Orion Network Architecture
A fairly in-depth dive into a robust home network.
Motivation
What do we want our network to do?
- Be scalable
- We want to be able to lab basically anything, at any time, of nearly any (reasonable) complexity. We want to be able to create functionally infinite environments for our labbing, prototyping, developing, etc. We also want to manage how much these transient services can interact with the rest of our network.
- Security
- Segmenting our networks in this fashion allows us to have precise and tunable control over every network, every link, every packet that traverses any device. This becomes immensely valuable for concept such as:
- Blocking baked-in DNS (DHCP clients not respecting our assigned DNS servers and just defaulting to 8.8.8.8 or something) by disallowing all outbound DNS that doesn’t originate at our recursive forwarders
- Blocking ads at the DNS level
- Prevent unintended phone-home services from functioning on specified devices
- Dictate precisely which things given IoT devices can interact with
- Segmenting our networks in this fashion allows us to have precise and tunable control over every network, every link, every packet that traverses any device. This becomes immensely valuable for concept such as:
- Speed
- We want high speed linkages between the NAS, Hypervisor, and the WiFi 6E, preferably without having to implement policy-based routing on every server.
- Preserve our dynamic DNS to ensure our records stay current even if weird things happen with the ISP’s DHCP
- Dictate inbound WAN traffic Test