Setting up a seperate network at home

Discussion in 'Networks' started by michael78, Aug 12, 2010.

  1. michael78

    michael78 Terabyte Poster

    2,085
    29
    141
    I'm wanting to keep my home study network domain seperate from my main PC and wife's laptop so that they don't see each other. My routers internal IP is 192.168.0.1 but I want to put my home network on a 10.10.0.0 range. I have a switch I can setup VLAN's on which I intend to do to seperate the network traffic. I want some of my servers to have internet access so to enable that do I setup DNS to forward to 192.168.0.1? Take it that should work whilst keeping my main PC and wife's laptop seperate.
     
    Certifications: A+ | Network+ | Security+ | MCP | MCDST | MCTS: Hyper-V | MCTS: AD | MCTS: Exchange 2007 | MCTS: Windows 7 | MCSA: 2003 | ITIL Foundation v3 | CCA: Xenapp 5.0 | MCITP: Enterprise Desktop Administrator on Windows 7 | MCITP: Enterprise Desktop Support Technician on Windows 7
    WIP: Online SAN Overview, VCP in December 2011
  2. ThomasMc

    ThomasMc Gigabyte Poster

    1,507
    49
    111
    What router are you using?
     
    Certifications: MCDST|FtOCC
    WIP: MCSA(70-270|70-290|70-291)
  3. michael78

    michael78 Terabyte Poster

    2,085
    29
    141
    Certifications: A+ | Network+ | Security+ | MCP | MCDST | MCTS: Hyper-V | MCTS: AD | MCTS: Exchange 2007 | MCTS: Windows 7 | MCSA: 2003 | ITIL Foundation v3 | CCA: Xenapp 5.0 | MCITP: Enterprise Desktop Administrator on Windows 7 | MCITP: Enterprise Desktop Support Technician on Windows 7
    WIP: Online SAN Overview, VCP in December 2011
  4. dales

    dales Terabyte Poster

    2,005
    51
    142
    Slypie, when you say servers what do you mean, do I remember rightly that you bought a couple of t105's or ml110's for vmware, if so you could connect your servers to an isolated lan in vmware and bridge the isolated one with the "vm network" with vyatta software routers.

    Not sure if vlaning would work in your instance I dont know how one network would know how to get to another without routers connecting to the vlans
     
    Certifications: vExpert 2014+2015+2016,VCP-DT,CCE-V, CCE-AD, CCP-AD, CCEE, CCAA XenApp, CCA Netscaler, XenApp 6.5, XenDesktop 5 & Xenserver 6,VCP3+5,VTSP,MCSA MCDST MCP A+ ITIL F
    WIP: Nothing
  5. michael78

    michael78 Terabyte Poster

    2,085
    29
    141
    Basically I have 3 ML115's and a T105 server which eventually will host ESX/ESXi and Hyper-V on them running an openfiler SAN to host the VM's on. This will be my testing rig. On the other side I have my main gaming/email/browsing PC, wife's laptop, living room media PC, linux PC and 2 of my own laptops that are stand alone machines and I want to keep it that way and seperate the network traffic from my testing rig. Laptops are wireless and go direct to my ISP's modem so thats not a massive issue as such. My main PC and the other PC's go into a bog standard 8 port switch. My test rig goes into the 3com managed switch and daisy chains into the bog standard switch which goes into my ISP modem.

    I thought I should be able to leave my stand alone PC's and laptops as they are on a 192.168.0.0 address and setup my test rig on a VLAN on a different say 10.10.0.0 IP range and subnet and have the DNS server forward requests to my ISP modem for DNS resolution. Got to be honest I've never setup or thought of this type of setup before so am a little stuck as to how best to seperate the 2 sides.
     
    Certifications: A+ | Network+ | Security+ | MCP | MCDST | MCTS: Hyper-V | MCTS: AD | MCTS: Exchange 2007 | MCTS: Windows 7 | MCSA: 2003 | ITIL Foundation v3 | CCA: Xenapp 5.0 | MCITP: Enterprise Desktop Administrator on Windows 7 | MCITP: Enterprise Desktop Support Technician on Windows 7
    WIP: Online SAN Overview, VCP in December 2011
  6. danielno8

    danielno8 Gigabyte Poster

    1,306
    49
    92
    That is a switch. Do you mean your router hangs off of this?

