You are really good please dont stop with ur videos ever! Super usefull. I discover you since I bought my Synology and i became addicted to your videos. Everytime I have something to do, I check you have the answer

Thank you. Keep up the good work. These videos are so helpful and instructive.

Great overview. Will be interested to see how you integrate multiple DNS servers

People saying that /16 subnets are too big forget what spreadsheets are for. I've been using 10.10.0.0/16 for a decade now with no issues. You get so much piece of mind from having the extra breathing room. I would never go back.

I'd love to see how you set up your firewall rules to manage traffic between the trusted and untrusted vlans, as well as between the server and storage networks. I'm a networking newbie, and that's what always kills me when trying to set something up.

Good point on the subnet numbers.

If you set your VPN client up properly it won't even see the Cafe's 10.0.0.0/16 network. Look for full bridge configs. Most corporate laptop and mobile phone VPNs are setup this way. The IP address your phone sees is it's "LAN" address on the other end of the VPN.

I'am from Austria/Europe - your videos are the best. I've had my NAS for years, but it's only because of you that I'm using it properly. please make many more videos for us - thank you, stay healthy. best regards, karl ps: one more question, what are the benefits of being a member?

Thank you for this. I needed this so badly just now.

All good, but "VM instead of massive docker containers"? 🤔

Awesome content as always. Cheers

Can you do a video of actually setting this up with unifi? I got the UDR and unable to get the two networks to communicate to each other and think it may be a helpful video.

hey i don't really understand the problem you explained at 1:39 is there something that you may be able to share that explains this problem more in depth? - what kind of configuration would the client have to do? - how does setting a random subnet fix the problem? - why can't it successfully route the connection?

Great video, really helpful and informative.

Greate video, you inspired me to redo my home network :). I did't have similar problem with VPN client, becasue somehow I change my subnet from begining, but I can see that there is also mess, and it would be nice, to have it in order :).

You are still looking at IP addresses as if they are in decimal. It looks convenient to divide up this into 10s or 20s or 5s, but it's actually really dumb. Divide by a factor of 2. Just like the net mask. You can have different types of subnet mask. Authorative, like you would specify on a NIC or a route. Administrative, like when you route the /16 but within it are administrative /24s. If you come to dividing up the /16 in /24s, you have 24-26 = 8 bits to use as flags and flag combinations resulting in a sub-sub-netmask. Example. My "Flat LAN" is the 10.0.0.0/24 authoratively. Yet admin wise it's split into /26s. Infra, Service, Access, Pool. Giving 62 addresses in each adminstrative block. The interesting thing is, you can still use these sub-subnet masks in firewall rules or in any IP spec match. You just don't need to "route" them. Also bare in mind, when you subnet "authoratively" you have 2 choices. Multi-NIC or route. One costs admin and network performance and the other puts all your traffic through your router. You need to consider multi-homed hosts. Like routers for one. DNS, DHCP, etc. They need interfaces on ALL subnets that need those services, unless you want to duplicate them. So again, consider going another layer down in the /2s really think about what the netmask means and how to use it, and "adminstrative" sub-subnets.

Your IP allocation plan is a very good idea. I'm planning to use a similar solution for my own home network. Here I use a dual-stack internet connection with IPv4 and IPv6. Do you also have a suggestion for assigning IPv6 addresses in a home lab?

Wow looking forward to future videos on this set up. What HWD are you going to be running all those VM’s on?

Sysop troubleshooting mantra: "It's always DNS."

For DNS, internally anyway, Synology DNS works well. It looks kind of like BIND with a shell. Not sure what is under the hood, But I've been using it for over a year now along with DHCP. My router was garbage at doing this. One hint though, when you set up DHCP, set the first DNS address to your Synology and the second one to an external like 8.8.4.4. If your synology crashes, your girlfriend won't use her laptop like a frying pan...

Where is the updated video to this !?

A little new and confused. Since if your router goes down, everything is down why not use it to host DNS? I'm using pfsense if that helps why I'm confused. Great video btw; going to use your map for reference in re-doing my network, so thanks a lot.

Again, AWESOME videos/tutorials. I currently have the DS220J and I am wondering what can I do to increase my storage capacity without removing the current hard drives? I heard Synology has an additional storage bay system? Any help will be greatly appreciate it! Thank you!

On which network do you put your phone? It will probably host apps that need to communicate with the IoT devices, right?

It’s fine to use a /16 subnet since you will probably never fill that up, however if every ip is taken, never go over a /22, as you will quickly bottleneck your network and run into issues.

whats wrong with proxmox as a vm host?

What's the difference between Storage a/b and FS?

I never recommend 10.x.x.x subnets for home use because their large host counts are better suited to enterprise networks and you can run into routing issues with split tunnel VPN's (often to your corporate VPN).

So which firewall/router are you using ?

First! And I need to do that, too.

Lost me after 2min 😆 a more basic vid abot subnetting would be gr8😂

having you talking about your paranoia about DNS is hellacious , you make thing way over complicated about DNS stuff , having everything secure on your VLANS and then talking bout google DNS makes me cry ,Sorry to say it but I never seen a more complicated home lab then this , you should really re think your VLANs and DNS you will have big problems ,there is a flaw in your method to madness , enjoying the content doh ,..