infrastructure/docs/06-VLAN-DEVICE-ASSIGNMENT.md

# VLAN Device Assignment Map

**Last Updated:** 2026-02-06
**Purpose:** Complete inventory of all network devices with VLAN assignments

---

## VLAN Summary

| VLAN | Name | Subnet | Gateway | Purpose |
|------|------|--------|---------|---------|
| 10 | Mgmt | 192.168.10.0/24 | 192.168.10.1 | Infrastructure devices |
| 20 | Trusted | 192.168.20.0/24 | 192.168.20.1 | Family personal devices |
| 25 | Kids | 192.168.25.0/24 | 192.168.25.1 | Kids devices |
| 30 | IoT | 192.168.30.0/24 | 192.168.30.1 | Smart home devices |
| 35 | Cameras | 192.168.35.0/24 | 192.168.35.1 | Security cameras |
| 40 | Servers | 192.168.40.0/24 | 192.168.40.1 | Servers & printers |
| 50 | Guest | 192.168.50.0/24 | 192.168.50.1 | Guest WiFi |

---

## VLAN 10 - Management (Infrastructure)

| IP | MAC Address | Device | Notes | Comment |
|----|-------------|--------|-------|---------|
| 192.168.10.1 | 78:9A:18:2C:A5:48 | HAP1 (hAP ax³) | Router | Gateway for all VLANs |
| 192.168.10.10 | 02:42:C0:A8:1F:04 | AdGuard Home | DNS (Unraid) | Secondary DNS |
| 192.168.10.2 | 18:FD:74:54:3D:BC | CAP XL ac | Access point | CAPsMAN managed |
| 192.168.10.3 | F4:1E:57:C9:BD:09 | CSS326-24G-2S+ | 24-port switch | Room distribution |
| 192.168.10.4 | 1C:2A:A3:1E:78:67 | ZX1 (ZX-SWTGW218AS) | 8-port 2.5G switch | Server rack |
| 192.168.10.20 | A8:B8:E0:02:B6:15 | XTRM-U (Unraid) | Main server | Docker host, NAS |
| 192.168.10.200 | 48:DA:35:6F:BE:50 | NanoKVM | Remote KVM | IPMI alternative |
| 172.17.0.2 | 46:D0:27:F7:1F:CA | AdGuard (MikroTik) | DNS (Router) | Primary DNS, DoH/DoT |
| 172.17.0.3 | 0C:AB:39:8D:8C:FC | Tailscale (MikroTik) | VPN container | Remote access |

---

## VLAN 20 - Trusted (Family Devices)

| IP | MAC Address | Device | Owner | Comment |
|----|-------------|--------|-------|---------|
| 192.168.20.10 | 82:6D:FB:D9:E0:47 | MacBook Air | Nora | Primary laptop |
| 192.168.20.11 | AA:ED:8B:2A:40:F1 | Samsung S25 Ultra | Kaloyan | Primary phone |
| 192.168.20.12 | F2:B8:14:61:C8:27 | iPhone | Dancho | |
| 192.168.20.13 | 82:EC:EF:B5:F2:AF | MacBook Pro (WiFi) | Kaloyan | Work laptop wireless |
| 192.168.20.14 | 90:91:64:70:0D:86 | Notebook | Kimi | |
| 192.168.20.15 | 2A:2B:BA:86:D4:AF | iPhone | Kimi | |
| 192.168.20.16 | 08:92:04:C6:07:C5 | MacBook Pro (LAN) | Kaloyan | Via Dell KVM dock |
| 192.168.20.17 | 1C:83:41:32:F3:AF | Gaming PC | Kaloyan | Main bedroom |
| 192.168.20.18 | A4:D1:D2:7B:52:BE | iPad | Compusbg | Work tablet |

