Home Network Part 1

Welcome to Part 1 of my home network series, where I will provide an overview of my high-speed, secure, and reliable network setup. In this post, I will discuss the pfsense firewall, switches, VLANs, and Wi-Fi network that I have implemented to segment my network.

To begin, I created a pfsense firewall using virtualization and upgraded an HP desktop with two NICs - one with two SFP+ ports and the other with a 10Gbps ethernet port. This allows me to achieve high network throughput and redundancy, essential for professional-grade network storage and data transfer.

I also use Mikrotik CSS326-24G-2S+RM and Mikrotik CRS305-1G-4S+IN switches, connected to the pfsense firewall using SFP+ cables, to segment my network into four VLANs - Trusted, Servers, IoT, and Guest. The Trusted VLAN is for my personal devices, Servers VLAN for hosting critical network infrastructure, IoT VLAN for my IoT devices, and the Guest VLAN for restricting access to guests.

The Unifi U6 Enterprise AP provides Wi-Fi 6E connectivity to my home network through the pfsense firewall. The Wi-Fi network is connected to the Mikrotik CRS305-1G-4S+IN, powered by a 2.5Gbps POE injector. I have carefully configured each component to ensure seamless integration and optimal performance.

For my IoT management and ad-blocking needs, I use two Raspberry Pi's running Home Assistant and Pi-Hole, respectively. The Pi-Hole is using the pfsense firewall running Unbound as the DNS resolver for enhanced privacy.

In conclusion, my home network setup features a carefully planned and implemented pfsense firewall, switches, VLANs, and Wi-Fi network. The use of Raspberry Pi's running Home Assistant and Pi-Hole adds an extra layer of management and security to my network. In part 2 of my Home Network series I will cover my implementations for network security, remote access, and home automation.