    Do i have it correct in that you want to keep the 192.168.0.0 network in place as it is, with your main PC and wifes laptop connected on this subnet. Then you want to create a 10.10.0.0 network on this switch for your study domain?

    If so, you will need routing somewhere for routing between the 192.168.0.0 net and the 10.0.0.0 net. This switch won't do what you need.
     
    Certifications: CCENT, CCNA
    WIP: CCNP
  7. ThomasMc

    ThomasMc Gigabyte Poster

    1,507
    49
    111
    Your aiming for something like this Sly

    [added]
    forgot to add a netmask lol 255.255.255.0
     

    Attached Files:

    Last edited: Aug 12, 2010
    Certifications: MCDST|FtOCC
    WIP: MCSA(70-270|70-290|70-291)
  8. michael78

    michael78 Terabyte Poster

    2,085
    29
    141
    More like this. Home PC's on the right, servers on the left. Sorry for the poor effort lol. The writing isn't very clear but the servers plug into the manager switch and the managed switch then plugs into the unmanaged switch. This should keep the 2 sides seperate from each other if I create a VLAN on the managed switch with a different IP range and subnet surely?
     

    Attached Files:

    Last edited: Aug 12, 2010
    Certifications: A+ | Network+ | Security+ | MCP | MCDST | MCTS: Hyper-V | MCTS: AD | MCTS: Exchange 2007 | MCTS: Windows 7 | MCSA: 2003 | ITIL Foundation v3 | CCA: Xenapp 5.0 | MCITP: Enterprise Desktop Administrator on Windows 7 | MCITP: Enterprise Desktop Support Technician on Windows 7
    WIP: Online SAN Overview, VCP in December 2011
  9. danielno8

    danielno8 Gigabyte Poster

    1,306
    49
    92
    You can create a VLAN on the managed switch, but its not going to mean anything to the other switch if it's an unmanaged switch as it will know nothing of the VLAN config. Also, if you have a standard ISP sort of router, it's not likely you can do the required config to allow the router to route between VLANs (which you will need if you want those servers to access the internet).
     
    Certifications: CCENT, CCNA
    WIP: CCNP
  10. michael78

    michael78 Terabyte Poster

    2,085
    29
    141
    Changed my name guys just in case your confused lol

    my router does allow VLAN's to be configured. I don't quite understand why this wouldn't work. If I used my managed switch and configured a VLAN on say the 10.10.0.0 range for my testing network surely this would keep that separate from my home PC on a 192.168.0.0 range as it doesn't connect to that switch and even if it did I could configure it on a different VLAN. The only time it would need to go through the unmanaged switch is if I needed to get to the internet which will be rare. Surely setting up a VLAN keeps the internal network traffic separate from each other. I thought the only issue I would have would be getting my test network to comunicate with my router as it would have a 192.168.0.1 address which I thought you would add an entry in DNS to get around that issue. Am I totally wrong about my proposed setup :oops:
     
    Last edited: Aug 12, 2010
    Certifications: A+ | Network+ | Security+ | MCP | MCDST | MCTS: Hyper-V | MCTS: AD | MCTS: Exchange 2007 | MCTS: Windows 7 | MCSA: 2003 | ITIL Foundation v3 | CCA: Xenapp 5.0 | MCITP: Enterprise Desktop Administrator on Windows 7 | MCITP: Enterprise Desktop Support Technician on Windows 7
    WIP: Online SAN Overview, VCP in December 2011
  11. Sparky
    Highly Decorated Member Award 500 Likes Award

    Sparky Zettabyte Poster Moderator

    10,718
    543
    364
    The gateway device is the issue here.

    You have your servers patched into your 3COM switch then your ISPs router. Then you have your home PCs into an unmanaged switch and then into the router.

