Home network improvements - transitioning to 10Gbe and VLAN configuration questions.

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.

luke-barnett

New Member
Jan 17, 2023
3
0
1
I need a little bit of a sanity check and to rubber duck a home network improvement I want to action.

I currently have the following home network:

1674018956335.png

Not pictured:
  • Various ethernet-connected devices in both Home and Garage networks both House and Garage are wired for cat6. (e.g. TV, Printers, etc.).
  • Z-Wave and Zigbee Networks (running from Raspberry Pi and hooked into Home Assistant via MQTT).
  • Other various WiFi IoT devices.
    • Power monitoring, whole home, solar, fridge, freezer.
    • Vacuum.
    • Light switches etc.
  • Raspberry Pi/VM on VM-Host Docker Swarm cluster.

Currently, it is all on a single flat network and has been serving me reasonably well but I want to start to improve in the following spaces:
  • Split the network into 4 basic VLANs. Primary driver is to cut internet access for security cameras and random IoT stuff (even if mostly ESPHome).
    • VLAN 1/Untagged - Untrusted (Guest and standard devices).
    • VLAN 2 - Trusted (Management VLAN).
    • VLAN 3 - Untrusted + no internet access (Typically for IOT devices I don't want talking back home).
    • VLAN 4 - Cameras (No internet access, separate from VLAN 3 for sensitivity).
  • Migrate to 3 node Proxmox cluster (also migrate from Swarm to K3s).
    • Allow for hardware maintenance/HA without disruption to household. (Lighting etc. should be set up to gracefully fallback however we have lived with the automation enough that we’ve grown a little more reliant on the convience).
    • Purchased Optiplex 7070 Micro (i5 9500), looking at a N5105? as the third node.
  • Improve on 1Gbe for key connections.
    • NAS/VM Host 10Gbe.
    • Desktop 10Gbe.
    • Optiplex 7070 2.5Gbe (I think that’s the best I can do?).
  • Deploy further PoE cameras on both Garage and House.
My day job is in software development, so I have (I hope) a decent understanding of the basics of networking/hardware but I've found myself stuck on a couple of questions and keen to get some feedback:
  • I have started to configure the VLANs on the EdgeRouter and switches, but I believe with running SwOS (which is also my only option for the current garage deployment) any routing between them is going to have to go all the way back to the EdgeRouter? Which limits it back to 1Gbe (after making further 10Gbe deployments)?
    • Do I deploy multiple VLAN adapters to the hosts that need to span multiple VLANs (e.g. Home Assistant would essentially be on all four for discovery).
      • What about my main desktop?
        • If I VLAN 2 then I loose connectivity to cast to TVs, speakers etc?
        • VLAN 1 then I don't have a 10Gbe link to NAS as it routes through the router at 1Gbe?
    • For 10Gbe to make sense should I replace my router to support 10Gbe so that traffic spanning VLANs can utilise the extra bandwidth?
      • What are some reasonable options here?
        • Currently, I have a 1Gbps service but rollout for 2/4/8Gbps is actively happening in my city.
    • Do I switch my CRS328-24P-4S to RouterOS for Layer 3 routing before the router?
  • For my the Optiplex to improve from 1Gbe I think I'm limited to 2.5Gbe? Can I improve on this? the value would come in for VM replication and Longhorn.