The Internet is full of malicious actors looking to take advantage of insecure networks and devices. While corporate and government targets may be the biggest targets because of the valuable data they possess, home users still need to be cautious. Phishing attacks usually via email is the most common attack for home users. Fortunately, those attacks are typically easy to avoid by cautious users that do not blindly click every attachment and web link contained in their emails.
IPv6 was drafted in the mid-1990s when it was realized that IPv4 addresses would quickly be exhausted due to the explosive growth of the Internet. Since the IPv4 protocol was originally a research project, approximately 4.3 billion unique IP addresses was considered more than enough. I doubt many imagined our current world where nearly everything would be connected to the Internet. Various techniques such as assigning smaller sized networks to organizations and the utilization of NAT (Network Address Translation) helped extend the time before IPv4 addresses would be exhausted.
If you are new to firewalls like I was when I decided to build my own router/firewall, it can take some time to fully understand and feel comfortable implementing firewall rules. Before attempting to build my own router, I tried to do my research so I would know what I was getting myself into. In particular, I read several posts and watched some videos on how to create firewall rules since that is one of the biggest reasons I was taking on such a project – to implement greater security in my home network.
On my home network, I host the Plex Media Server software on my server and make use of its Live TV and DVR capabilities. It actually works quite well. To make use of the TV/DVR capability you must have a Plex Pass (monthly, yearly, or lifetime) and a compatible cable box such as any of the HDHomeRun products. Originally I placed my HDHomeRun Prime device on my IoT network to keep it separate from my server, which I think makes sense since it is essentially an IoT device that infrequently receives updates from the manufacturer.
Setting up the Pi-hole DNS service is relatively straightforward on your home network. When you have VLANs configured, the setup is slightly more complicated. The issue is that you need to ensure that all of your VLANs have access to the Pi-hole server which is located on a different network (ideally, it should probably be located in your management VLAN to protect it from being accessed by your other network devices).