VLANs
All subnets are derived from the convention in ip-addressing.md.
Numbering Conventions
- VLAN IDs use even numbers only (except VLAN 0). This is a deliberate personal choice to leave odd-numbered IDs available as breathing room for temporary or future use.
- Gaps between ranges are intentional — each functional group has room to expand without renumbering.
Infrastructure
| VLAN |
Name |
IPv4 |
IPv6 ULA |
Notes |
| 0 |
Management |
10.37.0.0/24 |
fda8:288c:4f37:0000::/64 |
Native (untagged). OPNsense router. |
| 8 |
WiFi Infra |
10.37.8.0/24 |
fda8:288c:4f37:0800::/64 |
Omada controller + wireless access points. |
| 16 |
Servers |
10.37.16.0/24 |
fda8:288c:4f37:1000::/64 |
Proxmox hypervisor hosts. |
Virtual Machines / Containers
| VLAN |
Name |
IPv4 |
IPv6 ULA |
Notes |
| 64 |
VMs 1 |
10.37.64.0/24 |
fda8:288c:4f37:4000::/64 |
Self-hosted services (Proxmox LXC/VMs). |
| 72 |
VMs 2 – Media |
10.37.72.0/24 |
fda8:288c:4f37:4800::/64 |
Media stack: *arr apps, Jellyfin, etc. |
Edge / Security
| VLAN |
Name |
IPv4 |
IPv6 ULA |
Notes |
| 176 |
DMZ |
10.37.176.0/24 |
fda8:288c:4f37:b000::/64 |
Reverse proxy, bastion host, Tailscale subnet router. |
User / Device Networks
| VLAN |
Name |
IPv4 |
IPv6 ULA |
Notes |
| 192 |
Home |
10.37.192.0/24 |
fda8:288c:4f37:c000::/64 |
Trusted devices: phones, computers, Apple TV. |
| 200 |
Guests |
10.37.200.0/24 |
fda8:288c:4f37:c800::/64 |
Guest devices. WiFi PPSK only. |
| 208 |
Kids |
10.37.208.0/24 |
fda8:288c:4f37:d000::/64 |
Kids devices. Isolated; WAN access schedule enforced at firewall. |
| 210 |
WFH |
10.37.210.0/24 |
fda8:288c:4f37:d200::/64 |
Work-from-home laptops. |
| 224 |
VoIP |
10.37.224.0/24 |
fda8:288c:4f37:e000::/64 |
VoIP phones. |
| 232 |
IoT |
10.37.232.0/24 |
fda8:288c:4f37:e800::/64 |
IoT devices. |
| 234 |
Gaming |
10.37.234.0/24 |
fda8:288c:4f37:ea00::/64 |
Gaming consoles. Isolated; NAT-PMP enabled. |