I know some love details.
There are two Internet connections involved, on an active-passive basis. The redundancy between the two connections is pretty simple. I have a pair of Raspberry PIs handing out IP addresses, whichever gets there first wins. They are handing out different ranges in the same larger subnet. As I recall one has 192.168.0.2-192.168.0.255, the other 192.168.2.1 to 192.168.2.255 The default gateway they hand out is, most originally, 192.168.0.1. No kit has this IP address, it's a
VRRP VIP that the two routers both can own.
Under normal operation everything uses the router in the study/home office. This is the one connected to YouFibre. If I lose YouFibre everything still goes to the study but is then sent to the router in the Comms cabinet: the link is more than phat enough that it doesn't matter, and many internal resources are connected to that router anyways.
This happens because the main router keeps the VRRP VIP, and the two routers talk over
eBGP. The backup router advertises a default route to the primary, the primary doesn't advertise a default to the secondary router simple because nothing should ever go there that's intended for the YouFibre connection.
The main router is lost entirely the secondary will claim the VIP in a few seconds, it now has 192.168.0.1 and data flows out of its Internet connection.
Caveat here is that existing connections will drop and have to reestablish as their public IP will change. I could, of course, work around this by using SD-WAN or some other tunnelling but it's fine: the delay is acceptable.
The BGP is also there so that the secondary router can learn routes from the primary as the primary has a few other things connected to it via the main switch. There is an
SD-WAN virtual appliance running on the VMWare host, indeed it's actually the gateway for almost everything else on there, and it chats BGP to both routers so that they know about the subnets behind it. There are quite a few as that appliance is the hub appliance for a small, entirely virtual WAN, with my 'home' network behaving as the upstream datacentre giving said network Internet access.
There's another SD-WAN virtual appliance that is connected to a global network and it has BGP sessions also for test purposes - some of the mega bandwidth bursts are tests being conducted across said SD-WAN and my kit needs to know where to send traffic for those tests.
Security is provided in a very few ways. Firstly there is of course Weaver's beloved NAT although I suspect most of what I'm doing here is like Kryptonite to him: sorry Sir!
IOT devices have their own SSID, own access point and its only connection into the network is to a routed port not permitted to do anything other than go to the Internet. Their traffic is also captured and forwarded to an IDS VM living on the VMWare/ESXi host for inspection.
The routers run
Netflow. A collector consumes this telemetry and may be viewed though I'm rarely that bothered
If I were super concerned I could have all traffic go through the SD-WAN VM via some policy-based routing, where it would all be inspected by an IDS/IDP.
For network engineers this is all pretty basic stuff: it doesn't need to be complicated so why make it complicated?