Need help designing my home network

Amail · 02-18-2016, 10:55 AM

I’ve got a fairly typical home network setup. Cox cable to cable modem, to wireless router. Hard wires to desktop computer, TiVo, Blu-Ray, and to a hub in another room. Hub has nothing connected currently.

Wi-Fi has 2 iPads, 2 S5 phones, Raspberry Pi, various family phones when they visit. I’ve also given the password to our neighbors so they can piggyback onto our wireless network if they can get a signal. I see they've got three or four devices connected. I’m using WPA2-SK2 authentication and I’ve changed the router username and password, but that’s the extent of my protection. Physically, the modem, Wi-Fi, and desktop are in the far corner of the house, so Wi-Fi coverage gets to about the living room but not much more.

I think it’s time to reconfigure things. I will be installing several smart devices over the coming months and I need solid Wi-Fi everywhere, including outdoors. I want to isolate guests from the home computer so we don’t get viruses coming in from the neighbors or kids who log on. Maybe it makes sense to add a NAS for photos & music and strip the home computer down to just a terminal.

I’m looking for recommendations. Given a budget of ~$500, what would you recommend?

stomachmonkey · 02-18-2016, 11:21 AM

How much coax is running in the house?

Do you have a drop on the other side where coverage is lacking?

Amail · 02-18-2016, 11:45 AM

Quote:

Originally Posted by stomachmonkey

How much coax is running in the house?

Do you have a drop on the other side where coverage is lacking?

I've got two coax runs, one to each corner of the house. I don't have any CAT5 drops in the living room.

stomachmonkey · 02-18-2016, 12:54 PM

Perfect.

Use MoCA routers / extenders.

http://www.actiontec.com/products/14.php

Are you by chance a T-Mobile customer?

Amail · 02-18-2016, 01:09 PM

Not a T-Mobile customer.

Interesting link. I bought an extender recently that plugged into an outlet in the hallway, but was told although it extended the range it halved the bandwidth. I want something that allows full-bore throughput as well as 100% coverage. Also, getting signals over the entire property is important. I will be installing Wi-Fi enabled nodes around the property (shed, pool pump, irrigation) so bullet-proof connection is important.

id10t · 02-18-2016, 01:20 PM

Find a central drop that has power available. Run an ethternet cable from your cable modem (at one of your2 coax places) back to the router.

Run ethernet from the router to various places in the house to put wireless access points so you'll have good coverage everywhere adn outside.

Run ethernet from there to "fixed" locations for connectivity - behind the TV, to your desktops, etc.

That takes care of connecting... now to secure it. You want your neighbors on a different subnet with no route to your subnet. You want house guests on a 3rd subnet (probably). Perhaps put your printer into a place where both your stuff and any guests that come by can reach it.

Fun thinking process... think my students have a new lab to do next week. If I see any truly amazing results from them I'll post back

stomachmonkey · 02-18-2016, 01:20 PM

MoCA will get you full gigabit to the router.

From there you want the latest generation a/c router.

Apple AirPort Extreme or my personal go to favorite the ASUS series.

They are a bit spendy and will eat half your budget.

I asked about T-Mobile because they offer their customers a private label version of the ASUS for free or at worst a $25 deposit. It's a $300 retail unit.

Not in the office right now and can offer more detail later.

beepbeep · 01:37 PM

"Extenders" aren't optimal as they basically work in half-duplex...they "listen" then "talk". It cuts the WiFi bandwidth in half. If you have slow Intertube connection and no local devices that talk to each other then extender might be OK. We have 100/100Mbit FTTH connection and use it a lot, so I opted to solved it this way:

One powerful router connected to Interwebs, to act as main NAT-router. (This router supports 801.11n/ac and has both 2.4GHz and 5GHz bands). Parallel to "house" network, I also configured a separate WiFI guest network on 2.4GHz band that guests/neighbours can use. This network cannot talk to our home network, so it is strictly for Intertubes. As main router cannot cover whole house with WiFi signal, I have bought two cheaper/less powerful routers (but still 801.11ac-capable), connected both to main router via 1Gbit Ethernet cat5e and bridged them so they work as dumb access points. They also have built-in 4-port switches and double as fringe switches for stuff than needs to be wired.

When all three routers were up and running, I configured same SSID on all of them (so devices can roam from router to router) and paid great attention to use separate WiFi channels on each and every device (so they do not interfere with each other).
iPhones/Ipads/laptops will roam and latch to whatever signal is strongest. Istuff will cling to weak signals longer, but laptops can be configured to roam more aggressively.
That is my "cheap and dirty" way to get a good coverage for reasonable amount of money. There are also much more fancy Ubiquity Access Points that handle roaming and handover better, but they are 10x the price of my solution.

stomachmonkey · 02-18-2016, 01:39 PM

Quote:

Originally Posted by beepbeep

"Extenders" aren't optimal as they basically work in half-duplex...they "listen" then "talk". It cuts the WiFi bandwidth in half. If you have slow Intertube connection and no local devices that talk to each other then extender might be OK. We have 100/100Mbit FTTH connection and use it a lot, so I opted to solved it this way:

One powerful router connected to Interwebs, to act as main NAT-router. (This router supports 801.11n/ac and has both 2.4GHz and 5GHz bands). Parallel to "house" network, I also configured a separate WiFI guest network on 2.4GHz band that guests/neighbours can use. This network cannot talk to our home network, so it is strictly for Intertubes. As main router cannot cover whole house with WiFi signal, I have bought two cheaper/less powerful routers (but still 801.11ac-capable), connected both to main router via 1Gbit Ethernet cat5e and bridged them so they work as dumb access points. They also have built-in 4-port switches and double as fringe switches for stuff than needs to be wired.