---

## VLAN 25 - Kids (Kids Devices)

| IP | MAC Address | Device | Owner | Comment |
|----|-------------|--------|-------|---------|
| 192.168.25.12 | F2:B8:14:61:C8:27 | iPhone | Dancho | |
| 192.168.25.14 | 90:91:64:70:0D:86 | Notebook | Kimi | |
| 192.168.25.15 | 2A:2B:BA:86:D4:AF | iPhone | Kimi | |
| 192.168.25.18 | A4:D1:D2:7B:52:BE | iPad | Compusbg | Work tablet |

---

## VLAN 30 - IoT (Smart Home)

| IP | MAC Address | Device | Location | Comment |
|----|-------------|--------|----------|---------|
| 192.168.30.10 | 50:2C:C6:7A:55:39 | Air Conditioner | Living Room | GREE Electric |
| 192.168.30.30 | 64:4E:D7:D8:43:3E | HP LaserJet M110w | Office | WiFi printer |
| 192.168.30.40 | B0:37:95:79:AF:9B | LG TV (Ethernet) | Living Room | Use ONE interface only for AirPlay |
| 192.168.30.41 | DC:03:98:6B:5A:3A | LG TV (WiFi) | Living Room | Use ONE interface only for AirPlay |
| 192.168.30.42 | D0:E7:82:F7:65:DD | Chromecast | Living Room | Requires WPA2+AES (no TKIP) |
| 192.168.30.14 | B0:4A:39:3F:9A:14 | Roborock S7 Vacuum | Living Room | Needs cloud access |
| 192.168.30.20 | 94:27:70:1E:0C:EE | Bosch Smart Oven | Kitchen | Home Connect app |
| 192.168.30.21 | C8:D7:78:40:65:40 | Bosch Dishwasher | Kitchen | Home Connect app |
| 192.168.30.22 | C8:D7:78:D6:DC:FC | Bosch Washer | Kids Bathroom | Home Connect app |
| 192.168.30.31 | 18:DE:50:5B:C8:A6 | Tuya Smart Device | - | OUI: Tuya Smart Inc. |
| 192.168.30.5 | 38:1F:8D:04:6F:E4 | Tuya Smart Gateway (JMWZG1) | - | Requires WPA+TKIP |
| 192.168.30.33 | D4:AD:FC:BE:13:B0 | Tuya Smart Device | - | OUI: Tuya Smart Inc. |
| 192.168.30.39 | C8:5C:CC:52:EA:53 | Xiaomi Air Purifier | - | Mi Home app |
| 192.168.30.50 | FC:D5:D9:EB:6A:82 | Settop Box (LAN) | Living Room | CSS326 Port 23 |
| 192.168.30.51 | 08:FB:EA:61:9D:3A | Settop Box (WiFi) | Living Room | XTRM2 2.4GHz |

---

## VLAN 35 - Cameras (Security)

| IP | MAC Address | Device | Location | Comment |
|----|-------------|--------|----------|---------|
| 192.168.35.10 | 48:9E:9D:0E:16:F7 | Reolink Doorbell | Front door | PoE powered |

---

## VLAN 40 - Servers (Services)

| IP | MAC Address | Device | Purpose | Comment |
|----|-------------|--------|---------|---------|
| — | — | — | — | Printer moved to VLAN 30 |

---

## VLAN 50 - Guest (Isolated)

| IP | MAC Address | Device | Notes | Comment |
|----|-------------|--------|-------|---------|
| 192.168.50.10 | AC:87:A3:77:8F:BD | Apple Device | Unknown owner | OUI: Apple Inc. |
| 192.168.50.11 | 22:4C:7F:1D:85:8E | Unknown Device | Random MAC | Privacy MAC |
| 192.168.50.12 | D0:C9:07:92:1A:8E | Unknown Device | Private vendor | Hidden OUI |
| 192.168.50.13 | D0:C9:07:8C:C9:46 | Unknown Device | Private vendor | Same as .12 |
| 192.168.50.100-200 | - | Guest devices | Dynamic | Internet only |

