Home Network Infrastructure Documentation

Overview

This documentation covers the complete home network setup including IP allocation scheme, DHCP reservations, VLANs, and device inventory for a 192.168.0.0/24 network managed by OPNsense.

Network: 192.168.0.0/24
Router: OPNsense at 192.168.0.1
Last Updated: December 27, 2025

Network Architecture

Core Infrastructure

• Router/Firewall: OPNsense (192.168.0.1)
• DNS/Ad Blocking: AdGuard Home (192.168.0.11)
• Reverse Proxy: Nginx Proxy Manager (192.168.0.10)
• VPN: Tailscale integration

IP Allocation Scheme

192.168.0.1         - OPNsense Router
192.168.0.2-9       - Reserved for future infrastructure
192.168.0.10-29     - Core Services (VMs/Containers)
192.168.0.30-49     - User Computers & Laptops
192.168.0.50-69     - Mobile Devices & Tablets
192.168.0.70-79     - TVs & Media Devices
192.168.0.80-99     - Smart Home IoT
192.168.0.100-119   - Network Infrastructure (APs, switches, extenders)
192.168.0.120-139   - Hypervisors & Storage
192.168.0.140-149   - Reserved for expansion
192.168.0.150-200   - DHCP Pool (Guest devices only)
192.168.0.201-254   - Future expansion

Infrastructure - Core Services (10-29)

Hostname	Service	IP	MAC Address	Type	Status
npm	Nginx Proxy Manager	192.168.0.10	bc:24:11:5b:1d:a2	Docker	✅ Active
adguard	AdGuard Home	192.168.0.11	BC:24:11:47:27:43	LXC	✅ Active
vaultwarden	Vaultwarden	192.168.0.12	BC:24:11:A8:44:A1	LXC	✅ Active
crafty	Crafty Controller	192.168.0.13	BC:24:11:70:10:E5	LXC	✅ Active
nextcloud	Nextcloud	192.168.0.14	02:99:5b:4c:b3:e6	VM	✅ Active
homeassistant	Home Assistant	192.168.0.15	02:46:0b:d8:35:7c	VM	✅ Active
foundryvtt	FoundryVTT	192.168.0.16	bc:24:11:ad:cb:f6	VM	✅ Active
openmediavault	OpenMediaVault (NAS)	192.168.0.17	bc:24:11:2c:68:58	VM	✅ Active
wordpress-irodori	WordPress - Irodori	192.168.0.18	bc:24:11:42:70:2a	VM	✅ Active
wordpress-dustin	WordPress - Dustin	192.168.0.19	bc:24:11:7e:fc:ff	VM	✅ Active

User Devices - Computers (30-49)

Hostname	Device	IP	MAC Address	Notes
jamiepc	Jamie's PC	192.168.0.30	50:eb:f6:5a:71:f2	Primary workstation
jamie-gaming-vm	Linux Gaming VM	192.168.0.31	bc:24:11:b2:20:b0	Gaming VM
3d-printer	3D Printer (Bambu A1)	192.168.0.32	10:b4:1d:d7:02:2c	Network printer
haruka-laptop	Haruka's Laptop	192.168.0.33	a8:41:f4:8d:b9:5b	Laptop
hp-printer	HP Printer	192.168.0.34	a8:b1:3b:01:c2:ce	Network printer

Mobile Devices (50-69)

Hostname	Device	IP	MAC Address	Notes
jamie-phone	Jamie's Mobile (S23)	192.168.0.50	1a:de:e8:f1:a5:d3	Samsung Galaxy S23
haruka-phone	Haruka's Mobile (S25)	192.168.0.51	4e:c7:f7:bc:f1:c5	Samsung Galaxy S25
samsung-tablet	Samsung Galaxy Tablet	192.168.0.52	ee:a1:23:9f:1e:c5	Tablet

TVs & Media Devices (70-79)

Hostname	Device	IP	MAC Address	Notes
unknown-media-1	Unknown Media Device	192.168.0.70	e8:ca:c8:6d:b0:7f	Likely TV or streaming
unknown-media-2	Unknown Media Device	192.168.0.71	a0:d0:5b:c7:13:28	Likely TV or streaming
unknown-media-3	Unknown Media Device	192.168.0.72	20:23:51:08:19:76	Likely TV or streaming

Smart Home / IoT (80-99)

Hostname	Device	IP	MAC Address	Notes
tapo-hub-h100	Tapo Hub/Chime H100	192.168.0.80	a8:29:48:88:84:d6	Smart home hub
tapo-leak-t300	Tapo Water Leak Sensor T300	192.168.0.81	20:23:51:d0:b1:7d	Battery powered
tapo-bedside-l530	Tapo Smart Bulb L530 - Bedside	192.168.0.82	20:23:51:08:19:76	Smart bulb
tapo-bedroom-l530	Tapo Smart Bulb L530 - Bedroom	192.168.0.83	b0:19:21:17:a7:c3	Smart bulb
tapo-hallway-a-l530	Tapo Smart Bulb L530 - Hallway A	192.168.0.84	f0:09:0d:b6:4a:8d	Smart bulb
tapo-hallway-b-l530	Tapo Smart Bulb L530 - Hallway B	192.168.0.85	40:ae:30:67:a2:46	Smart bulb
tapo-porch-l530	Tapo Smart Bulb L530 - Porch	192.168.0.86	3c:64:cf:63:58:da	Smart bulb
tapo-plug-jamiepc-p110	Tapo P110 Smart Plug - Jamie PC	192.168.0.87	40:ae:30:50:c8:62	PC power monitoring
tapo-plug-3dprinter-p110	Tapo P110 Smart Plug - 3D Printer	192.168.0.88	b0:19:21:17:a5:7e	3D printer power
yeelight-color4	Yeelight Smart Bulb	192.168.0.89	58:b6:23:41:e1:ff	Smart bulb
reolink-kitchen	Reolink E1 Camera - Kitchen	192.168.0.90	54:ef:33:bd:be:e0	Security camera
reolink-outdoor	Reolink Camera - Outdoor	192.168.0.91	e8:ca:c8:6d:b0:7f	Security camera
tuya-unknown-1	Tuya Device - Unknown	192.168.0.92	a8:b1:3b:01:c2:ce	Dehumidifier/lights/IR