    Both subnets need a default gateway on *their* subnet, how are you going to achieve this with the router you have?
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) MS-900 AZ-900 Security+ Network+ A+
    WIP: Microsoft Certs
  12. danielno8

    danielno8 Gigabyte Poster

    1,306
    49
    92
    Yes, the will be separate, in that broadcasts from the 192.168.0.0 network will not be forwarded out any ports you configure on the managed switch as being a vlan other than the native.

    However, as has been said you CANNOT route between the two networks to allow internet access for the servers, as per your initial requirement.

    The only thing you will be achieving by creating a VLAN on the managed switch is stopping broadcast traffic going out the ports you have assigned as a VLAN other than the native.
     
    Certifications: CCENT, CCNA
    WIP: CCNP
  13. LukeP

    LukeP Gigabyte Poster

    1,194
    41
    90
    Simple question:

    Can you assign multiple LAN IP's to the router? If you can't then it can't act as default gateway for 2 different LAN's.

    edit: Apologies Sparky, just noticed your post:oops:
     
    Last edited: Aug 12, 2010
    WIP: Uhmm... not sure
  14. Sparky
    Highly Decorated Member Award 500 Likes Award

    Sparky Zettabyte Poster Moderator

    10,718
    543
    364
    Hee hee! No probs mate.

    I had to do this with my last home lab to get two subnets to talk to each other. Worth noting that it made the router run quite slow and it reboot now and again, it was a crappy speed touch modem though.
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) MS-900 AZ-900 Security+ Network+ A+
    WIP: Microsoft Certs
  15. michael78

    michael78 Terabyte Poster

    2,085
    29
    141
    Cheers for shining a light on my setup. Goes to show I have a big gap in knowledge when it comes to setting up physical networking. I'm going to see if my routers will allow me to setup 2 gateways. If not can anyone recommend a good ADSL router that will allow me to do this setup.
     
    Certifications: A+ | Network+ | Security+ | MCP | MCDST | MCTS: Hyper-V | MCTS: AD | MCTS: Exchange 2007 | MCTS: Windows 7 | MCSA: 2003 | ITIL Foundation v3 | CCA: Xenapp 5.0 | MCITP: Enterprise Desktop Administrator on Windows 7 | MCITP: Enterprise Desktop Support Technician on Windows 7
    WIP: Online SAN Overview, VCP in December 2011
  16. ThomasMc

    ThomasMc Gigabyte Poster

    1,507
    49
    111
    I would go for a Cisco 877 SEC bundle if you could afford it(you might even get a second hand one off fleebay :)), great little router and it is packed with features
     
    Last edited: Aug 13, 2010
    Certifications: MCDST|FtOCC
    WIP: MCSA(70-270|70-290|70-291)
  17. michael78

    michael78 Terabyte Poster

    2,085
    29
    141
    How can you tell if the router supports multiple gateways?
     
    Certifications: A+ | Network+ | Security+ | MCP | MCDST | MCTS: Hyper-V | MCTS: AD | MCTS: Exchange 2007 | MCTS: Windows 7 | MCSA: 2003 | ITIL Foundation v3 | CCA: Xenapp 5.0 | MCITP: Enterprise Desktop Administrator on Windows 7 | MCITP: Enterprise Desktop Support Technician on Windows 7
    WIP: Online SAN Overview, VCP in December 2011
  18. danielno8

    danielno8 Gigabyte Poster

    1,306
    49
    92
    Yep it should do, as long as you can create a 2 VLAN interfaces.

    Craigie will be able to confirm this as he has used these a lot.
     
    Certifications: CCENT, CCNA
    WIP: CCNP
  19. ThomasMc

    ThomasMc Gigabyte Poster

    1,507
    49
    111
    The lower 877 allow for 2 vlans and the Security bundle will allow upto 4 but you get more bang for your buck with the SEC-K9
     
    Last edited: Aug 13, 2010
    Certifications: MCDST|FtOCC
    WIP: MCSA(70-270|70-290|70-291)
  20. danielno8

    danielno8 Gigabyte Poster

    1,306
    49
    92
    or Thomas :)
     
    Certifications: CCENT, CCNA
    WIP: CCNP

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.