Compare commits
1 Commits
2025.06.11
...
2025.06.13
| Author | SHA1 | Date | |
|---|---|---|---|
| 497239cc76 |
@ -2,6 +2,29 @@
|
||||
sidebar_position: 2
|
||||
title: Network
|
||||
---
|
||||
The gate to my HomeLab is a **UniFi Cloud Gateway Ultra**. It is connected to a **1 Gbps** fiber optic from my ISP and manages **3 static WAN IP** addresses.
|
||||
|
||||
## Hardware
|
||||
|
||||
```mermaid
|
||||
---
|
||||
config:
|
||||
look: handDrawn
|
||||
theme: forest
|
||||
---
|
||||
flowchart TB
|
||||
gateway(UniFi Cloud Gateway Ultra)
|
||||
poe(UniFi Switch Light 8 PoE)
|
||||
wifi1((UniFi U6+))
|
||||
wifi2((UniFi U6+))
|
||||
ISP <--> gateway
|
||||
gateway <--> lan1[LAN]
|
||||
gateway <--> poe
|
||||
poe <--> lan2[LAN]
|
||||
poe <-->|PoE| wifi1
|
||||
poe <-->|PoE| wifi2
|
||||
```
|
||||
|
||||
## WAN
|
||||
|
||||
### Port forwarding
|
||||
@ -83,3 +106,6 @@ Additional Firewall rules allowing or blocking zone-to-zone or subnet-to-subnet
|
||||
There are two Wireguard servers configured:
|
||||
1. **Hearthstone**. Subnet _192.168.3.0/24_. For external access to all local networks.
|
||||
1. **VPS**. Subnet _192.168.4.0/24_. For accessing VPS servers as local network devices.
|
||||
|
||||
## DNS Server
|
||||
I use my gateway as a local DNS server with additional records for internal services, allowing them to be accessed using domain names like `beszel.int.example.com`, but only from the LAN or VPN. Almost all internal domains are pointing to the `ingress1` (Zoraxy reverse proxy), that also manages SSL termination.
|
||||
|
||||
Reference in New Issue
Block a user