When all three routers were up and running, I configured same SSID on all of them (so devices can roam from router to router) and paid great attention to use separate WiFi channels on each and every device (so they do not interfere with each other).
iPhones/Ipads/laptops will roam and latch to whatever signal is strongest. Istuff will cling to weak signals longer, but laptops can be configured to roam more aggressively.
That is my "cheap and dirty" way to get a good coverage for reasonable amount of money. There are also much more fancy Ubiquity Access Points that handle roaming and handover better, but they are 10x the price of my solution.

You should be seeing better than 60 and 200.

Restrict your 5 Ghz to N devices and leave 2.4 open for a/b/g.

Amail · 02-18-2016, 02:26 PM

Quote:

Originally Posted by id10t

Find a central drop that has power available. Run an ethternet cable from your cable modem (at one of your2 coax places) back to the router.

Run ethernet from the router to various places in the house to put wireless access points so you'll have good coverage everywhere adn outside.

Run ethernet from there to "fixed" locations for connectivity - behind the TV, to your desktops, etc.

That takes care of connecting... now to secure it. You want your neighbors on a different subnet with no route to your subnet. You want house guests on a 3rd subnet (probably). Perhaps put your printer into a place where both your stuff and any guests that come by can reach it.

Fun thinking process... think my students have a new lab to do next week. If I see any truly amazing results from them I'll post back

Part of my problem is lack of space in the attic. I have a very shallow roof pitch, 1:12, so crawling around up there is tough. I'd do it if I had a good plan and was sure it would serve me for years to come - that's actually what I want.

I could see placing a router in the hall closet and running two CAT5 to there: one from the cable modem, one return to the computer. I could run four more CAT5 from the router: one to the living room for an Ethernet drop, and three Wi-Fi AP's.

How many separate and distinct SSID's could I have? Is that what is meant by different subnets?

Quote:

Originally Posted by beepbeep

"Extenders" aren't optimal as they basically work in half-duplex...they "listen" then "talk". It cuts the WiFi bandwidth in half. If you have slow Intertube connection and no local devices that talk to each other then extender might be OK. We have 100/100Mbit FTTH connection and use it a lot, so I opted to solved it this way:

One powerful router connected to Interwebs, to act as main NAT-router. (This router supports 801.11n/ac and has both 2.4GHz and 5GHz bands). Parallel to "house" network, I also configured a separate WiFI guest network on 2.4GHz band that guests/neighbours can use. This network cannot talk to our home network, so it is strictly for Intertubes. As main router cannot cover whole house with WiFi signal, I have bought two cheaper/less powerful routers (but still 801.11ac-capable), connected both to main router via 1Gbit Ethernet cat5e and bridged them so they work as dumb access points. They also have built-in 4-port switches and double as fringe switches for stuff than needs to be wired.

When all three routers were up and running, I configured same SSID on all of them (so devices can roam from router to router) and paid great attention to use separate WiFi channels on each and every device (so they do not interfere with each other).
iPhones/Ipads/laptops will roam and latch to whatever signal is strongest. Istuff will cling to weak signals longer, but laptops can be configured to roam more aggressively.
That is my "cheap and dirty" way to get a good coverage for reasonable amount of money. There are also much more fancy Ubiquity Access Points that handle roaming and handover better, but they are 10x the price of my solution.

That sounds pretty slick! Do you need to configure the devices connecting to the network, or just make sure each AP is on a separate channel?

stomachmonkey · 02-18-2016, 02:32 PM

Quote:

Originally Posted by Amail

Part of my problem is lack of space in the attic. I have a very shallow roof pitch, 1:12, so crawling around up there is tough. I'd do it if I had a good plan and was sure it would serve me for years to come - that's actually what I want.

I could see placing a router in the hall closet and running two CAT5 to there: one from the cable modem, one return to the computer. I could run four more CAT5 from the router: one to the living room for an Ethernet drop, and three Wi-Fi AP's.

How many separate and distinct SSID's could I have? Is that what is meant by different subnets?

That sounds pretty slick! Do you need to configure the devices connecting to the network, or just make sure each AP is on a separate channel?

Use your COAX, you don't need to run CAT.

Everything else works the same.

I have 5 routers running in my house, four as AP's. 3 of them are MoCA.

stealthn · 02-18-2016, 02:56 PM

First, I would never let my neighbours run on our systems; what if they are into child porn, hacking, illegal downloads, etc. Prove to the FBI/Police it's not you....

