Stats

Actions

Tags

Help us improve

Share bugs, ideas, or general feedback.

homelab-network-setup | ecc | ClaudePluginHub

Skill

homelab-network-setup

From ecc

Designs a home or small-lab network with guidance on gateways, IP ranges, DHCP, DNS, cabling, and common mistakes. Helps plan scalable networks for NAS, servers, VLANs, and VPN access.

$

npx claudepluginhub aaione/everything-claude-code-zh --plugin everything-claude-code

Popularity

Stars

183,583

Forks

28,319

Shared by

2

Invocation

How this skill is triggered — by the user, by Claude, or both

Slash command

/ecc:homelab-network-setup

User invocable

Model invocable

Inline context

Default effort

Context Preview

The summary Claude sees in its skill listing — used to decide when to auto-load this skill

Use this skill to design a home or small-lab network that can grow without

SKILL.md

130 lines · ~1.1k tokens

Similar Skills

homelab-network-readiness

183.6k

Reviews homelab network readiness before changing VLANs, DNS filtering, or WireGuard-style remote access. Use to plan staged migrations and avoid lockout.

configuring-network-segmentation-with-vlans

21

Designs VLAN architectures and configures managed switches like Cisco Catalyst for network segmentation, isolating zones (corporate, servers, DMZ, IoT) to limit lateral movement and meet compliance.

unifi-network

327

Manages UniFi network infrastructure including devices, clients, firewall, VPN, routing, WLANs, and statistics via 91 MCP server tools with lazy loading, safety gates, and confirmations.

1 file

Stats

LanguageJavaScript

Stars183,583

Forks28,319

MaintenanceExcellent

Last CommitMay 16, 2026

Actions

View Source View Plugin View on GitHub View README

Tags

network-planning

Help us improve

Share bugs, ideas, or general feedback.

Homelab Network Setup

Use this skill to design a home or small-lab network that can grow without needing a full rebuild.

When to Use

Planning a new home network or redesigning an ISP-router-only setup.
Choosing gateway, switch, and access point roles.
Designing IP ranges, DHCP scopes, static reservations, and DNS.
Preparing for future VLANs, Pi-hole, NAS, lab servers, or VPN access.
Troubleshooting a new network that has double NAT, unstable Wi-Fi, or changing server addresses.

How It Works

Start by separating device roles:

Internet
  |
Modem or ONT
  |
Gateway or router      NAT, firewall, DHCP, DNS, inter-VLAN routing
  |
Managed switch         wired clients, AP uplinks, optional VLAN trunks
  |
Access points          Wi-Fi only; ideally wired backhaul
Servers and NAS        stable addresses, DNS names, monitoring
Clients and IoT        DHCP pools, isolated later if VLANs are available

Pick a gateway that matches the operator, not just the feature checklist:

Option	Best fit	Notes
ISP router	Basic internet only	Limited control and often poor VLAN support
UniFi gateway	Managed home network	Good UI, ecosystem lock-in
OPNsense or pfSense	Flexible homelab	Strong VLAN, firewall, VPN, and DNS control
MikroTik	Advanced network users	Powerful, but easy to misconfigure
Linux router	Tinkerers	Document rollback before using as primary gateway

IP Plan

Avoid the most common default, 192.168.1.0/24, when you expect to use VPNs. It often conflicts with hotels, offices, and ISP routers.

Example small homelab plan:

192.168.10.0/24  trusted clients
192.168.20.0/24  IoT and media devices
192.168.30.0/24  servers and NAS
192.168.40.0/24  guest Wi-Fi
192.168.99.0/24  network management

Gateway convention: .1
Infrastructure reservations: .2 through .49
Dynamic DHCP pool: .50 through .240
Spare room: .241 through .254

Use home.arpa for local names. It is reserved for home networks and avoids the leakage/conflict problems of ad hoc names like home.lan.

nas.home.arpa
pihole.home.arpa
gateway.home.arpa
switch-01.home.arpa

DHCP And DNS

Use DHCP reservations for anything you SSH into, bookmark, monitor, or expose as a service.
Hand out the gateway as DNS until a local resolver is intentionally deployed.
If using Pi-hole or another DNS filter, give it a reservation first, then point DHCP DNS options at that address.
Keep a small static/reserved range per subnet so replacements do not collide with dynamic leases.

Cabling And Wi-Fi

Prefer wired AP backhaul over mesh when you can run Ethernet.
Use a PoE switch for APs and cameras if the budget allows it.
Label both ends of each cable and keep a simple port map.
Put the gateway, switch, DNS server, and NAS on UPS power if outages are common.

Examples

Beginner Upgrade

Goal: Keep the ISP router but stabilize a small lab.

Set DHCP reservations for NAS, Pi, and any SSH hosts.
Move local names to home.arpa.
Disable duplicate DHCP servers on secondary routers or APs.
Wire the main AP instead of relying on wireless backhaul.

VLAN-Ready Plan

Goal: Prepare for future segmentation without enabling it immediately.

Choose non-overlapping /24 ranges for trusted, IoT, servers, guest, and management.
Reserve .1 for the gateway and .2-.49 for infrastructure on every subnet.
Buy a gateway and switch that support VLANs and inter-VLAN firewall rules.
Document which SSIDs and switch ports will eventually map to each network.

Anti-Patterns

Double NAT without a reason or documentation.
Using 192.168.1.0/24 when VPN access is planned.
Dynamic addresses for NAS, Pi-hole, Home Assistant, or other service hosts.
Consumer routers repurposed as APs while their DHCP servers are still enabled.
Flat networks with cameras, smart plugs, laptops, and servers all sharing the same trust boundary.

See Also

Skill: network-interface-health
Skill: network-config-validation