jazzymc/infrastructure
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2ca4b7051cb54a3165dc678bec5e441e29c241cd
infrastructure/docs/03-VLAN-DEVICE-ASSIGNMENT.md
XTRM-Unraid a022d49c78
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details
VLAN Phase 1 Complete: Added VLAN 25, configured 44 devices 
- Added VLAN 25 (Kids) infrastructure on MikroTik
- Fixed all VLAN device leases to match assignment document
- Added newly discovered devices (XTRM-Ally, Dancho Windows, lwip0 IoT)
- Updated device assignment doc with 44 total devices
- Updated implementation doc with Phase 1 complete status
- Updated changelog with all changes

VLANs configured: 10, 20, 25, 30, 35, 40, 50
Next: CSS326 switch configuration
2026-01-25 21:26:41 +02:00

7.4 KiB
Raw Blame History

VLAN Device Assignment Map

Last Updated: 2026-01-25
Status: Phase 1 Complete - Ready for Switch Configuration Purpose: Complete inventory of all network devices with VLAN assignments

VLAN Summary

VLAN Name Subnet Gateway Purpose Devices
1 Legacy 192.168.31.0/24 192.168.31.1 Current flat network To be deprecated
10 Mgmt 192.168.10.0/24 192.168.10.1 Infrastructure devices 6
20 Trusted 192.168.20.0/24 192.168.20.1 Family personal devices 9
25 Kids 192.168.25.0/24 192.168.25.1 Kids devices 6
30 IoT 192.168.30.0/24 192.168.30.1 Smart home devices 14
35 Cameras 192.168.35.0/24 192.168.35.1 Security cameras 1
40 Servers 192.168.40.0/24 192.168.40.1 Servers & printers 1
50 Guest 192.168.50.0/24 192.168.50.1 Guest WiFi 7
Total 44

VLAN 10 - Management (Infrastructure)

Target IP MAC Address Device Notes
192.168.10.1 78:9A:18:2C:A5:48 HAP1 (hAP ax³) Router - Gateway for all VLANs
192.168.10.2 18:FD:74:54:3D:BC CAP XL ac Access point - CAPsMAN managed
192.168.10.3 F4:1E:57:C9:BD:09 CSS326-24G-2S+ 24-port switch - Room distribution
192.168.10.4 1C:2A:A3:1E:78:67 ZX1 (ZX-SWTGW218AS) 8-port 2.5G switch - Server rack
192.168.10.10 02:42:C0:A8:1F:04 AdGuard Home DNS server (Unraid Docker)
192.168.10.11 48:DA:35:6F:BE:50 NanoKVM Remote KVM - IPMI alternative
192.168.10.20 A8:B8:E0:02:B6:15 XTRM-U (Unraid) Main server - Docker host, NAS

Note: Router containers (AdGuard MikroTik 172.17.0.2, Tailscale 172.17.0.3) are on containers-br bridge, not VLANs.

VLAN 20 - Trusted (Family Devices)

Target IP MAC Address Device Owner
192.168.20.10 82:6D:FB:D9:E0:47 MacBook Air Nora
192.168.20.11 AA:ED:8B:2A:40:F1 Samsung S25 Ultra Kaloyan
192.168.20.12 F2:B8:14:61:C8:27 iPhone Dancho
192.168.20.13 82:EC:EF:B5:F2:AF MacBook Pro (WiFi) Kaloyan
192.168.20.14 90:91:64:70:0D:86 Notebook Kimi
192.168.20.15 2A:2B:BA:86:D4:AF iPhone Kimi
192.168.20.16 08:92:04:C6:07:C5 MacBook Pro (LAN) Kaloyan
192.168.20.17 1C:83:41:32:F3:AF Gaming PC Kaloyan
192.168.20.18 A4:D1:D2:7B:52:BE iPad Compusbg

VLAN 25 - Kids (Parental Controls)

Target IP MAC Address Device Owner
192.168.25.12 F2:B8:14:61:C8:27 iPhone Dancho
192.168.25.13 70:85:C2:75:64:E5 Windows Device Dancho
192.168.25.14 90:91:64:70:0D:86 Notebook Kimi
192.168.25.15 2A:2B:BA:86:D4:AF iPhone Kimi
192.168.25.18 A4:D1:D2:7B:52:BE iPad Compusbg
192.168.25.19 CC:5E:F8:D3:37:D3 XTRM-Ally Kids Gaming

Note: Some devices appear in both VLAN 20 and 25 - assignment depends on which SSID/port they connect to.

VLAN 30 - IoT (Smart Home)

Target IP MAC Address Device Location
192.168.30.10 50:2C:C6:7A:55:39 GREE Air Conditioner Living Room
192.168.30.11 B0:37:95:79:AF:9B LG TV (LAN) Living Room
192.168.30.12 DC:03:98:6B:5A:3A LG TV (WiFi) Living Room
192.168.30.13 D0:E7:82:F7:65:DD Chromecast Living Room
192.168.30.14 B0:4A:39:3F:9A:14 Roborock S7 Vacuum Living Room
192.168.30.20 94:27:70:1E:0C:EE Bosch Smart Oven Kitchen
192.168.30.21 C8:D7:78:40:65:40 Bosch Dishwasher Kitchen
192.168.30.22 C8:D7:78:D6:DC:FC Bosch Washer Kids Bathroom
192.168.30.31 18:DE:50:5B:C8:A6 Tuya Smart Device 1 -
192.168.30.32 38:1F:8D:04:6F:E4 Tuya Smart Device 2 -
192.168.30.33 38:A5:C9:44:7B:80 IoT lwip0 Device 1 -
192.168.30.34 38:A5:C9:44:7B:F1 IoT lwip0 Device 2 -
192.168.30.38 D4:AD:FC:BE:13:B0 Shenzhen Intellirocks -
192.168.30.39 C8:5C:CC:52:EA:53 Xiaomi Air Purifier -

