homeNode

My Tiny Network: A Step-by-Step Home Lab Story

Written by

homenode

in

A personal journey of building a tiny, powerful home network using a Raspberry Pi, Firewalla, and VLANs. A step-by-step story for tech beginners.

It’s funny how a small project can spiral into something more.

It all started with a gift from a friend. I’d been getting more interested in my home network, wanting to understand how it all worked and maybe make it a bit better. So, for my birthday, a small box arrived with a Raspberry Pi 4B inside. I had a mission: set up Pi-hole to block ads across my entire network.

And honestly, that first step was great. Seeing ads just disappear from websites on every device was a little taste of magic. It worked, and it made me curious. What else could I do?

Stepping Up Security with a Firewall

My friend, who is clearly an enabler of nerdy hobbies, sent another gift my way a few months later: a Firewalla Purple. If you haven’t heard of them, it’s a powerful little cybersecurity firewall packed into a tiny box. It promised better security, network monitoring, and more control than my standard internet provider’s router could ever offer.

There was just one problem. To let the Firewalla do its job properly, it needs to be the main “gateway” for the whole network. This means my existing Wi-Fi router had to be switched into “bridge mode” or “AP mode,” essentially turning it into a simple antenna that just passes on the signal.

Turns out, my router couldn’t do that. It was a basic model, and its features were locked down. So my powerful new firewall was sitting there, unable to use its best features.

Finding the Right Router (and Unleashing the Nerd)

The solution came in the mail, again, courtesy of my friend. This time it was an old but very capable gaming router. The key feature? It had the flexibility I needed. I could finally put the Firewalla in charge as the gateway and configure the new router to work in bridge mode, acting purely as a Wireless Access Point (WAP).

This is where things started to feel like a real network.

I wasn’t just using the all-in-one box my ISP gave me anymore. I had separate devices for separate jobs.

  • Firewalla Purple: The brain of the operation. It manages all the traffic, blocks ads and malicious sites, and lets me see what every device is doing.
  • Gaming Router (in Bridge Mode): The WAP. Its only job is to provide a strong, reliable Wi-Fi signal.

This setup was already a huge improvement in security and control. But the project wasn’t quite finished.

The Final Pieces: A Managed Switch and a Local Website

The Raspberry Pi that started it all was about to get a new job. I decided I wanted to host a small, local website on it—just as a fun project. But I didn’t want the traffic coming to that website to be on the same network as my personal computer or phone.

This is where the final two pieces of the puzzle came in: a managed switch and something called VLANs.

A “managed switch” is just a device that lets you direct your network traffic more precisely. Think of it like a smart power strip for your internet cables. The magic it unlocks is the ability to create VLANs, or Virtual Local Area Networks.

In simple terms, VLANs let you split one physical network into multiple separate, isolated networks. It’s a security best practice.

With a little help, I set up two VLANs:
1. A ‘Private’ VLAN: For all my trusted devices—my laptop, our phones, the smart TV. This is our secure home network.
2. A ‘Public’ VLAN: Just for the Raspberry Pi website. It’s completely isolated, so any traffic coming to it can’t see or access anything on my private network.

The final touch? The new switch was a POE (Power over Ethernet) model, which means it sends power through the ethernet cable itself. The Raspberry Pi was now being powered directly by the switch, eliminating an extra power adapter.

To keep it all organized, I 3D-printed a simple, clean stand with built-in cable routing. The entire setup—firewall, switch, and Pi—is so small that it sits neatly on a speaker behind my TV.

What started as a simple ad-blocking project slowly evolved, piece by piece, into a tiny but seriously capable home network. It’s faster, way more secure, and I learned a ton along the way. And it all fits in a space you’d never even notice. Sometimes the best projects are the ones you build one step at a time.

More posts