Hi everyone,
I’m not sure if this is the right community, but the home networking magazines seem to be pretty dead. I’m a bit green with regard to networking, and am looking for help to see if the plan I’ve come up with will work.
The main image in the post is my current network setup. Basically the ISP modem/router is just a pass through and the 10 Gb port is connected to my Asus router, which has the DHCP server activated. All of my devices, home lab and smart home devices are connected to the Asus router via either Wifi or Ethernet. This works well, but I have many neighbours close by, and with my 30+ wifi devices, I think things aren’t working as well as they could be. I guess you could say one of my main motivations to start messing with this is to clean it up and move all possible devices to Ethernet.
The planned new setup is as follows, but I’m not sure if it’s even possible to function this way.
https://i.postimg.cc/7YftSFt6/IMG-9281.jpg
ISP modem/router > 2.5 Gb unmanaged switch > 2.5 Gb capable devices (NAS, hypervisor, PCs) will connect directly here, along with a 1 Gb managed switch to handle the DHCP > Asus router would connect to the managed switch to provide wifi, and remaining wired devices will all connect to the managed switch as well.
Any assistance would be appreciated! Thanks!
Edit: fixed second image url
You must log in or register to comment.
The main issue is your 30+ Wi-Fi devices. One AP can only handle this much total bandwidth. But first, it looks like you waste 2gb of your fibre speed? Get a compatible router.
For your setup it almost looks like you’re better off with a total 10gb internal speed. And get 2 more AP, one dedicated for your smart home, one for „less important devices“ and use the ASUS for the rest. - remember to use different channels on each AP.
So in short hook your HV,NAS,PC,[new router w/ AP?],[AP2],[AP3],[AP1?] on a new 10GB switch. Split your devices over the 3 AP, on different channels
Edit: or you could get one of those for cheaper „Qnap QSW-M2108R-2C“ That is a 2.5G with two additional 10G ports so you could plug your new router into one of them and use the other for later use of the NAS if it supports that speed
OP needs a proper router that make use of their 3g fiber which will be mostly newer and powerfull and has better wifi. That should be their 1st priority.
Edit: You don’t need a 2.5gb ethernet (or better for futur proofing) for every client, but that NAS and Hypervisor could use that bandwith so consider yor options while you are at it.
I could definitely use the ISP router as well, and just add a 2.5/10G switch, but it is very limiting and when I first tried it, it would reset my settings every time the IP changed (anywhere from 1 week to 1 day). I definitely want the NAS, HV and my main PC on a faster connection.
You can always use your current router as an AP and use an x86 pc with 10gbe or 2.5gb network card(s) as your main router (or even a switch)
proper access points support 30+ clients without any problem (I doubt that the advertised number of 300 clients holds up for unifi aps, but 30 is definitely not a problem), especially for low traffic clients like iot devices.
why op gives up 2gbps from his 3gbps line is a mystery to me though…
Technically they can handle 300 clients, if none of them are talking. With any wireless communication, only one device can talk at a time, maybe two if sending and receiving works on different frequency, which WIFI is not. So no matter what manufacturer says, on 2.4GHz, fewer clients can talk because bandwidth is lower and sending/receiving packets takes time. Whenever possible, stay away from WIFI. The more you use it, the worse it will get.
This is my understanding as well, and why I prefer to get away from wifi for any device that can be wired. My neighbourhood has houses so close I could shake hands with my neighbours through a window, and they all have lots of wifi devices, so interference is inevitable.
Purely technically speaking you can fit all of wireless bands into a single fiber optic and have room to spare. Then you can run fiber in parallel.
The 3Gbps line is new to me, just upgraded from 1.5 as it was only $5 more per month, so I’m looking at how to actually utilize this now, not actively “giving up” 2Gbps 🙂. I also didn’t have any devices that could take advantage of it until some upgrades, so here we are.
Is it necessary to dedicate a WAP to IoT, etc? I would recommend setting up separate SSIDs and connect each to their own VLAN, and each VLAN a subnet. And have each WaP broadcast each SSID and have the router handle the traffic routing. That way WAPs are dedicated to the devices that they are near, not the devices they are assigned to.
Since VLAN isn’t officially part of the standard, you’d need all your network devices support it. And I wanted to give a device-load-balance. So not increase coverage but reduce the amount of devices per AP. Separate SSIDs and VLAN aren’t helping that it just makes it easier to track, wich group is causing the load
Since VLAN isn’t officially part of the standard
VLANs are a standard: 802.1Q. Your client devices don’t have to support it, just your switches, routers, and access points. On a switch, you can configure each port to treat untagged data as part of a particular VLAN. Similarly, with a good wi-fi access point, you can add multiple SSIDs each of which is on a different VLAN.
You’re right. I just gave a very simplified answer. VLAN isn’t part of the default network communication and therefore every „node“ needs to support it and be correctly set up, or otherwise the VLAN tag will be removed at that point.