Network Infrastructure (100-119)

Hostname	Device	IP	MAC Address	Notes
tplink-ax55	TP-Link AX55 Router/AP	192.168.0.100	40:ae:30:f8:27:f0	WiFi Access Point
tplink-re450	TP-Link RE450 Range Extender	192.168.0.101	5c:62:8b:8d:cb:d6	WiFi Extender

Hypervisors & Storage (120-139)

Hostname	Device	IP	MAC Address	Notes
proxmox-1	Proxmox Server 1	192.168.0.120	10:ff:e0:11:46:9f	Primary hypervisor
proxmox-2	Proxmox Server 2	192.168.0.121	74:d4:35:97:f4:9d	Secondary hypervisor

DHCP Configuration

Current Settings

• DHCP Pool: 192.168.0.150 - 192.168.0.200 (51 addresses)
• Purpose: Guest devices and temporary connections
• Static Reservations: 33 devices with confirmed MACs

DNS Settings

• Primary DNS: 192.168.0.11 (AdGuard Home)
• Secondary DNS: 192.168.0.1 (OPNsense fallback)

VPN / Tailscale

IP	MAC Address	Purpose
100.65.128.1	e0:cb:19:60:87:70	Tailscale VLAN device
100.65.159.134	bc:24:11:be:cf:af	Tailscale VLAN device (permanent)

Network Statistics

• Total Active Devices: 35
• VMs/Containers: 10
• User Computers: 5 (3 PCs + 2 printers)
• Mobile Devices: 3 (2 phones + 1 tablet)
• TVs & Media: 3
• Smart Home/IoT: 13 (9 Tapo + 1 Yeelight + 2 Reolink + 1 Tuya)
• Network Infrastructure: 2 (AP + Extender)
• Hypervisors: 2
• Static Assignments: 33 devices
• DHCP Pool Size: 51 addresses

Known Issues

Tapo App Issues

• Bedroom light (192.168.0.83): Showing incorrect info in app
• 3D printer plug (192.168.0.88): App showing wrong MAC, verify after print finishes
• Resolution: Use ARP table MACs as source of truth

Devices Needing Attention

• Factory reset recommended for Tapo devices showing app glitches after migration

Maintenance Tasks

Regular Tasks

• Monthly: Review DHCP leases for new unknown devices
• Quarterly: Audit static IP assignments
• Quarterly: Update device firmware (routers, APs, cameras)
• Yearly: Review and optimize IP allocation scheme

Pending Tasks

• Factory reset Tapo devices with app issues

Security Considerations

1. Network Segmentation: Consider VLANs for IoT devices
2. Guest Network: DHCP pool isolated from static devices
3. Firewall Rules: OPNsense manages inter-VLAN traffic
4. DNS Filtering: AdGuard Home provides ad/tracker blocking
5. Remote Access: Tailscale VPN for secure remote access

Backup Strategy

What to Backup

1. OPNsense Configuration: XML backup from web interface
2. DHCP Reservations: CSV export (included in this repo)
3. Network Documentation: This README and related files
4. AdGuard Home Config: Settings and filter lists

Migration Notes

Troubleshooting

Device Not Getting Reserved IP

1. Check MAC address in router's ARP table
2. Verify DHCP reservation exists
3. Release/renew DHCP lease on device
4. Check for MAC address conflicts

Cannot Access Device

1. Verify device is online (ping IP)
2. Check if device changed MAC (WiFi vs Ethernet)
3. Review firewall rules in OPNsense
4. Check DNS resolution in AdGuard Home

IoT Device Issues

1. Tapo devices: Check app vs ARP table for correct MAC
2. Battery devices (water sensor): Won't always appear in ARP
3. For offline devices: Power cycle or factory reset

Tools & Commands

Identify Device by MAC

# Online MAC lookup
curl -s "https://api.macvendors.com/5c:62:8b:8d:cb:d6"

# Or use OUI lookup
# First 6 characters (3 octets) identify manufacturer

Scan Network

# Using nmap
nmap -sn 192.168.0.0/24

# Using arp-scan (more reliable)
sudo arp-scan --interface=eth0 192.168.0.0/24

Check Current IP/MAC

# View ARP table
arp -a

# Or on OPNsense
arp -an | grep 192.168.0

---

Configuration Files:

• dhcp-reservations.csv - DHCP static assignments export
• Network Inventory.docx - Human-readable network map
• opnsense-config.xml - OPNsense configuration backup (not in repo)

Last Updated: December 28, 2025