Moving in with another IT geek, network woes

[NachT]

So me and another good friend will be moving in together within the next few months, and I'm trying to figure out the best way we can get our network setup. It's Ubiquiti kit that will be used.

We both have our own servers that we'll be connecting in. We both also run our own DHCP, DNS etc servers, so we need separate VLANs.

Quick mockup of what we ideally want:

My main trouble is, I haven't done any advanced network. I can setup the two seperate VLANs fine via the switch, however... I'm struggling to get the VLANs to talk to the router/WAN. I'm assuming I need some sort of port trunking setup?

Ideally, I'd want both VLANs completely separate, but still be able to talk to the same router and get WAN access. We could use PfSense gateways, but if it's possible to setup something like the above using just the functions of the switch, I'd much prefer that.

Any help, suggestions, or links to material that covers this sort of thing would be awesome!

 

[pcfarrar]

You need to get rid of the Home Hub, install a bridge modem with a UniFi USG. It will make things a lot easier.

 

[Hyburnate]

Yeah I'd remove the existing router and put a USG in as you're going UniFi.

From there you can put a LAN port as a trunk for both your VLANs and then configure your switch ports to be tagged as either VLAN 10 or 20 as required.

 

[mejinks]

Personally, I’d just use a pfsense box with a 4 port nic.

I’ve done this so that I keep my home stuff away from anything I need to repair. I’ve also separated out guest wifi.

 

[the-evaluator]

VLAN10 and VLAN20 are both 192.168.1.0/24. Unless your're running VRFs (which I don't think Unifi stuff supports - I could be wrong) then that's not going to work.

I do similar at home, albeit for different reasons but with a USG it all works like a a charm. I've got VLAN 10 for normal traffic and VLAN 20 for iSCSI traffic between my NAS and ESXi box. There's routing between them so that I can reach the management interface on my NAS without having to dedicate an interface to management.

 

[LizardKing]

Is the unifi a layer3 switch? if not your going to need a gateway for each vlan (a VM of pfsense will do it no problem). Or replace the homehub with something more capable
If your not networking orientated, changing the homehub will be the easiest way!

oh and change the subnet of each vlan to something like 192.168.10.0/24 (vlan 10) 192.168.20.0/24 (vlan 20) that way should you end up on the wrong network it will be easier to troubleshoot.