networking
Networking
Overview
Network setup for the homelab, covering physical switching, routing, and remote access.
Physical Topology
Internet
└── GL.iNet Beryl AX (192.168.x.1) — main router / DHCP
└── Cisco Catalyst 3560-CX (managed switch)
├── M90Q Gen 3 — Proxmox host (192.168.x.10)
├── M720Q #1
├── M720Q #2
└── M710Q #3
Devices & IPs
| Device | Role | IP |
|---|---|---|
| Beryl AX | Router / DHCP | 192.168.x.1 |
| M90Q Gen 3 | Proxmox host | 192.168.x.10 (static) |
| WS2025-DC01 | Domain Controller | 192.168.x.20 (static) |
| WIN11-CLIENT01 | Windows client | 192.168.x.21 (DHCP reservation) |
Cisco 3560-CX
Enterprise-class IOS-based switch. Currently flat (untagged) — VLAN segmentation planned for the cluster phase.
Planned VLAN layout:
| VLAN | Name | Purpose |
|---|---|---|
| 1 | Default | Management |
| 10 | Lab | VM traffic |
| 20 | Cluster | Proxmox cluster comms (10.10.0.0/24 vmbr1) |
| 99 | IoT | Isolated devices |
IOS config reference:
conf t
vlan 10
name Lab
vlan 20
name Cluster
vlan 99
name IoT
MikroTik RB5009UG
Planned as the main edge router, replacing the Beryl AX. Rack-mounted. Will handle:
- VLAN routing (inter-VLAN)
- Firewall policy
- BGP/OSPF experiments
⚠ Planned
MikroTik deployment is in the next build phase. Documentation will be updated once deployed.
Tailscale
Tailscale is installed on the Proxmox host and configured as a subnet router, advertising 192.168.x.0/24 to allow remote access to all LAN devices.
Setup notes:
- Configured via CLI (not GUI — Mac App Store version lacks subnet route controls)
- IP forwarding enabled:
net.ipv4.ip_forward = 1persisted in/etc/sysctl.conf - Advertise route:
tailscale up --advertise-routes=192.168.x.0/24# Enable subnet routing on Proxmox host tailscale up --advertise-routes=192.168.x.0/24 --accept-routes sysctl -w net.ipv4.ip_forward=1
Private Cluster Network
For the multi-node cluster, a dedicated bridge vmbr1 will be set up on 10.10.0.0/24 for Proxmox cluster communication (corosync) and inter-VM traffic, separate from the main LAN.