# Networks & Switching
Editable diagram
[![network.png](https://wiki.hexadust.net/uploads/images/gallery/2024-11/scaled-1680-/xOrahgcBwTwT1Yyk-network.png)](https://wiki.hexadust.net/uploads/images/gallery/2024-11/xOrahgcBwTwT1Yyk-network.png) ## VLANs
**Name** **Tag** **Network** **Description****Gateways**
HOME1 192.168.1.0/24Internal home network caroline: 192.168.1.1 justine: 192.168.1.2 (DHCP default)
GUEST10 192.168.10.0/24Isolated network caroline: 192.168.10.1 (DHCP default)
SERVER50 192.168.50.0/24Internet exposed servers caroline: 192.168.50.1 (DHCP default)
IOT 80 192.168.80.0/24IoT devices carolone: 192.168.100.1 (DHCP default)
MGMT100 192.168.100.0/24Management network carolone: 192.168.100.1 justine: 192.168.100.2 (DHCP default)
### Connectivity Caroline does VLAN routing.
**Name** **Internet access G/W** **DNS** **WiFi SSID** **Access to**
HOMEJustine (VPN), Caroline Justine (PiHole), Caroline Haru, Haru Legacy (2.4GHz) SERVER, IOT
GUESTCarolineCarolineToudi, Toudi Legacy (2.4GHz)
SERVERCarolineCaroline
IOT CarolineCarolineHaru IoT (2.4GHz)
MGMTJustine (VPN), CarolineJustine (PiHole), CarolineHaru MGMT (2.4GHz) SERVER
## Subnets
**Base range** **Subnet 1 / Usage** **Subnet 2 / Usage****Subnet 3 / Usage**
10.0.0.0/8*reserved for work VPNs*
172.16.0.0/12 (to 172.31.)
172.17.1.1/24Justine VPN: `vpn`
172.17.2.1/24Justine VPN: `outpust`
172.17.100.1/24VPS VPN: `vps`
172.18.0.0/16Justine Docker
172.19.0.0/16Igor Kubenretes
172.20.0.0/24Igor Sandbox VMs
192.168.0.0/16
192.168.1.0/24HOME VLAN
192.168.10.0/24GUEST VLAN
192.168.50.0/24SERVER VLAN
192.168.80.0/24IOT VLAN
192.168.100.0/24MGMT VLAN
## Adding networks ### Caroline - *Network* -> *Interfaces* -> *Devices* - Add `VLAN (802.1q)` on `eth1` for new VLAN tag - *Network* -> *Interfaces* - Add interface for the new device - Configure DHPC server on the new interface with options for default G/W and DNS server - `3,192.168.80.1` -
`6,192.168.80.1`
- *Network* -> *Firewall* -> *Zones* - Add zone for the new interface - *Network* -> *Firewall* -> *Traffic rules* - Add rule for DHCP (`UDP 67`) - Add rule for DNS (`UDP+TCP 53`) - Add rule for ICMP - *Network* -> *DHCP and DNS* -> *Devices & Ports* - Add new interface to DHCP server *Listen interfaces* ## Switch configuration

**OpenWRT edit VLAN tag assignment** Network -> Interfaces -> Devices -> `switch` (Bridge device) -> Configure... -> Bridge VLAN filtering