Pro equipment for home network

[vjekob]

I would appreciate if I could get some suggestions for equipment
for my home network from those having experience with more pro/enterprise gear.

I have 4 floors in the house (top floor 3 apartments, bottom floor 1 apartment,
rest is private) and at present my gear is asus router running tomato (router/
access point on ground floor/cellar) and buffalo access point on 2nd floor, with cat5e
to cellar/dumb switch.

I would like to move to a new router, L3 switch and managed access points and setup
some logging/messaging in case of problems (tourists in apartments don't
like being without internet )

Would appreciate suggestions of pro equipment which would not break the bank.
 

[TPreston]

I use cisco aironet 3502's which can also be used as spectrum analysers.

For Layer 3 switches look around on ebay I got a ES4650F for 240 bucks a while back (Layer 3 IPv6 etc)

[Mr. Gibs]

Ubiquiti: https://www.ubnt.com/

[+BudMan MVC]

1 hour ago, vjekob said:

L3 switch

For what you would you need this??  While I understanding wanting to have the option to do this if need be.. I use a cisco sg300 which can do L3, but currently only using layer 2.  New replacement line for small business would be the SG350 also can do L3..

 

But I have a really hard time understanding the need in a small setup.  Unless you have so many devices and you wire speed on them between segments?  what is your network design with using an L3 in your setup..  So you want multiple segments/vlans but you don't want to firewall between them?

 

I would highly recommend the unifi AP, I have 3 of them in my home.  You could also look at their switches very reasonable priced full featured - I don't think they have L3 support.. There was lots of forum talk about that as I recall.  But until I see a drawing of your network I don't really think that is something you need.

 

What is the port density you need?  Unless you have lots of wired devices.. A 10 port SG300 or a 8 port poe from unifi and some unifi AP would prob be a good starting point.

 

As to router you could go full unifi mode and use say their edge router lite or the gateway.  Or could go pfsense and get a sg-1000 for $149 or build your own..

[vjekob]

The network fullfills several needs including acting as a learning tool.
I need at least 5 tagged VLANs :for Wifi for tourists, Wifi for private, home automation,
voip and my "lab" part - I need 24 - 28 ports. At the moment everything
is rather primitive - "firewall" is turned on the asus router and I have
3 port based vlans (Dlink dumb switch doesn't work with tagged vlans).

 

Razorfold and BudMan - regarding the unifi Ap's - do you use an AP controller ?

TPreston - what do you use for the AP controller and what sort of router
do you use ? You opted for a non-cisco
switch - do you loose out on any funtionality by doing that / any
compatibility issues I should know about regarding AP PoE / switch connection ?

Maybe someone could clarify something which is probably obvious
but I haven't dug into yet - how many ports does the router
need to have- is it more optimal if it has as many ports as
tagged vlans (presuming traffic is going to WAN, otherwise I guess

the L3 switch will do the routing) ?


 

 

[xendrome]

tourists in apartments seems like a business network not home.

[TPreston]

1 hour ago, vjekob said:

TPreston - what do you use for the AP controller and what sort of router
do you use ? You opted for a non-cisco
switch - do you loose out on any funtionality by doing that / any
compatibility issues I should know about regarding AP PoE / switch connection ?

I set them up as standalone access points with WDS. For the router I use a Cisco 1841.

 

The edgecore switch is fine reams of options but its not as easy to use as a cisco/dell due to lack of examples.

[adrynalyne]

30 minutes ago, xendrome said:

tourists in apartments seems like a business network not home.

I'm guessing this is a tranlslation issue and guest was meant. 

[Mr. Gibs]

2 hours ago, vjekob said:

The network fullfills several needs including acting as a learning tool.
I need at least 5 tagged VLANs :for Wifi for tourists, Wifi for private, home automation,
voip and my "lab" part - I need 24 - 28 ports. At the moment everything
is rather primitive - "firewall" is turned on the asus router and I have
3 port based vlans (Dlink dumb switch doesn't work with tagged vlans).

 

Razorfold and BudMan - regarding the unifi Ap's - do you use an AP controller ?

TPreston - what do you use for the AP controller and what sort of router
do you use ? You opted for a non-cisco
switch - do you loose out on any funtionality by doing that / any
compatibility issues I should know about regarding AP PoE / switch connection ?

There are many ways to run the UniFi controller. You can use the cloud key ( https://www.ubnt.com/unifi/unifi-cloud-key/ ), you can just install it on a computer and run it when you need, you can use amazon aws, you can run it off a raspberry Pi etc. The controller doesn't need to be run 24x7 unless you want to do traffic analysis.

 

Everything you mentioned that you need can be done using one of ubiquiti's products and they're significantly cheaper than similar products from other companies.

 

If you go the UniFi route you can control everything though the one UniFi controller mentioned above, but not all features can be accessed from the GUI. If you want more control through the GUI then you can go the EdgeMax route for the switches and router (each will have their own controller), and UniFi for the AP. The hardware is virtually identical in both cases.

[adrynalyne]

11 minutes ago, -Razorfold said:

There are many ways to run the UniFi controller. You can use the cloud key ( https://www.ubnt.com/unifi/unifi-cloud-key/ ), you can just install it on a computer and run it when you need, you can use amazon aws, you can run it off a raspberry Pi etc. The controller doesn't need to be run 24x7 unless you want to do traffic analysis.

 

Everything you mentioned that you need can be done using one of ubiquiti's products and they're significantly cheaper than similar products from other companies.

