Home network and lab network - new home build questions

[Navy_BOFH]

I am in the process of closing on a new home and am deciding now is finally the time to get away from the EERO and random switches I have around the house to keep my home network alive. The goal in the end is my office will be in the top corner of the house and the network panel will be in our laundry room so I will have a nice OM4 fiber and CAT6 run across the house. Internet will be a "free" Spectrum gigabit fiber connection so I don't expect to need more than gigabit WAN - but dual WAN would be nice to put a Cradlepoint or such on a second WAN port for LTE failover.

What I am looking for is network equipment I can set up for the home use and just leave it alone. I want to have a 10GbE port on the home network to span across to my office and then toss it to a "lab switch" or other network gear I can mess with without repercussion to the home network in the sense that my fiance and I are both WFH with a special needs child so keeping the home network "left alone" is my main priority.

So far it looks like Ubiquiti is the only thing that fits the bill. I can get a UDM Pro SE, Aggregation Switch, some APs, and a few cameras and use the Aggregation Switch to feed my lab and keep things segmented. I have looked at TP Link Omada, Alta Labs, etc and just running pfSense on an appliance as well (like the Cisco ENCS's I picked up recently).

Really in the end of the day I am trying to find a router/switch/AP solution that I can just "set and forget" and then add a few UI cameras and UNVR or such if I want to use their products or any other POE camera and NVR later. I am just hoping to get input from the masses to see if the grass is truly greener on the Ubiquiti side of the fence or if my money/time is better spent elsewhere to accomplish my home/lab network goals.

 

[Tech Junky]

Cradlepoint

I built my own with a M2 modem and a USB sled for under $300. I went a bit further than needed and got a 5G modem that has mmwave for when it's deployed more in the future but there are cheaper modems without for around $100. Plenty of LTE only options under $50.

I use it as my primary connection though and get 250/50 for $30/mo using a phone sim. When I go somewhere with it though it hits higher speeds around 600/100.

As for everything else you mentioned there the easy way to pay for something that just plugs in or the diy and a lot of control at significantly lower costs. It depends on how dirty you get your hands.

 

[Navy_BOFH]

I built my own with a M2 modem and a USB sled for under $300. I went a bit further than needed and got a 5G modem that has mmwave for when it's deployed more in the future but there are cheaper modems without for around $100. Plenty of LTE only options under $50.

I use it as my primary connection though and get 250/50 for $30/mo using a phone sim. When I go somewhere with it though it hits higher speeds around 600/100.

As for everything else you mentioned there the easy way to pay for something that just plugs in or the diy and a lot of control at significantly lower costs. It depends on how dirty you get your hands.

I like the idea! I work public safety LMR engineering so the Cradlepoint was a generic term since I have multiple devices like a Cradlepoint, Sierra Wireless MP70, Netgear Nighthawk, etc I can use (but definitely want 5G with mmWave in the future or as budget allows)

I am good with network engineering to the point of deploying my network in a sustainable way, but I should have clarified that I wanted a way for my spouse to see what is on the LAN and on what network it is on so the Alta/Ubiquiti/Omada type devices caught my eye at least to the point of seeing what is on the WiFi... but its not a deal breaker.

I have also have thought about just pfSense, Ruckus Unleashed or Engenius APs and an Aruba Instant On or similar switch for the home side.

The part I guess I am really struggling with is there's so many companies/devices in this market segment that I am just playing catch-up unless I just go with the typical surplus enterprise gear route and use the same Juniper/Fortinet/Aruba/etc gear I am used to seeing in my job.

 

[Tech Junky]

Sent you a link to my experience on the FWA side.

For the main junction to the ISP I just use a PC w/ Linux on it as my "router" but, the initial build was to combine several functions into a single box and get rid of the consumer junk in the process. It doesn't take much but, it sounds like you'll want some segregation between things to feed the dual WAN options into and then splice out the rest of the access.

I would setup a PC as your DMARC device to feed things into. The issue with some of these options is the OS might have issues with certain HW. PF / OPN tend to use BSD based OS and Debian based OS options are more suited to sometimes odd HW being able to run on them.

The PC option also gives you more room to add cards for the port types you want to or might want to use in the future. My current MOBO has 4 slots to play with and initially my plan had 1 left open for Gen5 tinkering but, consumed it quickly with a GPU for media processing instead. I also have an OTA card for TV stuff and a quad 5GE NIC and TB4 dual port. Basically a catch all for networking and media in the same box instead of 6-7 devices all over the place.

