Hi, your video was recommended to me on my feed and I have to say nice video and breakdown! I've started my homelab journey about 6 months ago, so this was actually a nice review from a more realistic and reasonable setup that's similar to what I had in mind, as opposed really expensive and complicated setups from big channels, so I really appreciate this honestly and I look forward to your future videos! Tanks!
Hi John. Thanks for your awesome video! Its very advanced for a homelab, very skilled. I was wondering how you configured your offline and online IoT networks. Could you make a video where you take a deep dive into your configuration, networks and maybe advanced firewall rules?
Hi Daniel, Thanks for supporting the channel, I really appreciate it! I think I did a deep dive in this video, but I can look into revising firewall rules in a future video! I’m not a CISO so I’ll fine tune some of the rules to increase security at some point in the future.
@@johnstech7 Hi John, ofcourse! I really enjoy your video’s. Yes you did! I was especially wondering how you configured your off- and online IoT networks. Are you blocking ports 443, 8080 etc. on the offline networks? That kind of rules/routes i’m interested in. I’m also not a CISO but i’m very interested in network security. Thanks again for your time and hope to see future videos. 👌🏼😎
Hi Daniel, Good morning! I’m actually still using the simple rules in UniFi and not the advanced ones. All it does is block any traffic from the IoT-Offline & Management network that heads to the WAN interface. This also blocks clients accessing on a VPN as well so I added another rule that allows the Proxmox hosts to hit the internet. For IoT Public it still has access to the internet but I block traffic if it’s starting from the IoT-Public VLAN to Default or Guest, but the other way to Public is allowed. Any other traffic from Public to Management or Offline is dropped. Guest also isn’t able to talk to those Management & Offline networks! Also multicast is enabled so devices on Untagged, IoT-Public and Guest can find the AirPlay devices that are available. This doesn’t require a firewall rule.
@@johnstech7 Hi John, I’m going to experiment with this. Thank you for your explanation! Keep doing what you do. You put a lot of afford and care in your work. Its just a matter of time when you will blow up on the tech side of UA-cam! 😜
Hi there! I enabled Jumbo frames on my OWC 10GbE Thunderbolt adapter on my MBP in System Prefs -> Network -> (Interface) -> Details -> Hardware page. No special drivers/kexts needed. The NIC connects to my UDM Pro which also has jumbo packets enabled. I turned on switch exclusion so it has jumbo packets on the UDM only. The other device on the UDM is my TrueNAS Server (on the R740xd).
Hi, your video was recommended to me on my feed and I have to say nice video and breakdown!
I've started my homelab journey about 6 months ago, so this was actually a nice review from a more realistic and reasonable setup that's similar to what I had in mind, as opposed really expensive and complicated setups from big channels, so I really appreciate this honestly and I look forward to your future videos! Tanks!
Thank you, I really appreciate your support! 🙏🏾
Hi John. Thanks for your awesome video! Its very advanced for a homelab, very skilled. I was wondering how you configured your offline and online IoT networks. Could you make a video where you take a deep dive into your configuration, networks and maybe advanced firewall rules?
Hi Daniel,
Thanks for supporting the channel, I really appreciate it!
I think I did a deep dive in this video, but I can look into revising firewall rules in a future video! I’m not a CISO so I’ll fine tune some of the rules to increase security at some point in the future.
@@johnstech7 Hi John, ofcourse! I really enjoy your video’s.
Yes you did! I was especially wondering how you configured your off- and online IoT networks. Are you blocking ports 443, 8080 etc. on the offline networks? That kind of rules/routes i’m interested in. I’m also not a CISO but i’m very interested in network security.
Thanks again for your time and hope to see future videos. 👌🏼😎
Hi Daniel,
Good morning! I’m actually still using the simple rules in UniFi and not the advanced ones.
All it does is block any traffic from the IoT-Offline & Management network that heads to the WAN interface. This also blocks clients accessing on a VPN as well so I added another rule that allows the Proxmox hosts to hit the internet.
For IoT Public it still has access to the internet but I block traffic if it’s starting from the IoT-Public VLAN to Default or Guest, but the other way to Public is allowed. Any other traffic from Public to Management or Offline is dropped. Guest also isn’t able to talk to those Management & Offline networks! Also multicast is enabled so devices on Untagged, IoT-Public and Guest can find the AirPlay devices that are available. This doesn’t require a firewall rule.
@@johnstech7 Hi John,
I’m going to experiment with this. Thank you for your explanation!
Keep doing what you do. You put a lot of afford and care in your work. Its just a matter of time when you will blow up on the tech side of UA-cam! 😜
Thank you sir! 🙏🏾🤝🏾
How did you get jumbo frames to work on your MBP and what interface on the MBP are you using the jumbo frames with?
Hi there! I enabled Jumbo frames on my OWC 10GbE Thunderbolt adapter on my MBP in System Prefs -> Network -> (Interface) -> Details -> Hardware page. No special drivers/kexts needed.
The NIC connects to my UDM Pro which also has jumbo packets enabled. I turned on switch exclusion so it has jumbo packets on the UDM only. The other device on the UDM is my TrueNAS Server (on the R740xd).
Nice set up you got going for your environment.
How long did spend on getting your network set to your liking?
Thanks man! I don't really keep track of time when it comes to the homelab so I don't have an estimate lol.
@@johnstech7 it’s all good.
I know what it’s like as well when setting everything up.
I’m glad that it’s all to your liking though.
Nice hlab, what rack you have there. Im intrested so i could buy me one too
Thanks! It's actually a basic rack from amazon!
www.amazon.com/gp/product/B0C64X8J8R/ref=ppx_yo_dt_b_search_asin_title?ie=UTF8&psc=1