this post was submitted on 08 Jul 2023
22 points (95.8% liked)

Selfhosted

40113 readers
791 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

I am not very experienced with networking and as I build out my services on prem I have come to this community for help and support.

I have done a lot of reading about subnets and masking and the like and I semi-understand how it works and what I want to do but I don't know how to actually do it.

Thanks to this community I have a OPNSense Router that I installed on a desktop computer where I purchased a 2x1gb NIC to install. I've learned how to open ports and how to NAT/forward even with reflections for my https local services.

I just can't figure this out. I drew my network topology and put it here: https://imgur.com/a/XY8V5Sl

My wired network is 192.168.1.0/24 meaning 255.255.255.0. My wireless is Google Nest Wifi which limits me a bit. It is using 192.168.86.0/24. The gateway for both networks is my opnsense router 192.168.1.1.

I want to create a route between 192.168.86.0/24 and 192.168.1.0/24. I believe one way to do it is to use 255.255.0.0 meaning /16 but I don't know where to make that change and since the Google Wifi uses its own DHCP, i am not sure I can change that properly.

My preference is to leave Google Wifi alone (its a piece a shit, by the way, don't buy it) and my expectation is that I can create a route in opnsense to 'bridge' the two different subnets.

Am i correct? If not, can you help me understand? If i am correct, can you guide me?

you are viewing a single comment's thread
view the rest of the comments
[–] bigredgiraffe@lemmy.world 1 points 1 year ago

Are you using VLANs on your switch? Are you using the LAN or WAN port on the google device? As others have said, those two subnets do not overlap using /24 (255.255.255.0) so you would either need to use something like 192.168.0.0/17 that would cover both 192.168.1.0/24 and 192.168.86.0/24 but that is way overkill for most networks (192.168.0.0 - 192.168.127.255, 32766 hosts).

If you are having trouble understanding subnetting (or are like me and have a brain that refuses to learn any tricks to do it in your head) I highly recommend this really simple subnet calculator as it is very easy to see how you can divide subnets down from the RFC 1918 supernet (192.168.0.0/16) by clicking on "Divide" on the right side. In fact, that's pretty much the only subnet tool I use anymore, super quick and easy.

It might be easier to just disable DHCP on the google side (or configure it as a DHCP relay if you can) and just use one subnet from OPNSense.

If you are not able to disable DHCP on the google side then I would set up a VLAN for the google wifi device and then create a VLAN interface in the 192.168.86.0/24 subnet that DHCP won't use (like 192.168.86.2) and configure DHCP to use that for the gateway. This will then allow you to route between your two networks internally and to the internet (firewall permitting, obviously). If your switch does not allow VLANs then you could use another physical interface on the firewall and connect that to the LAN port on the google wifi device and do the same thing for the same result.

I hope all of that makes sense, please do ask for clarification if not, I do this kind of stuff every day and love teaching it so fire away.