• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

pfsense pre-planning.

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.
don256us

don256us

Uber Folding Senior
Joined
Jul 17, 2003
Due to other projects, I have not moved much on my pfsense box. As a re-cap, my son bought me a bare bones celeron with 4 x 2.5Gb ports to replace my USG Pro V4. He also gave me the RAM and NVMe to put in it. A nice little Heatsync of a package.

I had trouble getting it to work, at all. No picture from the thing. I took sime time to troubleshoot and came down to getting it to work and I installed pfsense. However, I'm keeping it off my network for now as I am not ready for a full overhaul. Unfortunately, the box wants to force me into making decisions that I'm not ready to make. VLANs. I know I want them but I don't know how I want to partition them. I'll probably just take my /24 and divide it into four parts. Main network, Guest network, IOT network and a spare.

For now, what is the best setup to seperate my IOT and Guest from my main network? Is VLAN the same as network segments? Am I totally screwed because I don't know the answer to the first question? I am certified but I spend my working life on the local PC. Networks are a new kind of... fun.

Edit: I'm mixing up VLAN and subnetting. I wouldn't mind doing both but I'm looking for input.
 
Last edited:
this guys says subnetting is simple

i've never had a reason to mess with it


i was planning on doing a pf sense box soon too so i'm keeping an eye on your posts
 
That could be a mistake. I often take on side projects like subnetting when I should just do VLAN and stop. I'll keep posting my questions and results and see where that takes me. I need to take pictures. This little box I got is hella neat. I'm looking forward to what it can do and scared too as I know it'll use lots of terms that I don't know.
Post magically merged:

Is it a good idea to subnet AND VLAN to keep things like IOT seperate?
 
I dove into VLAN's. Then i removed them all opting for a single private space subnet.
My primary issue with the VLAN setup was how a host can only have a single default gateway.
I also dislike over complicating the PFSense configuration.

Thats my 2 cents.
 
i've never had any vlan stuff for the home, didnt see the need for it really.

but when i was working we had several vlans, one for main traffic, one for wifi APs and one for the VoIP system. never did anything about subnetting. frankly haven't heard about it till this router software stuff. i'm wondering if its a slang term for subnet mask of which i have heard of but again never did much with...

anyway, i would just vlan IoT traffic, should be much easier. I imagine most, if not all, IoT connections are over WiFi so that part'll be easy. little trickier if you want consoles, phones, laptops and tablets (other wifi devices) on the same vlan as the main traffic. i guess you could filter by mac, i donno theres a lot of different ways to do it.
 
For sure. The subnet mask is dirrectly tied to subnetting. At work we mainly use subnet masks of: 255.255.255.255 and 255.255.255.252. We have others but all of that is with our network group and I'm the big fish in the PC group. I've seen how subnetting works but I've never done it to cement it in my brain. My main confusion is how do I seperate different device groups from others while allowing me to transverse between them?

I'm sure that I don't NEED to subnet or VLAN but I want to. Same reason that I have 32 GB RAM in my system. Bragging rights and the experience of it all.
 
I ended up setting up an IOT VLAN on my home network on my ubiquiti stuff. I needed to make changes in my edgerouter as well as in the Unifi controller so that it matched up. Took me an afternoon as it was all new to me. I could imagine doing a separate subnet as well as VLAN would make it easier for segmenting.
 
don256us said:
For sure. The subnet mask is dirrectly tied to subnetting. At work we mainly use subnet masks of: 255.255.255.255 and 255.255.255.252. We have others but all of that is with our network group and I'm the big fish in the PC group. I've seen how subnetting works but I've never done it to cement it in my brain. My main confusion is how do I seperate different device groups from others while allowing me to transverse between them?

I'm sure that I don't NEED to subnet or VLAN but I want to. Same reason that I have 32 GB RAM in my system. Bragging rights and the experience of it all.
Click to expand...

oh no by all means you do you
I was just saying i personally would run... err ran, a rather analog home. Wired PCs and consoles, wifi for phones and the fire tv. no "smart" things really. a ecobee thermostat showed up eventually but that was more a cost thing (state gave a discount on them that stacked with black friday deals).

i'm afraid if get all these things connected to the internet turning things on and off for me i'll start to look like those big boneless people in the floating chairs in wall-e
 
I'm really just doing a lot of thinking out loud here so that more experienced people can say: "Hol' up there." You know, to keep me straight.
 
You must log in or register to reply here.

Similar threads

don256us
Lost internet for a day. I think it was my fault.
Replies
4
Views
699
jiminalex3
J
B
Comcast CGM433 Modem & Bridge Mode - SOLVED
Replies
6
Views
395
Barryng
B
WrkBoot
Random freezing and blue screens
2
Replies
25
Views
704
EarthDog
EarthDog
don256us
Ubiquiti PoE switches are too damned high.
Replies
1
Views
524
Railgun
Railgun
don256us
Rebuilding my network.
Replies
1
Views
417
Zerileous
Zerileous
Back