• 1 Post
  • 27 Comments
Joined 1 year ago
cake
Cake day: June 21st, 2023

help-circle

  • Both opnsense and pfsense allow custom DNS entries so you still have that as an option. Probably the other options do too but you’ll just have to verify.

    But if you want to keep it simple I would just keep the pihole as a separate device. A lot of the built in options aernt quite as easy to setup and don’t have the best UI compared to pihole IMO.


  • Most of the more advanced gateways have some sort of DNS filtering built in. Opnsense has an adguard plugin, pfsense has pfblocker-ng, openwrt has a few different options, Unifi and mikrotik both have solutions too I think. Usually you can just load the same block list that pihole uses into the filtering software and you are good to go.

    If you want the most flexibility and want to use the same hardware for both gateway/DNS and want to try out different DNS/router solutions a hypervisor would give you the most options. But it would also be the most complicated.




  • If you’re looking for a more mature networking setup, I would definitely recommend splitting up your router, switch and AP duties into separate devices. It gives you the most flexibility for when you want to tinker or change things.

    For a main router setup, I would recommend OpnSense. It’s has a cloud backup feature which allows you to automatically backup the configuration to a Google Drive xml file whenever it is changed.

    The XML config file stores all your leases so you don’t have to worry about reassigning DHCP reservations. If you load the config onto a new system, like for an upgrade or if the router hardware fails, usually you just have to change the interface mappings and you’re good to go.

    As far as APs/switches, I would recommend Unifi or Mikrotik. Unifi has a fancy dashboard you can use to adopt new equipment and restore/change configs from, but I find Mikrotik easier and simpler to backup and I like that i dont have to host a controller to make config changes.








  • A custom router + managed switch is a great way to learn. Studying the fundamentals is also good, but in my opinion it’s not as fun as setting up your own network and learning hands-on.

    If you decide to go this route I highly reccomend taking regular backups of your config (and backup again before you change stuff). Part of learning involves breaking things - trust me you will break your network - and in networking that’s one of the best ways to learn. Backups will give you an easy way to restore to a known working configuration.




  • Yes its my main router. Everything comes into the laptop across one interface setup as a trunk that includes vlans for WAN, LAN, etc. From there proxmox has a vlan aware linux bridge setup that connects to all the VMs/containers that I run. The VM virtual interfaces get tagged with whatever network I want the host to be part of.