Network

Subnet: 192.168.1.0/24 (flat — VLAN segmentation planned) DNS: AdGuard Home at 192.168.1.86 (primary) and Pi-hole at 192.168.1.220 (secondary)

---

Physical Topology

graph TD
    Internet([Internet])
    Router["Verizon Router\n(Utility Room)"]
    ES8["EdgeSwitch 8\n(Utility Room)\nManaged · PoE"]
    CAM1["PoE Camera 1\n(Current)"]
    CAM_F["Future Cameras\n(Planned)"]
    AP["Ubiquiti NanoHD AP\n(Underutilized)"]
    TPLINK["TP-Link TL-SG116\n(Office)\nUnmanaged · 16-port"]
    Atlas["Atlas\nWindows 11"]
    Nexus["Nexus\n192.168.1.226\nUbuntu / Docker"]
    PVE["PVE\n192.168.1.227\nProxmox VE"]
    PBS["PBS\n192.168.1.223\nProxmox Backup"]
    Hyperion["Hyperion\n192.168.1.217\nSynology DS1525+"]

    Internet --> Router
    Router --> ES8
    Router -.-> AP
    ES8 --> CAM1
    ES8 -.-> CAM_F
    ES8 --> TPLINK
    TPLINK --> Atlas
    TPLINK --> Nexus
    TPLINK --> PVE
    TPLINK --> PBS
    TPLINK --> Hyperion

Dashed lines indicate planned or underutilized connections.

---

IP Address Table

Host / Service	IP	Notes
Nexus	192.168.1.226	Ubuntu Server, Docker host
PVE	192.168.1.227	Proxmox VE — HP ProDesk thin client
PBS	192.168.1.223	Proxmox Backup Server — HP EliteDesk thin client
Hyperion	192.168.1.217	Synology DS1525+, NAS storage only
Atlas	(local)	Windows 11 workstation, office
LXC / Services on PVE
Forgejo	192.168.1.240	Git forge — LXC on PVE, port 3000
Beszel	192.168.1.189	Server monitoring, port 8090
Audiobookshelf	192.168.1.201	Audiobooks, port 13378
Actual Budget	192.168.1.209	Budget manager, port 5006 (HTTPS)
Plex	192.168.1.207	Media server, port 32400
Jellyfin	192.168.1.250	Media server, port 8096
Dispatcharr	192.168.1.254	IPTV/EPG manager — PVE LXC 113, port 9191
Services on Nexus (host network)
Home Assistant	192.168.1.226:8123	Home automation, network_mode: host
Komodo	192.168.1.226:9120	Docker stack manager + webhook receiver
Dashy	192.168.1.226:4000	Dashboard
Bookstack	192.168.1.226:6875	Wiki
Tandoor	192.168.1.226:8900	Recipes
Frigate NVR	192.168.1.226:5000	Camera NVR — Coral USB TPU
Wyze Bridge	192.168.1.226:5050	RTSP bridge for Wyze cams (streams: 8556)
Mosquitto	192.168.1.226:1883	MQTT broker (Frigate → HA)
Pinchflat	192.168.1.226:8945	YouTube downloader
DNS / Network services
AdGuard Home	192.168.1.86	DNS ad blocker (primary)
Pi-hole	192.168.1.220	DNS ad blocker (secondary)

---

Network Equipment

Device	Model	Location	Type	Notes
Verizon Router	—	Utility room	Router	WAN gateway; on Battery Backup 3
EdgeSwitch 8	Ubiquiti EdgeSwitch 8	Utility room	Managed, PoE-capable	1 PoE camera currently connected; VLAN-capable for future segmentation; on Battery Backup 3
TP-Link Switch	TL-SG116	Office	Unmanaged, 16-port	Connects all office machines; MUST remain on Battery Backup 1
NanoHD AP	Ubiquiti NanoHD	Office/home	802.11ac AP	Installed but underutilized; planned for IoT/guest VLANs

---

DNS

Two DNS ad-blockers are deployed on the flat subnet:

• AdGuard Home — http://192.168.1.86 (primary)
• Pi-hole — http://192.168.1.220/admin (secondary)

---

VLAN / Segmentation Status

Current: Flat single subnet — all devices share 192.168.1.0/24.

Planned VLANs (not yet implemented):

VLAN ID	Purpose
1	Management / trusted devices
10	IoT / Home automation
20	Guest network
30	Security cameras

The EdgeSwitch 8 and NanoHD AP are both VLAN-capable and will be used when segmentation is implemented. The TP-Link TL-SG116 is unmanaged and will remain on the trusted VLAN.

---

Diagram Source

The editable network diagram source is at C:\repos\homelab\homelab-network-diagram.drawio (draw.io format). Open with diagrams.net or the draw.io desktop app to edit or export a PNG. The Mermaid diagram above is derived from that source.