Let's talk about VLANs

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
today's video is all about vlans or virtual local area networks as part of my rack revamp project i'm finally getting around to doing something i should have done a long time ago and that split up my network into logical chunks and if you run servers or a home lab in your own house you should too [Music] today's video is brought to you by nordpass's end of winter sale from now until february 25th you can take 70 off a two-year subscription and get an extra month on the house nordpass makes managing your online passwords a breeze with their user-friendly desktop and mobile applications it allows you to access all of your passwords on any device from wherever you are and with nordpass's zero knowledge architecture your data is encrypted on your own device before it ever reaches their servers visit nordpass.com craft today to take advantage of this limited time offer that's nordpass.com craft welcome back to craft computing everyone as always i'm jeff first off let's talk about your home network typically your off-the-shelf router is configured to be a flat network that is every device can broadcast to every other device that's on it broadcast traffic in and of itself is not a bad thing it's what makes wireless printing airplay chromecast and a variety of other systems work on your network broadcast traffic is one device let's say your cell phone or laptop calling out to the rest of your network saying hey i'm a cell phone who else is here and much like a dog barking in your backyard every other dog in the neighborhood is bound to respond this will cause other devices to announce who they are and ask who else is there in return and so on and so forth until every dog is satisfied they have all of the information they need for most homes this isn't a huge deal i myself have two dogs and they only bark for a minute or two when the amazon driver delivers packages oh we were talking about networks right much like dogs in a neighborhood the more devices there are on your network the noisier it is to live there and for networks with dozens of clients a stack of servers iot devices security cameras wireless access points and more those broadcasts can add up to the point of causing delays in other traffic fortunately there's a simple solution and that's splitting your network into multiple smaller networks called vlans these networks will allow traffic intended for a single device to be routed between them but will deny broadcast traffic from being let in in technical terms it will allow unicast traffic but deny multicast traffic the question is how do you divide your network in a way that still allows all of your services to work in my home network i have client devices like computers cell phones and tablets i've got iot devices like smart lights here in my office i've obviously got my servers and networking equipment and i've got one printer i've also got a dedicated home lab just for tinkering on which i would like on its own vlan to avoid confusion with services i actually use here on my network next up let's talk ip addressing first off i probably know the ip address of your router it's 192.168.1.1 freaky right actually that's the most common address space to use in a home network there are three ranges of ip addresses reserved for private use that is not publicly accessible on the internet those are any ip address starting with 10 that is 10.0.0.0 through 10.255.255.255. this space is typically used in enterprise networks as there are 16 million 777 thousand 216 ip addresses available within this range there's the ip range of 172.16 through 172.31 and while this was originally reserved for businesses it's also the least used among ip addresses because of the odd starting ip and the fact that it only offers a million and change ip addresses in the block then for home networks there's the ip range of 192.168. now most home routers will use this range as there aren't that many instances of a house needing more than 65 536 ip addresses under the same roof now my home network has been using the 192.168 ip range for quite a while and while i could stick with that i much prefer using the 10 range so let's go ahead and lay out my new network configure my ip address ranges for dhcp dns and prepare to get everything moved over i'll be doing this today on the unifi udm pro now for every firewall or router that's out there there's also a different method of configuring vlans this isn't a tutorial for your specific device rather just an overview of the logic that goes behind it the first step in all this is determining how you want to split up your devices and documenting it before you make any changes for my network i'm going to create four separate vlans servers are going to go on the 10.0.0.0 iot devices and that lowly printer on 10.0.1.0 client devices on 10.0.2.0 and my home lab is going to go on 10.10.0.0 the main network is going to have pi holes serve as the dhcp and dns server making internal logging and local dns management a little bit simpler the homelab network will serve its own dhcp and dns which i'll build out later on first i'm going to open up my udm pro inside a web browser on the left go to settings and then click on networks as you can see i've already set up the homelab vlan in preparation for this move if i click on edit you can see this vlan is set up as number 1010 with the ip address range of 10.10.0.0 through 255 indicated by the slash 24 at the end this will give me 254 client ip addresses in this range which should be more than enough for any home lab experiments i might be conducting during this video all the new vlans will be configured using the udm pro for dhcp and dns until after i've completed the move once the vlans are ready to go i'll configure pyholt as the new dhcp and dns server i might even do a video on that one if you ask nicely one nice thing about the udm pro is the vlans are all automatically assigned to all ports as i recommend using the udm pro as a router only and not as your main switch this works out very nicely as your switches downstream can then assign the vlans to individual ports as needed now then let's go ahead and create the server vlan on the networks tab click on create new network i'm going to name this network servers seems obvious right for the network purpose this will be a corporate network as we want communication open to other vlans the vlan number is completely arbitrary but i like to use something similar to the ip address range inside the vlan so we'll id this one as vlan 1000. under gateway ip and subnet i'm going to enter the ip of 10.0.0.1 24. the slash 24 at the end indicates this is a class c network ranging from 10.0.0.0 through 10.0.0.255 with a gateway address of 10.0.0.1 under domain name i'm going to use craft.local and finally for dhcp range i like leaving a small gap at the beginning