For an AP I used to do an internal card and configure it with hostapd instead of buying off the shelf. I wanted AX though to unlock more bandwidth so ended up going with a NWA210AX from Zyxel and while it hits 1.7gbps w/ a single client the temptation of BE bit me and I picked up a couple of M2 cards to take a stab at it again for $40/ea vs an AP at $500+. I got them working in basic functionality as an AP but only squeezed 200mbps out of them so far but, they're capable up to 5gbps if I put more time into reverse engineering things.

There's always something new though in the market and it's a PITA to keep tabs on everything. If you can narrow the scope a bit it will make it easier to tackle things piece by piece with an overall idea of where you want to end up. If the WIFI works fine now just leave it alone unless you want more speed. If you want telemetry data from the network there's apps for that whether SNMP / DNS / etc. No need to buy into a closed ecosystem and get trapped by high priced gear.

Setting up a vanilla Linux "router" isn't hard and you can add functions fairly easily. Right now I'm at ~30GB of space used on the OS w/ CPU sitting around 1% most of the time. I swapped 5 * spinners for a U.3 15.36TB to reduce the heat inside the box not to mention slicing off about 15# of disks. It's just some simple tweaks to a few files to get your baseline setup and for the firewall it's ~15 line in iptables to only allow internal LAN traffic to originate outbound traffic and block everything else. I do most admin by SSH though but, you can install something like webmin for a GUI / SSH hybrid in the browser. I use pihole to block by DNS anything suspicious or annoying. I'm always messing with it though and it's a rolling hot mess sometimes when I shoot myself in the foot trying to rip something out of the OS or put a new piece of HW inside to play with.

 

[sic0048]

Are you building? If so and you are running cables during construction, the planning for wire runs is really the only thing that matters at this point. The actual networking equipment that you choose can and will be changed in the future. But the cabling could be very hard to change in the future. Don't cheap out on this process and pull more than you think you will need. You should also consider non-networking wiring needs as well - home alarm system, low voltage wiring needs such as sprinkler controls or outdoor lighting, how to tie individual systems in your home into a larger automation system, etc, etc, etc

 

[Navy_BOFH]

Are you building? If so and you are running cables during construction, the planning for wire runs is really the only thing that matters at this point. The actual networking equipment that you choose can and will be changed in the future. But the cabling could be very hard to change in the future. Don't cheap out on this process and pull more than you think you will need. You should also consider non-networking wiring needs as well - home alarm system, low voltage wiring needs such as sprinkler controls or outdoor lighting, how to tie individual systems in your home into a larger automation system, etc, etc, etc

It is a new build but we signed for it after it was essentially complete with construction. Lennar (the builder) includes a Legrand panel and a run to the kitchen and living room - but I will be installing further runs as best as possible once I am handed the keys. The minimum for me is the run(s) to my office, and from there I will have to gauge where I want further runs for APs and cameras. The rest of the "smart home" stuff like irrigation and HVAC are all WiFi so I am hoping to deploy an IOT SSID and VLAN for all that fun.

But you are right - cabling after drywall is up is never a fun thought and I am already having to come to terms with the house will be a month old and I will have a drywall saw in my hands. Since I have a nice little "home theater" for my living room, running wires for surround and/or Atmos speakers is part of this project as well so I will just stomach the "cutting into a new home" once to just get it over with and everything returned to "new".

 

[Tech Junky]

@Navy_BOFH

It's all about timing when it comes to cabling. My place is wired with dual runs to each jack but the building is ~15 years old now? They had the foresight to do it at that point. 5E but, whatever, it works fine when I was using it but, I'm 100% wireless now. If I had to wire things these days I'd just pay an electrician to do it and make them warranty things so when it breaks they can just pull a new cable and terminate.

Sure would be nice if they put conduit inside the wall and some covers on the drywall that allow you access like the blank plates in different areas of the house. As long as you can get cables for the APs most of them have additional jacks you can plug a switch into if you need some additional ports in that area. This is where looking at the details comes into play as most of them have 1GE but, some of the newer stuff has 10GE. For POE to keep costs down just get some injectors. IIRC I got a 10GE one for ~$60 for the AP I'm using just to do it. I put a Y cable to the PC and the injector to keep things tidy.