VLAN 35 - Cameras (Security)

Target IP MAC Address Device Location
192.168.35.10 48:9E:9D:0E:16:F7 Reolink Doorbell Front door

VLAN 40 - Servers (Services)

Target IP MAC Address Device Purpose
192.168.40.19 64:4E:D7:D8:43:3E HP LaserJet Network printer

VLAN 50 - Guest (Isolated)

Target IP MAC Address Device Notes
192.168.50.10 AC:87:A3:77:8F:BD Apple Device Unknown owner
192.168.50.11 22:4C:7F:1D:85:8E Unknown Device Privacy MAC
192.168.50.12 D0:C9:07:92:1A:8E Unknown Device Private vendor
192.168.50.13 D0:C9:07:8C:C9:46 Unknown Device Private vendor
192.168.50.14 C6:2A:59:AD:17:90 Unknown Device Random MAC
192.168.50.15 E6:17:3D:D3:96:D3 Unknown Device Random MAC
192.168.50.16 72:F5:14:2D:F0:18 Unknown Device Stale

MAC Address Quick Reference

VLAN 10 - Management

78:9A:18:2C:A5:48  HAP1 Router
18:FD:74:54:3D:BC  CAP XL ac
F4:1E:57:C9:BD:09  CSS326 Switch
1C:2A:A3:1E:78:67  ZX1 Switch
02:42:C0:A8:1F:04  AdGuard Home
48:DA:35:6F:BE:50  NanoKVM
A8:B8:E0:02:B6:15  XTRM-U Unraid

VLAN 20 - Trusted

82:6D:FB:D9:E0:47  Nora MacBook
AA:ED:8B:2A:40:F1  Kaloyan S25
F2:B8:14:61:C8:27  Dancho iPhone
82:EC:EF:B5:F2:AF  Kaloyan MacBook WiFi
90:91:64:70:0D:86  Kimi Notebook
2A:2B:BA:86:D4:AF  Kimi iPhone
08:92:04:C6:07:C5  Kaloyan MacBook LAN
1C:83:41:32:F3:AF  Kaloyan Gaming PC
A4:D1:D2:7B:52:BE  Compusbg iPad

VLAN 25 - Kids

F2:B8:14:61:C8:27  Dancho iPhone
70:85:C2:75:64:E5  Dancho Windows
90:91:64:70:0D:86  Kimi Notebook
2A:2B:BA:86:D4:AF  Kimi iPhone
A4:D1:D2:7B:52:BE  Compusbg iPad
CC:5E:F8:D3:37:D3  XTRM-Ally

VLAN 30 - IoT

50:2C:C6:7A:55:39  GREE AC
B0:37:95:79:AF:9B  LG TV (LAN)
DC:03:98:6B:5A:3A  LG TV (WiFi)
D0:E7:82:F7:65:DD  Chromecast
B0:4A:39:3F:9A:14  Roborock Vacuum
94:27:70:1E:0C:EE  Bosch Oven
C8:D7:78:40:65:40  Bosch Dishwasher
C8:D7:78:D6:DC:FC  Bosch Washer
18:DE:50:5B:C8:A6  Tuya Device 1
38:1F:8D:04:6F:E4  Tuya Device 2
38:A5:C9:44:7B:80  lwip0 Device 1
38:A5:C9:44:7B:F1  lwip0 Device 2
D4:AD:FC:BE:13:B0  Intellirocks
C8:5C:CC:52:EA:53  Xiaomi Air Purifier

VLAN 35 - Cameras

48:9E:9D:0E:16:F7  Reolink Doorbell

VLAN 40 - Servers

64:4E:D7:D8:43:3E  HP LaserJet

VLAN 50 - Guest

AC:87:A3:77:8F:BD  Unknown Apple
22:4C:7F:1D:85:8E  Unknown Random MAC
D0:C9:07:92:1A:8E  Unknown Private 1
D0:C9:07:8C:C9:46  Unknown Private 2
C6:2A:59:AD:17:90  Unknown .138
E6:17:3D:D3:96:D3  Unknown .250
72:F5:14:2D:F0:18  Unknown Stale

Configuration Status

MikroTik hAP ax³

  • VLAN interfaces created (10, 20, 25, 30, 35, 40, 50)
  • IP addresses assigned to all VLANs
  • DHCP servers configured for all VLANs
  • DHCP pools configured
  • Static DHCP leases (44 devices)
  • Bridge VLAN table entries
  • Firewall rules for inter-VLAN isolation
  • VLAN filtering enabled (pending switch config)

CSS326 Switch

  • VLAN configuration via SwOS
  • Port assignments

Next Steps

  1. Configure CSS326 switch VLANs via SwOS (http://192.168.31.9)
  2. Enable VLAN filtering on MikroTik bridge
  3. Test connectivity
Reference in New Issue View Git Blame Copy Permalink