And in my other comment I emphasized, that my main issue with multiple WAP is, to distribute the amount of devices each has to talk to. Multi SSID wouldn’t solve that
Since none of my devices support 10Gb, that would get real expensive, real fast to add 5 10Gb NICs and a 10Gb switch/router. I was actually looking at the QNAP 2.5Gb switches. There are also some no-name brand unmanaged switches like Mokerlink and Nicgiga, that are well reviewed. Some have 8 x 2.5Gb and 1 or 2 x 10Gb SFP ports. I could have one of those plus a 16 port TP-Link managed switch for about $220 CAD all in, and the HV, NAS and PCs all support 2.5Gb already so no additional expense there.
Just a question of whether the way I laid it out will work or not.
You wouldn’t need that many 10Gb devices. Just one(s) that split up the traffic to other devices. Either the ISP router needs to split it up or the device that does the splitting should be 10Gb. If you go with 2.5Gb youll be losing 0.5Gb, assuming you actually get 3Gb from your ISP.
The intent isn’t to get 10Gb to every device, but to actually be able to use the full 3Gb you’re paying for. Right now it looks like you’re wasting 2Gb of your bandwidth because everything goes through your personal router which is limited to 1Gb.
Hmm that’s true. I’ve been researching used enterprise 10Gb SFP switches after one of the comments and I think that’s the way to go. And yes, in the tests I’ve ran on the ISP router, I get the full advertised speed. Can’t test above 1Gb on the other devices, but even through a VPN it averages 0.9Gb down/up.
I get it. I’ve actually only recently upgraded to the 3Gb plan because it was only another $5 per month over the 1.5Gb plan I had, so just trying to sort out next steps. Probably should have mentioned that in my post ☺️. I will definitely leave the PCs that are used for browsing/basic gaming/yt on 2.5, no need to change anything there as I doubt they will ever saturate 1Gb. After some of the posts here and more research, I definitely want the NAS and my main PC on 10Gb, and it should only cost a little more than planned. The HV uses a USB 3.0 Ethernet adapter, but I see there are some 5Gb ones available that will double the bandwidth.
Also 10G is really cheap if you go with used SFP+ gear. Like I’ve got a managed 48x 1G + 4x 10G Dell switch I got for AU$78 running my network. The NICs are about US$40 used, ConnectX3s seem the cheapest, I usually use Intel X520s which are a little more (watch out for clones though).
For the accessories: DACs are AU$20 new from fs.com, and because you’ll probably need ethernet for that router, a 10GBaseT transceiver is AU$90 new off eBay. Those you could probably buy cheaper used too.
Additionally you wouldn’t be adding 10G to all your devices, I’d just definitely do between your router so you can have 3 1G devices maxing out your 3Gb internet, and maybe add it to a server or two.
And if you do your own runs, in my experience, fibre is slightly cheaper for the longer runs than CAT6 itself too.
Thanks for throwing me down a rabbit hole lol, I learned so much today. I spent a good chunk of the day researching this stuff, and found a couple of options. Came across these HP NC522SFP 10Gb NICs, someone selling 2 for under $100. My understanding is I can pair these with the generic DACs at FS.com (thanks for sharing this btw) and any 10Gb SFP switch, and I will be able to get the 10Gb link? And right, a transceiver to get the link from the ISP to the router.
I still have to do the runs for the second floor and other half of the main, but the basement is done. The whole NAS, HV, router and all that live in the basement, and the main PC will be moving there so would be easy enough to do some fiber runs there, and it’s all short. I think the longest would be 15 feet. Thanks!
Came across these HP NC522SFP 10Gb NICs
Yeah I have one and they’re pretty good, and I haven’t had an issue using it with generic stuff.
any 10Gb SFP switch
Some switches from bigger companies (like the ones listed on fs.com products) are vendor locked, but you should just need a DAC cable compatible with the switch to work.
a transceiver to get the link from the ISP to the router
Correct! Make sure to get an ethernet/10GBase-T one, because there are other transceivers.
would be easy enough to do some fiber runs there, and it’s all short.
I did forget to mention that you would need more transceivers to convert between the fibre and SFP+, and they are rated for up to different lengths but they should reduce their power for shorter distances. They also come in different speeds too, but unless you’re really strapped for cash, it’s not worth it to go below 10G.
I currently have a 300m ones doing a run of 30m, and I’m about to do a 10m run too. Also these are about AU$10-$20, I find
FTLX8571D3BCLs the cheapest, but there are others. (I actually got mine for free off a guy on Reddit)
from a diagramming pov, remember to document the link speed at each end as well as the ethernet cable type. if your cable modem supports 10GB I would really really look at 10GB network devices pretty closely, budget allowing. I would steer cleared of managed, it’s just a PIA for your setup.