 

If you go the UniFi route you can control everything though the one UniFi controller mentioned above, but not all features can be accessed from the GUI. If you want more control through the GUI then you can go the EdgeMax route for the switches and router (each will have their own controller), and UniFi for the AP. The hardware is virtually identical in both cases.

Guest networks need the controller running unless the portal isn't going to be used. 

[vjekob]

adrynalyne - no translation issue - English is one of my mother tongues.
It's a way individuals can run apartment rental without forming a
company or similar.

Some very good information which helps a lot when one hasn't had
experience in the area - will be back once I narrow down my
choices.

[+BudMan MVC]

I run my controller on a VM on my esxi host.. Same place on run my router.

 

Still going to ask why you feel you need layer 3??  Again all for having that option in device you purchase for your switching.  But its going to up the price point..

 

28 ports - in all different vlans?  You mention only 5 vlans, how is the network laid out?  What is the data flow path - sounds like not going to be much intervlan traffic?  Your router needs as many interfaces as possible normally   But this can be reduced depending on the number of network segments you need and what the traffic flow between the networks is.

 

So for example if vlan X and vlan Y send alots of traffic back and forth between them.  You would not want them to be tagged vlans on the same interface on your router.. Since your now hairpinning their traffic and just /2 your total possible speed between devices on those vlans.  You would want those networks to be on their own uplinks to the router so that your not hairpinning.

 

But if your going to have a few different wifi vlans, that mostly just going to the internet.  Then those different vlans sharing the bandwidth of a single gig uplink is prob not a big deal.  Even if the they are wired if they are pretty much just going to the internet which is only say 100mbps and you have a gig uplink into the router/firewall for those vlans - them sharing the pipe is prob not a big deal.  In looking for best performance between your network this come into play.  So you while you could get by with your router only have 1 wan and 1 lan..  I would think something with more for the ability to have more uplinks..

 

What is going to take up these 20 some ports?  And many of those ports going to be in the same vlan?  Where are they located - are you going to home run all your connections back to this switch.  Or is an aptment going to have multiple hard wired ports in it?  If those are all going to be on the same network then you only need a dumb switch there.  And just need to connect to smart switch at your distribution or core level and not the access level.

 

The smarter the switch and the more ports it has the more its going to cost.  But as others have mentioned the unifi line is quite affordable.. Here is a 24 port managed switch for $215

https://store.ubnt.com/unifi/unifi-switch-24.html

[vjekob]

All connections are home run to the cellar (where all the equipment is) using cat5e .
Thanks for all the detailed info !!  - now I'll dig into the info and checkout the
equipment in more detail.

[TPreston]

Here is a 48 port cisco Layer 3 one for 108 bucks

 

http://www.ebay.com/itm/CISCO-CATALYST-3560-WS-C3560G-48TS-S-48-port-Gigabit-10-100-1000-Switch-/292023579619?hash=item43fdf633e3%3Ag%3AlYoAAOSwtfhYm~eC

 

You don't need to go for new gear its not as if its a SSD.

 

Plus if you work in IT it gives you a huge advantage over those who have only dealt with home devices. They also will have features that you will find nowhere else http://www.cisco.com/c/en/us/solutions/enterprise-networks/cleanair-technology/index.html

 

 

Edited February 13, 2017 by TPreston

[+BudMan MVC]

Yeah that would be great if he wants a 10/100 ports.. That device is lots of 10/100 ports with 4 gig ports which he needs sfp for.

 

Cisco Catalyst 3560-48TS: 48 Ethernet 10/100 ports and 4 SFP-based Gigabit Ethernet ports; 1RU

 

That is also from freaking china - and made 9 years ago.. Its not worth 100$ sorry...  For 200 he gets 24 GIG ports, made currently and with current firmware.  Does he have a cisco account to grab the latest version of the ios for that?  Or is he going to be running something from 2008..

 

While I would be all for enterprise cisco gear.. I wouldn't buy some gear off ebay from china that was made in 2008 to run my network to save a few bucks..

[TPreston]

15 minutes ago, BudMan said:

Yeah that would be great if he wants a 10/100 ports.. That device is lots of 10/100 ports with 4 gig ports which he needs sfp for.

 

Cisco Catalyst 3560-48TS: 48 Ethernet 10/100 ports and 4 SFP-based Gigabit Ethernet ports; 1RU

 

That is also from freaking china - and made 9 years ago.. Its not worth 100$ sorry...  For 200 he gets 24 GIG ports, made currently and with current firmware.  Does he have a cisco account to grab the latest version of the ios for that?  Or is he going to be running something from 2008..

 

While I would be all for enterprise cisco gear.. I wouldn't buy some gear off ebay from china that was made in 2008 to run my network to save a few bucks..

WS-C3560G-48TS-S

• 48 Ethernet 10/100/1000 ports and 4 SFP-based Gigabit Ethernet ports

• 1RU fixed configuration, multilayer switch

• Enterprise-class intelligent services delivered to the network edge

• Standard Multilayer Software Image (SMI) installed

• Basic RIP and static routing, upgradable to full dynamic IP routing

 

http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-3560-series-switches/prod_bulletin0900aecd801c5bf2.html

[+BudMan MVC]

Oh My bad - that is gig, didn't see the G in the listing on cisco.

 

Still its from 2008.. And going to be NOISY as ###### as well..

[TPreston]

Yeah they are two different things

 

3560-48TS

3560G-48TS-S

[+BudMan MVC]

Yeah I get that model number is gig.. But what is this on the desc?

 

Sorry for $100 I would still buy from unifi.. Even if I needed 48 ports.. I could go with their 48 port for $400 vs that what sure to be POS off ebay.. That is 9 years old...