Tag: Omada

High availability DNS with Adguard Home and keepalived

— 1000 Words — 5 Minutes

Compared to your average home internet user I (and lets face it probably you, the reader) have a way more complicated home network than necessary;

  • I don’t just have an ISP supplied router, I’ve got Omada network switches and routers and access points.
  • I’ve got multiple small servers running network services like DNS or VPN tunnels.

I thought I’d been a good little IT professional and had ensured that my maintenance (unplanned or otherwise) wouldn’t affect my families Netflix or Paramount+ streaming by having not one but two synchronised Adguard Home powered DNS servers. I’d ensured both were communicated out via DHCP (or statically configured) as the primary and secondary DNS services so that no matter what I was doing no one would be stuck without working entertainment.

But then the RaspberryPi powered device died a death, and my network fell over1; because, as it turns out, not all devices do the sensible thing and what “secondary DNS server” actually means is “try this one after 30 seconds of hanging about”.

VLANs and Samsung TV's

— 1100 Words — 5 Minutes

If you’re anything like me you’ll have a bunch of IoT smart home devices; if you’re anywhere as cheap as me, a number of those will only work on 2.4GHz networks which makes using the Google Wifi a right pain1. I did eventually get the devices registered but only after many many repeated pairing/registration attempts. Presumably they would randomly latch onto the 2.4GHz network and be able to complete the process but it was frustrating work.

The internet also tells us just how all these cheap devices are realistically insecure and that you should be keeping them on a separate network so with that I decided to upgrade my network gear so I could implement secure things, like VLANs and ACLs and all of that fun stuff but I was using a Google WiFi mesh and although it did the job pretty well it just didn’t offer any power user features at all - primarily it didn’t do VLANs, or even more than one WiFi network which meant getting any sort of separation from my potentially badly behaved devices was next to impossible.

So I upgraded the hardware.