are VLANs what I should be looking for? Unifi/DC questions

simas

Senior member
Oct 16, 2005
412
107
116
Looking to update/revamp my home network with goals of isolation/increased security. Also would like to figure out if I can solve dependency on domain controller (when I reboot W2012 server PC internet access stops)

Have 3 'groups' of devices
1. Windows domain consisting of W2012E server plus 4 computers (game PC, work PC, 2 laptops). I want for this to see each other, be able to print to networked printer, and see media on the NAS, have access to internet

2. Media set - Synology NAS, 2 media players (Shield +Amazon Fire TV), Denon AVR, Linux workstation hosting Plex, networked media tuner (HDHR). I want for these to see each other, and have access to internet. I don't want for these to connect to Windows domain or be able to communicate with it

3. Internet access only devices (obihai VOIP adapters ,etc). I don't want to these to see anything internally as they

Not sure whether all mobile devices are in group 2 or 3 yet.

So, are VLANs an answer to what I want to do? I am trying to read up on what I should expect domain controller to do vs some other device.

Current config
ISP -> Mikrotik Hex 3 (router) -> dumb switch

Intended config
ISP -> hex 3 (or Unifi security gateway if I understood its purpose correctly) -> Unifi Switch (for wired) + Unifi AC (for wireless).

thank you!
 

simas

Senior member
Oct 16, 2005
412
107
116
Correct, DC is the DNS for all of the devices. Should I switch it to the router (which is always up and if it is not up then DNS is the least of issues in terms of internet connectivity)?
 

BadTrip

Member
Sep 22, 2008
84
42
91
Dont switch it for the domain devices. That will cause domain trust issues. For the non domain devices I would use a public DNS like Google's 8.8.8.8.