and using a range of 10.0.0.11 through 10.0.0.254. so why didn't i use through 255. if the network supports 0 through 255 in the ip range well zero is reserved as the network number and identifies the network itself and 255 is the broadcast address for this network which is how devices broadcast to an entire range they address 10.0.0.255 and any data received by the switch for that ip address rebroadcast those packets to the addresses 1 through 254 if everything looks correct go ahead and click on save and then repeat this exact same process for the iot and client vlans now that you have your vlan set up how do you assign a vlan to a specific device the simplest solution is to use your managed network switch to untag an individual port with the desired vlan an untagged port means that all devices downstream of that port will be assigned that specific vlan so on my network switch i would assign all of my server ports as untagged with vlan 1000 wired client ips with vlan 1002 iot devices with vlan 1001 but what if you have switch ports that have multiple devices downstream and need multiple vlans assigned for instance i want to move my unify access points to the server vlan but wireless clients may be on the client or iot vlans untagging a port with a specific vlan means that vlan will be the default for any device connecting however some devices have the ability to assign their own vlan ids or assign other vlan ids to clients further downstream in the case of my wireless access points i'm going to set up those ports as untagged on the server vlan 1000 and tagged on vlans 1001 and 1002 i can then assign any clients that connect to the wireless access points a specific vlan inside of unify so smart lights will go to the 1001 iot vlan and phones tablets and laptops will go to the 1002 client vlan now again for network switches there are as many methods of assigning vlans as there are network switches on the market these terms are fairly universal though and should give you a good place to start looking for how to assign a vlan on your own devices but unless you're trying to assign vlans on a pro curve switch i'm likely of very little help to you in the next few days i'll have some work ahead of me getting the network rearranged into the new vlans but it will be much better organized when it's all completed hopefully in the next couple weeks i'll also be doing a video on prtg which is a free network and hardware monitoring service i run here on my network so make sure you keep an eye to the channel so you don't miss that one on your way down to that subscribe button make sure to drop this video a like you can also follow me on twitter craft computing if you want to keep up with my daily shenanigans if you can't quite get enough craft computing there are ways you can get more first off join us for our weekly live show talking heads every wednesday night at 8 pm pacific time right here on youtube for the latest in beer and tech news or on anchor dot fm or wherever your favorite podcasts are found you can also join me in my exclusive discord server and get some behind the scenes access if you join the patreon or float plane links are both down in the video description and really do help me keep the lights on around here so like i said a lot of cool projects coming out but that's going to do for me in this one thank you all so much for watching and as always i will see you in the next video cheers guys [Music] in a long line of beers i have purchased just for the label today i'm cracking open x novo's strat your stuff and uh how could you even resist that label or that name uh this is a hazy ipa brewed with strata and galaxy hops clocking in at 6.9 percent nice boy a lot of grapefruit on this one citrusy in the definitely not an orange kind of way oh that's nice it's kind of smooth and creamy right up front but then classic like a hazy it kind of dries your mouth out as it goes through and it leaves you with a real clean crisp citrus aftertaste that's good yep i'm about three ounces in now and uh the creaminess is gone this is all hazy this is a hazy that's going to accumulate over time and eventually uh irritate your throat yeah i have the same problem with this hazy that i have with a lot of other hazies and that's halfway through it all i can taste is hazy there's no more defining flavors it's just acidic like it was really really pleasant at first like i said it had this creaminess to it there was a wonderful citrus note on the back end of it and now it just tastes like any other hazy i've ever had and i'm kind of disappointed by that yeah that burn is up front and immediate and it literally cancels out every other flavor that was coming out within this beer that's unfortunate you know beers i don't like really do end up being like taking your medicine at a certain point [Music] whoa yeah at this point it's just a hazy i had high hopes for this one i really did [Music] if you like hazies it's got everything there but man i want the beer i had in the first three ounces that was way better thank you all so much for watching and as always that's a lot of beer left hold on [Music] see what i said about pacing
Info
Channel: Craft Computing
Views: 55,813
Rating: 4.9517035 out of 5
Keywords:
Id: UB-tYRP2weM
Channel Id: undefined
Length: 12min 35sec (755 seconds)
Published: Thu Feb 11 2021
Related Videos
How To Setup VLANS With pfsense & UniFI. Also how to build for firewall rules for VLANS in pfsense
Lawrence Systems
336K
You're running Pi-Hole wrong! Setting up your own Recursive DNS Server!
Craft Computing
487K
Install Windows like a PRO! Windows Deployment Services Tutorial
Craft Computing
169K
What is a VLAN??? - How to setup VLANs in your Home Network and WHY YOU NEED THEM
Raid Owl
7.2K
THIS is what Windows 10 should look like! - Custom Windows Image Tutorial
Craft Computing
387K
You Should Be Using Yubikeys!
Crosstalk Solutions
425K
Part 2 | Ultimate Home Network 2021 | VLANs, Firewall Rules, and WiFi Networks for IoT UniFi 6.0
The Hook Up
242K
There's going to be some changes...
Craft Computing
45K
Spitfire Mk1 to Mk24 | How Spitfires kept getting better
Imperial War Museums
850K
Adding 10 Gigabit Ethernet to my 129-Year-Old House!
Snazzy Labs
1.2M
Testing New Xeon CPUs for New Servers!
Craft Computing
53K
Before I do anything on Proxmox, I do this first...
Techno Tim
247K
Building Four Servers in One Day!
Craft Computing
99K
It's a Switch... It's a Server... It's BOTH! - QNAP QGD-1600p Server Switch Combo
Craft Computing
46K
Special Lecture: F-22 Flight Controls
MIT OpenCourseWare
2.1M
HOW TO MAKE A SUPER EXTENSION CORD! (Perfect for Christmas!)
Stud Pack
1M
Dual 2011 Server with Rails for less than $150!
Craft Computing
114K
Helium Mining - Six Lessons Learned from Working with Hosts and Placing Hotspots
Network Bits
1K
My Most EPYC Server Build to Date!
Craft Computing
55K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.