I’m setting up DHCP reservations on my home network and came up with a simple schema to identify devices: .100 is for desktops, .200 for mobiles, .010 for my devices, .020 for my wife’s, and so on. Does anyone else use schemas like this? I’ve also got .local DNS names for each device, but having a consistent schema feels nice to be able to quickly identify devices by their IPs.
We all go down this hole at the start. The truth is, you should only reserve IPs if you actually need it to stay the same. You don’t need to check IPs as often as you think, I promise. The only segmentation and planning you should do for a home network is for subnets/vlans; LAN, Guest, IOT, Server, etc.
Instead of managing the IP addresses, just manage hostnames. Make sure every device with a customizable hostname is easily identifiable. This will help you so much more in the long run.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters AP WiFi Access Point DNS Domain Name Service/System HA Home Assistant automation software ~ High Availability IP Internet Protocol IoT Internet of Things for device controllers NAS Network-Attached Storage Unifi Ubiquiti WiFi hardware brand Zigbee Wireless mesh network for low-power devices
8 acronyms in this thread; the most compressed thread commented on today has 9 acronyms.
[Thread #71 for this sub, first seen 20th Aug 2023, 22:05] [FAQ] [Full list] [Contact] [Source code]
The only one I set static is the servers and that’s for port forwarding. So I set it to what it was using at the time. Unifi IDs the devices for me otherwise.
TLDR; don’t reserve IP’s
We all did back in the 90’s. But this is kinda counter to the idea of dynamic leasing of IP addresses.
The only reason I see for reserving IP’s would be to do some based on cidr ranges (bad practice) or because you need some shitty software that only handle IP’s and not hostnames.Just liberate yourself and get used to not having control over IP. It will prepare you for ipv6 where dynamic addresses are part of the spec.
Your local dns server should be set up to register devices on ip lease - something all dns servers I’ve worked with last 20 years can manage. With properly set ip search domains this means that you can reach your devices by hostname, or by fqdn if you’d want that.
Also note that .local is a special tld reserved for mdns/zeroconf. Do not set up your dns server to serve this. You’d be better off using something like .LAN - this means that mdns/zeroconf can co-exist nicely on your lan.
Regarding vlans: this is something completely different as this is level 2 in osi. Each vlan is like a separate network - there needs to be routing to reach one from the other. I would agree that vlans are nice when used properly - to section and separate devices. One vlan for IoT devices - to keep them out of your safe home network - is a fairly common thing. A separate vlan for servers, one for management perhaps, one for guest-network and one for your normal home devices.
I use 4 vlans at home each with a /16 network from the 10/8 range. And the only static (not reserved dhcp) that I use are for dns and gateway. At work I still set up some sites where infrastructure like switches/routers etc are on static - and take this into account when I set up the ip pool(s). I’m those cases I’ll exclude the top end of the network and put the rest in the pool. Some like to do the opposite end, and some don’t care and just use all as pool and count on arp/ping to avoid conflicting leases (bad practice).
I like your funny words magic man.
As a total novice for networking (setting up 4 hat rules for my pihole was… tough), how bad are vlans to set up?
Look at them like this: VLANs are like running several cables between two spots that you can configure independently. In the very end it comes down to this: what virtual LAN number you have on the cable.
Your backbone devices (router and switches) can be configured to accept tagged traffic―your switch will send a packet prefixed with a VLAN index and your router will trust that the packet actually came from that VLAN on the switch port, or to tag traffic―like when you have some port on your switch where your PC is plugged in and the switch will tag those packets with some VLAN when it forwards them (to the router).
Once you grasp that, everything else pretty much boils down to managing several isolated networkd and how they cross-talk. You run a dhcp server over each network, its own set of other services and whatnot.
Oftentimes the “home” hardware will expect a single network and use some means of packets broadcast to reach each other. That’s how your phone can find all google homes on the network and apple homekit knows where your smart lights are. For that traffic to cross VLANs you’ll have to use some special software like mdns repeaters, but you can still isolate them.
Wrapping up, VLANs basically allow you the physical level isolation over a single cable. Mind that there are, of course, some bugs, e.g. I once found an issue with Unifi access points that allowed a well crafted packet to escape into VLAN 1 no matter what it was supposed to be tagged with. So don’t treat them as physically separate links.
Son, I think it’s time you learn about vlans.
Sounds like fun but watch out for man in middle…home tech support!
Remember upper executive mgmt (wife) will have priority demands and expect to bypass all support/ticketing processes c/o direct access/shoulder tap, 24x7.
Tip - create high priority user stories for your upper exec mgmt needs and your rest activities (sports, call of duty, tinkering in garage/shop/man cave, etc etc etc et al) so your impl supports your key stakeholders while also aligning with your favorite best practices.
.local is the important part imo—actually, tbh I am not a super fan of the .local dns method and how it punks networks (basically like entering a crowded bar and yelling YO BRAH!) BUT it is simple and low effort (see high pri user stories).
Good luck with your PI plan, could you include us in PI retrospective so we can learn from you? Godspeed.
:]
I don’t see the need, everything gets IDed by its hostname.
The only thing with static DHCP is IoT stuff that needs a consistent IP for HA to connect to it, and servers.
It can be useful to assign a static IP address for your kids’ devices so you can set parental control on pihole/adguard.
Pi-hole can seperate devices by MAC, so it’s not really needed to group them.
Wouldn’t that require you to use pihole as DHCP though? Afaik DNS packets doesn’t contain Mac address, right?
I think it will just identify the device by MAC and use whatever IP that MAC has assigned to block queries. I just noticed the other day that i can select devices by MAC and assign to groups, and my pihole isn’t the DHCP.
