped in a light cloth material

I don't see why it wouldn't be , but I wanted to make sure before I bricked some 20 TB drives

Thank you in advance!

1
Complete NAS solution for parents for Christmas (alien.top)
 

Hey everyone,

My parents have a bunch of data just sitting on external drives, and that data is not copied anywhere. They have lost family photos to a failing drive before, and I want to prevent something like that from happening again.

In this vein, I want to get them a complete NAS solution for a Christmas present. I work in technology, although not in IT, so I am competent at understanding things of this nature but do not have the knowledge myself currently.

Ideally, this is my target system:

  • an easy-to-use NAS that they will find intuitive (and cannot easily break)
  • a automated backup solution (ideally one on-site and one in the cloud, I use Backblaze B2 personally)
  • perhaps a UPS to really mitigate the possibility of error (do you all think this is necessary?)

I will provide

  • a budget to get this done (I am comfortable spending between 1-2k USD)
  • the initial setup for them
  • support in the future should something go wrong

Any advice is greatly appreciated! I'm not currently aware of how much storage will actually be required, but I think 5 or so TB to start would be sufficient.

I've been looking at synology NAS options and am really just looking for advice on whether I've made some sort of mistake in reasoning, companies/products to avoid (or use), and any other advice you all would think is valuable :) Thanks again!