---

## MAC Address Quick Reference

### By VLAN (for switch port assignment)

**VLAN 10 - Mgmt:**
```
78:9A:18:2C:A5:48  HAP1
A8:B8:E0:02:B6:15  XTRM-U
18:FD:74:54:3D:BC  CAP XL ac
F4:1E:57:C9:BD:09  CSS326
1C:2A:A3:1E:78:67  ZX1
48:DA:35:6F:BE:50  NanoKVM
```

**VLAN 20 - Trusted:**
```
82:6D:FB:D9:E0:47  Nora MacBook
AA:ED:8B:2A:40:F1  Kaloyan S25
F2:B8:14:61:C8:27  Dancho iPhone
82:EC:EF:B5:F2:AF  Kaloyan MacBook WiFi
90:91:64:70:0D:86  Kimi Notebook
2A:2B:BA:86:D4:AF  Kimi iPhone
08:92:04:C6:07:C5  Kaloyan MacBook LAN
1C:83:41:32:F3:AF  Kaloyan Game PC
A4:D1:D2:7B:52:BE  Compusbg iPad
```

**VLAN 30 - IoT:**
```
64:4E:D7:D8:43:3E  HP LaserJet M110w
B0:37:95:79:AF:9B  LG TV (Ethernet)
DC:03:98:6B:5A:3A  LG TV (WiFi)
D0:E7:82:F7:65:DD  Chromecast
B0:4A:39:3F:9A:14  Roborock Vacuum
94:27:70:1E:0C:EE  Bosch Oven
C8:5C:CC:52:EA:53  Xiaomi Air Purifier
C8:D7:78:D6:DC:FC  Bosch Washer
C8:D7:78:40:65:40  Bosch Dishwasher
50:2C:C6:7A:55:39  GREE Appliance
18:DE:50:5B:C8:A6  Tuya Device 1
38:1F:8D:04:6F:E4  Tuya Smart Gateway (JMWZG1)
D4:AD:FC:BE:13:B0  Intellirocks Device
FC:D5:D9:EB:6A:82  Settop Box (LAN)
08:FB:EA:61:9D:3A  Settop Box (WiFi)
```

**VLAN 35 - Cameras:**
```
48:9E:9D:0E:16:F7  Reolink Doorbell
```

**VLAN 40 - Servers:**
```
(empty - printer moved to VLAN 30)
```

**VLAN 50 - Guest:**
```
AC:87:A3:77:8F:BD  Apple Device (unknown)
22:4C:7F:1D:85:8E  Random MAC device
D0:C9:07:92:1A:8E  Private Vendor 1
D0:C9:07:8C:C9:46  Private Vendor 2
```

---

## Device Count Summary

| VLAN | Device Count | Comment |
|------|--------------|---------|
| 10 - Mgmt | 9 | Infrastructure only |
| 20 - Trusted | 9 | Family devices |
| 25 - Kids | 4 | Kids devices (subset of 20) |
| 30 - IoT | 14 | Smart home devices |
| 35 - Cameras | 1 | Security |
| 40 - Servers | 1 | Services |
| 50 - Guest | 4 | Unknown/unidentified devices |
| **Total** | **38** | All devices categorized |

---

## OUI Lookup Reference

| OUI Prefix | Vendor | Type |
|------------|--------|------|
| B0:37:95 | LG Electronics | TV/Displays (LAN) |
| DC:03:98 | LG Innotek | TV/Displays (WiFi) |
| 50:2C:C6 | GREE Electric Appliances (Zhuhai) | AC/Appliances |
| 18:DE:50 | Tuya Smart Inc. | IoT Platform |
| 38:1F:8D | Xiaomi | Smart Home Devices |
| D4:AD:FC | Shenzhen Intellirocks Tech | Smart Devices |
| AC:87:A3 | Apple Inc. | Consumer Electronics |
| D0:C9:07 | Private (IEEE hidden) | Unknown |
| 22:xx:xx | Locally Administered | Random/Private MAC |