So, i've been slowly building up my home network equipment/appliances. I have a Unifi UDM-Pro and additional POE Switch. 2 Unifi AP's. Synology NAS, and try to use pihole (Rpi). I have a few VLAN's setup (Core, IOT, Kids, Guest) on the Unifi.
Network VLAN's:
Core: network equipment (Unifi, Pihole), Server (R720 unraid), NAS, parents devices (phones, laptop), Laser printer
IOT: Hubitat, Alexa, Ring Devices (cameras, alarms), any IOT wifi devices (roomba, Roku, wifi IOT/smarthome devices)
Kids: Tablets, Chromebook, Gaming
Guest: Whomever comes over (may need to access the laser printer)
Curious what others have done in their home network? Now that i have all this stuff, i'm trying to figure out how can i set it up and not have to mess with it. I know I'm making it more complicated by all the different networks/VLAN's, and having rules to allow a few to pass through.
Problems:
Firewall rules to get everything to talk to each other if needed (i.e. Rokus to Plex Server (r720), different devices to Laser Printer). I tend to use more static IP's, to help with the rules.
Monitoring kids devices (yes, a few more years of monitoring, slowly opening it up as they get older)
Pihole (Modem->UDMP->Pihole?) Have the Unifi primary DNS point to this. Secondary is cloudflare family, but know some devices may go around it, or use the secondary. Create a secondary on the Synology NAS?
Remote access - have to jump through hoops with the Unifi, better to just stand up another Rpi? This will also help with Hubitat. Put Pihole backup on the Synology?
Appreciate any general thoughts, comparisons, advice.
I have a Linksys Velop meshed network with a couple of unmanaged switches. It works most of the time but every single time I've done a Linksys firmware upgrade it's brought down the whole network and it's taken me hours of hair pulling to get it running again. The last time was a couple weeks ago and I'm done. I will never, ever, ever order another Belkin product again.
I just ordered a UDM-Pro, a 16-port PoE distribution switch, 3 16-port PoE switches (the "lite" version) for access switches, and a couple of APs. I'm waiting for my contractor to help me run some cat6a and then I'm going to switch over from the Linksys crap to Unify. I'll be a few APs short of what I need (backordered) but it will get me started.
I think I'll go with a vlan for gaming, one for IoT, one for guests, and one for general user access,
I run a Watchguard T35, Unifi AP AC-Pro's through out. Couple of vlan's, and about 8 different dell blade servers running several VM's each. One VM runs plex with a Drobo 810 for media, the other 14 VM's (serveral VMware's and Windows Hyper-v) for client VM backups in case of catastrophe.
EdgerouterX with Main network and an IoT VLAN
(2} Unifi AC6-Lite with Main and IoT SSIDs.
(5) various Unifi switches
Pi Hole running on 2 different Raspberry Pis
UISP running on a VirtualBox on an always-on PC
Unifi Controller running on an always-on PC
Wireguard running on a Raspberry Pi
My struggle was getting Plex, Rokus, etc on IoT network able to talk to devices on Main network as required with rules.
Now that my network is running smoothly, my next step is to move my 6 IP cameras from Main Network to their own VLAN.
This. I have an unraid server with docker and plex, store my media/dvr on a Nas both in my main network, rokus are on iot. Always fun, especially with updates.
Running low voltage cables made me just stay with ring for a while for cameras.
I had a Velop system for about 5 years. Like for you, it worked most of the time. But when it didn’t, it was enfuriating. I recently switched to an Eero Pro 6 system. The experience has been vastly better.
I bought the eero pro 6 and installed it. Couldn't get it to perform as well as the Linksys so I sent it back. But my biggest problem is lack of wired backhaul. With the work I'm doing now I'll address that.
Run a QNAP NAS with 5TB of space in a Raid 5 configuration. Mostly it's used for streaming music and videos around the house and storage of 30+ years of pictures and videos. That's it simple setup, works great and has been trouble free for years.
Do you know about the Unifi Dream Machine Pro SE? I believe that you will be disappointed if you buy the non-SE version just before the SE update becomes available.
The only problem is that the SE is still in early access. No telling when/if it will move out of early access to full product line. The next generation gateway has been in Early Access for almost 1.5 years and rarely in stock. I have been waiting on a new AP in early access and have no clue when I will ever get it.
My advice… if the UDMP is available… get it. No telling when you will ever get the SE.
Thank you both. The UDM Pro arrived today and is already online. Right now I just configured a VLAN and assigned a port to it, then plugged my old Linksys parent node into it in bridge mode (to prevent double NATting). Redid all the reserved IPs in the new DHCP table and I'm off and running. My plan is to install the Unifi APs when they come in and set up new SSIDs by VLAN. I will migrate the old SSID over as the new IoT SSID on a separate VLAN so I don't have to reconfigure all those damned Alexas and pet feeders and TVs.
I love the ease of setting up VLANS and fixing IP’s. Hopefully your APs will give the coverage you expect. I added two BeaconHDs to supplement two NanoHDs. I needed one just inside the door for the doorbell and one on an outside porch. I just plugged them in and they worked without going up in the attic.
I ordered two wifi 6 LR and two wifi 6 "lites." The LRs are for the 1st and 2nd floor. The lites are for the basement and 3rd floor. Should be sufficient. Might have to put one outside to cover the generator. Its wifi radio is horrible.
No... I'm ditching the Linksys stuff and migrating it all to Unifi. Connecting the Linksys network in bridge mode to the UDM just buys me some time while I get the thing configured.
