Notes Homelab / Networking
CIDRs and VLANs
The network is segmented by usage and level of trust:
| Usage | Trust Level | CIDR | VLAN ID |
|---|---|---|---|
| Infrastructure: | |||
| Management | Trusted, Restricted | 10.51.0.0/22 | 100 |
| –> Networking | –> 10.51.0.xx | ||
| –> Server IPMI | –> 10.51.1.xx | ||
| –> Misc (PDU, UPS, etc) | –> 10.51.2.xx | ||
| Trusted Services | Trusted | 10.51.16.0/22 | 116 |
| Untrusted Services, IoT, Multimedia | Untrusted | 10.51.32.0/22 | 132 |
| DMZ | Untrusted | 10.51.64.0/22 | 164 |
| User Networks: | |||
| Primary User Network | Trusted | 10.77.0.0/22 | 200 |
| Guests | Untrusted | 10.77.16.0/22 | 216 |
The CIDRs are optimized for quick network identification and to avoid typos
(network IPs differ always by at least 2 digits). Network size of /22 provides
1,022 available IPs per network, which should be enough headroom for future
needs.
The infrastructure networks (10.51.xx.xx) are for out-of-band management, device
management, services, IoT, set-top boxes, TVs, loudspeakers, gaming consoles,
etc. Basically for anything that isn’t a personal user device. The nmemonic of
prefix 10.51. is “Area 51”.
The user networks (10.77.xx.xx) are for personal user devices, segregated into
trusted and untrusted (i.e. guest) devices. The nmemonic of prefix 10.77. is
that it stands for July 7th, a date close to my heart.
Hints: cidr.xyz is a great web-based CIDR range visualizer. On the CLI, ipcalc
is my favorite (available on Homebrew, apt, yum, etc).
Cable color-coding
Cables going into switches are color-coded as follows:
| Color | Connection type |
|---|---|
| White / Gray | Default, normal client |
| Red | Management |
| Green | Uplink, trunk, inter-switch, WLAN (i.e. acting as a type of uplink) |
| Yellow | WAN |
| Orange | Reserved (due to ambiguity with mostly orange installation cables) |