You might want to experiment with modem <-> switch <-> wifi vs (modem <-> wifi <-> switch). remember wifi is just ethernet. so the order may or may not matter as much (vendor gets a vote). there does not appear to be a reason to march ethernet cable traffic thru the wifi router, but maybe there is???
def agree an 8 port switch might be better for you, use a 5 to split a single cable at a single location (say, tv + game console + speaker combo)
Remember if you need a WiFi mesh (multi access-point) to connect your devices, if possible, link the mesh backplane together via ethernet cable so that you don’t chew half the speed with wi-fi backplane chatter.
Oh that’s a good point about the diagram. I just threw these together real quick to help show what I mean. Yes the ISP hardware gives me a 10Gb RJ45. I’ve been researching 10Gb networking today and I think that’s the play. How come you think a managed switch would be a pain? Just from a setup perspective?
Modem <-> switch <-> wifi router is what I was thinking to do as in my second diagram, with the wifi router handling the DHCP, but now you have me thinking if that makes sense at all.
So the 5 port switch I have does exactly what you say, but the area is also in a spot where I have easy access and can add a couple more LAN drops in a matter of minutes.
Good tip, if I add an AP I will definitely wire them together. Thanks!
If your goal is more to clean up and budget can handle it, I’d highly suggest getting a managed switch (as long as its throughput matches that of your network). Setup VLAN isolation and wire everything you can to it. A 10Gbps SFP RJ45 transceiver would allow the switch to accept the full 3Gbps. Yes, the router is only 1Gbps and that’s probably going to be a bit of a factor, but you could iteratively upgrade other parts like your router as time goes on. When the time(s) are right for you, you can simply keep building on to a good base that way.
For example, next step get another 10Gbps SFP rj45 transceiver for the other SFP slot and wire your router to that. Next step, upgrade the router to 10Gbps. Next step, add another wireless AP.
Maybe everyone else is seeing something I am not, but what routing path is for internet traffic to “Future PC” and its neighbors? You have the ISP modem labeled as a passthru, which means it is not handling NAT/firewall. What device is binding to the WAN IP address that the passthru will be handing out? An unmanaged switch is not going to do that.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters AP WiFi Access Point IP Internet Protocol IoT Internet of Things for device controllers NAS Network-Attached Storage NAT Network Address Translation PIA Private Internet Access brand of VPN VPN Virtual Private Network
7 acronyms in this thread; the most compressed thread commented on today has 8 acronyms.
[Thread #202 for this sub, first seen 9th Oct 2023, 02:25] [FAQ] [Full list] [Contact] [Source code]
Looks like it’ll work. You should look into flashing that router with openwrt or pfsense and VLANing off those smart devices… They can be a security issue.
Also adding a second AP that you place on a different channel for guest and untrusted devices would work and increase bandwidth, but adds some routing complexity.
The router runs Asuswrt-Merlin, but unfortunately the RT-86U doesn’t provide VLANs with Merlin, and there is no openwrt port for it.
You think it should work though with the router being placed after the switch and handling DHCP?
Ooookay… Took me a second to wrap my head around the layout… Originally I only looked at the picture, which only shows a single switch.
This is an odd topography. Typically when working with switches, you want them connecting directly to the router and not connected to another switch.
You are going to have bandwidth issues out the ass, along with having a troubleshooting nightmare when something goes wrong and you need to trace packets.
Right now you have a hub and a spoke inside a hub and spoke.
Since it looks like your Asus is just an AP in this scenario, you’d be better off:
- hooking both switches to the ISP router
- enabling DHCP on the ISP router for the 2.5g switch
- set your 1g switch to a different subnet, with default gateway to your ISP router
- enable dhcp for different subnet
- add Asus for WiFi ability on new subnet
You can then play around with VLANing on the managed switch. You won’t be able to separate IoT and Personal WiFi signals with VLAN. Youd need to create a guest SSID for that functionality and change the channels to 6 and 11 so you get good bandwidth
Edit: this is assuming you have a layer 3 switch, if its a layer 2 I would use the Asus as a router/AP and hook it directly to the ISP router and hook the switch up to the Asus.
What about an ONT modem?
ONT is usually provided by the ISP (at least that’s the case where I live) and you can’t really do much with it in terms of customization, so I consider it part of the “internet” cloud in the picture. It’s essentially just a media converter from fiber to RJ45 or SPF+
If the ISP provides a router, sometimes (but not always) the ONT is built into that. My ISP just provides an ONT and you need to either provide your own router or rent theirs (an Eero mesh).
This is exactly my case, where it’s built into the ISP provided router. Previous model had a removable SFP and some were able to use that on their own hardware, bypassing the ISP provided gear.
I would also consider to set up a DMZ for the Hypervisor and maybe NAS (depends on how you use it) if you access it from the internet.
I’ve got a reverse proxy set up to handle the traffic of the services I want accessible outside my network, and port 80/443 open to be able to access them.