Second I can't help at all with that budget

Amail · 02-18-2016, 03:08 PM

Quote:

Originally Posted by stealthn

First, I would never let my neighbours run on our systems; what if they are into child porn, hacking, illegal downloads, etc. Prove to the FBI/Police it's not you....

Second I can't help at all with that budget

Yeah, I'm kind of a soft touch. I adore our neighbors and am happy to help them any way I can. If I thought there were any chance they were into something shady I'd not have let them on the Wi-Fi. However, they do have friends that come over and I don't know what access they have, so I may be rethinking my policy. Thanks for the input!

Amail · 02-18-2016, 03:12 PM

Quote:

Originally Posted by stomachmonkey

Use your COAX, you don't need to run CAT.

Everything else works the same.

I have 5 routers running in my house, four as AP's. 3 of them are MoCA.

Something about the MoCA's seems wonky, but that's just my perception. I'm doing a bit of research on them and it appears it's a pretty mature technology.

We also have some signal boosters on our line, and I don't know what we have in the way of filters - all of this installed by Cox. The splitter at the front of the house is a pretty bulky affair and doesn't look like splitters you see at Home Depot. Is this really as plug and play as it sounds?

stealthn · 02-18-2016, 03:36 PM

You could also use Ethernet over Powerline, I have no experience with the products but it's been around a while

Best power-line adapters of 2016 - CNET

stomachmonkey · 02-18-2016, 03:46 PM

Quote:

Originally Posted by Amail

Something about the MoCA's seems wonky, but that's just my perception. I'm doing a bit of research on them and it appears it's a pretty mature technology.

We also have some signal boosters on our line, and I don't know what we have in the way of filters - all of this installed by Cox. The splitter at the front of the house is a pretty bulky affair and doesn't look like splitters you see at Home Depot. Is this really as plug and play as it sounds?

MoCA is the default topology for Verizon FIOS.

It's rock solid.

The splitter you have at the front which you describe as large is most likely a diplexer.

Diplexers are used when you need to combine two signals, think satellite and cable tv, over the same coax run.

A diplexer is a way to run two distinct signals over the same wire without them conflicting. Should be one on the other end to split it back out again. If not it's not a diplexer. Take a picture.

The only consideration is to make sure your splitters are rated for 1 GHZ.

dad911 · 02-18-2016, 04:13 PM

Quote:

Originally Posted by Amail

.......Maybe it makes sense to add a NAS for photos & music and strip the home computer down to just a terminal.

I’m looking for recommendations. Given a budget of ~$500, what would you recommend?

Quote:

Originally Posted by stealthn

First, I would never let my neighbours run on our systems; what if they are into child porn, hacking, illegal downloads, etc. Prove to the FBI/Police it's not you....

+1

Quote:

Originally Posted by Amail

Yeah, I'm kind of a soft touch. I adore our neighbors and am happy to help them any way I can. If I thought there were any chance they were into something shady I'd not have let them on the Wi-Fi. However, they do have friends that come over and I don't know what access they have, so I may be rethinking my policy. Thanks for the input!

It may not be your neighbor, but a friend/teen guest.....

Great advice from the others, and I am not a networking guru, but for what it's worth, not only would I never open my network to outsiders, I also don't broadcast the network name. At a rental property, I broadcast a sub-net, give the tenants a password for that, and change it once a year.

As for a NAS, thare may be better options now, but I have 2 Synology boxes. One at home, another at my office, and they automatically 'clone' their data. I can also sync subfolders with folders on my laptop, so if I am away from home or office, data syncs through the net. Been rock-solid for the last 5+ years.

beepbeep · 10:40 PM

Quote:

Originally Posted by Amail

That sounds pretty slick! Do you need to configure the devices connecting to the network, or just make sure each AP is on a separate channel?

As long as all SSID have same name and use same password, devices do not need to be configured to "roam" between AP's. They will switch to stronger AP once the signal gets too low. Only difference between that and 10x price Ubiquity is that my solution lets device decide when to let go, whether Ubiquity senses this and forces device to switch AP by killing the link. (Some devices can be configured to roam more aggressively).
I used TP-Link Archer C2 as edge switches/AP's. They cost 40$ a piece and support 801.11a/b/g/n/ac (albeit not the highest ac-speed standard, but still plenty enough). You could also configure them to act as repeaters, but optimal solution is to wire them to main router.
If you want this done well, you will need to run at least one Cat5e to every AP. I pulled out phone cable from walls and managed to pull trough enough Cat5e to cover all rooms in true star-manner. Check if there are some pipes you can use.

For main router I use Archer C7, as it can route packages up to 1Gbit/s.

beepbeep · 02-18-2016, 10:46 PM

Quote:

Originally Posted by Amail

I could run four more CAT5 from the router: one to the living room for an Ethernet drop, and three Wi-Fi AP's.

If you use a cheap bridged router as an AP, you get four-port ethernet switch "for free" on each of them

Holger · 02-19-2016, 12:25 AM

Quote:

Originally Posted by stealthn

first, i would never let my neighbours run on our systems

+1000