networking
Networking
Overview
Network setup for the homelab, covering physical switching, routing, and remote access.
Physical Topology
Internet
└── GL.iNet Beryl AX (192.168.x.1) — main router / DHCP
└── Cisco Catalyst 3560-CX (managed switch)
├── M90Q Gen 3 — Proxmox host (192.168.x.10)
├── M720Q #1
├── M720Q #2
└── M710Q #3
Devices & IPs
| Device | Role | IP |
|---|---|---|
| Beryl AX | Router / DHCP | 192.168.x.1 |
| M90Q Gen 3 | Proxmox host | 192.168.x.10 (static) |
| WS2025-DC01 | Domain Controller | 192.168.x.20 (static) |
| WIN11-CLIENT01 | Windows client | 192.168.x.21 (DHCP reservation) |
Cisco 3560-CX
Enterprise-class IOS-based switch. Currently flat (untagged) — VLAN segmentation planned for the cluster phase.
Planned VLAN layout:
| VLAN | Name | Purpose |
|---|---|---|
| 1 | Default | Management |
| 10 | Lab | VM traffic |
| 20 | Cluster | Proxmox cluster comms (10.10.0.0/24 vmbr1) |
| 99 | IoT | Isolated devices |
IOS config reference:
```bash conf t vlan 10 name Lab vlan 20 name Cluster vlan 99 name IoT
## MikroTik RB5009UG
Planned as the main edge router, replacing the Beryl AX. Rack-mounted. Will handle:
- VLAN routing (inter-VLAN)
- Firewall policy
- BGP/OSPF experiments
<div class="callout planned">
<div class="callout-title">⚠ Planned</div>
MikroTik deployment is in the next build phase. Documentation will be updated once deployed.
</div>
## Tailscale
Tailscale is installed on the Proxmox host and configured as a subnet router, advertising `192.168.x.0/24` to allow remote access to all LAN devices.
**Setup notes:**
- Configured via CLI (not GUI — Mac App Store version lacks subnet route controls)
- IP forwarding enabled: `net.ipv4.ip_forward = 1` persisted in `/etc/sysctl.conf`
- Advertise route: `tailscale up --advertise-routes=192.168.x.0/24`
```bash
# Enable subnet routing on Proxmox host
tailscale up --advertise-routes=192.168.x.0/24 --accept-routes
sysctl -w net.ipv4.ip_forward=1
Private Cluster Network
For the multi-node cluster, a dedicated bridge vmbr1 will be set up on 10.10.0.0/24 for Proxmox cluster communication (corosync) and inter-VM traffic, separate from the main LAN.