Home network redo of 2021

marcoi

Well-Known Member
Apr 6, 2013
1,437
239
63
Gotha Florida
I am in the process of upgrading my home network for this year. I am moving to 10GB and also want to redo the networking to make it more efficient etc.
My house had some networking done prior to my purchase. I think its all cat 5e. It setup where ports are around the kitchen area, living room, office, master bedroom and bonus room. All the ports end up back in my office space. I started noticing issue with the network when running zoom. I was getting a lot of disconnects and bad internet messages which was strange due to 1GB fiber. when i did speed tests i would hit 800-900 range. Long story short, due to how the networking was done in the house, i had 1 GB line from server room switch going to my office area where I then split it out to my main pc and 5 AP points plus other rooms in the house. Soo all my traffic was going down 1 GB line. I decided not to run new network cables but see where i can improve on design on my network. Thus the upgrade process described below.

Any suggestion welcomed.


Current Setup:
I have pfsense running as my router, it provides wpa auth for my ATT fiber. I also have 5 fixed ip addresses with my ATT account i can use. Right now i have 4 port nic setup as a passthrough on the pfsense vm. 1 port for opt, 1 for LAN, 1 for VLAN 10 IOT and 1 for fixed Ip addresses.

Currently i have dhcp setup on ATT pfsense VM for lan, IOT and fixed ip addresses. For my home network i use one of the static IP and send it to Sophos UTM VM where it then gives out a different set of dhcp addresses for the rest of home network. IOT devices on are vlan 10 and that gets distributed by WIFI AP to IOT devices. Nothing else on the network access the VLAN 10 IP. It only accessible via WIFI on a certain SSID. The rest of the static ip addresses go to various VMs or other pfsense VMs.

I have two dell power connect 5024 switch that the three servers connect too and all the other WIFI AP and pcs etc. The switch sfp+ ports are used right now for storage between servers and run at 10GB, rest of servers are running all 1GB nic. Then as described above with the bottleneck of 1 GB line feeding everything.

So far part of my upgrade i got two qnap QSW-M408-2C units to bridge out to 10GB around the house. I didnt want to run new lines at this time. So i wanted to see if i can get 10GB out to my office using cheap switches that supported 10base-t connections. So i setup my two qnaps so far. One is in the kitchen area, closes to the server room. I am running a network cable from a sfp+ 10gb converted over to 10base-t port using an adapter. This connects to the qnap in the kitchen area. That connects at 10GB. I then moved one of the AP off the port running back to the office and plugged it directly into qnap so it has full 1GB speed to switch and back to rest of network at 10GB speed. I then setup another qnap in the office and since both units offer 10base-t and sfp+ ports i connected lan cable and it connects at 5GB which is enough for my needs. I have my main pc connecting at 2.5GB to the switch and 3 of the APs connecting to 1 GB ports. The forth one is meshed out in the garage connecting to kitchen AP wirelessly.

Then i went to test network with iperf3 and it maxes at 1GB speed, that is when i realized all the rest of the servers are connecting at 1GB lol.

So next purchase was a dell power connect 8024 24 port 10base-t switch. That switch also has 4 shared sfp+ 10gb ports. So my plan is as follows. Replace the two power connect 5024 switches with the one 8024 switch. Two of my servers already have 2 10base-t nics on them. I will run those cables into the switch and configure for 10GB. The storage will move into the 3 ports of sfp+. Currently my 3rd server does not have 10Base-t nic, but i think i will use another connect-3 card and connect to the 10GB on the sfp+ being i already own the card and it is the cheapest option.

So that is the physical layout of my network.

Next i want to work on dhcp/dns/vlans and virtual switches of my setup to optimize network. I been reading that it better for vlan and dhcp stuff to run on lawyer 3 switch as that faster then router method i currently have setup.

So this is where i need suggestions. Also i do run Window Server 2012 essentials that provides AD, backup and shared files. I am thinking of getting rid of that server and leveraging my truenas for storage and Aomei backup tool for backing up PCs. ESXI already has a vm backup setup.

Based on what i got going on and setup so far, do i setup dhcp on the switch, per vlan. I will need four vlans i believe. 1. home / 2. IOT / 3. Static IP / 4. DEV.
I dont think I want to go crazy with vlans for management, etc. I just need IOT only accessing Internet. ESXI servers accessing all four vlans. Possibly the home vlan accessing DEV vlan.

I also read it might make sense to setup a dhcp server, etc.

Thoughts?

i will update as i play around with what i end up doing as well.
 

Tom5051

Active Member
Jan 18, 2017
290
50
28
43
make sure you are running the latest firmware on those QSW-M408 switches, it took me months to convince them that their implementation of flow control was causing major slow downs. Be the version that was released in Jan 2021. VLANs dont work properly on these model switches either but I gave up trying to get that solved.
 

marcoi

Well-Known Member
Apr 6, 2013
1,437
239
63
Gotha Florida
make sure you are running the latest firmware on those QSW-M408 switches, it took me months to convince them that their implementation of flow control was causing major slow downs. Be the version that was released in Jan 2021. VLANs dont work properly on these model switches either but I gave up trying to get that solved.
That was the first thing I did. I also just updated the dell power connect 8024 to latest version which was dated 2015 lol.

I been disabling flow control on my devices to see how things go in that regards. IDK if it makes a difference or not, but I saw a suggestion that it should be disabled.

Side note the 8024 idles at 125watts and get loud. I have to see if I can run it on on psu and if there are green settings available.
 

marcoi

Well-Known Member
Apr 6, 2013
1,437
239
63
Gotha Florida
So i am starting my new design on paper, so i know what im doing when i rip everything apart lol.
Right now i am using WS2012Essentails to provide an AD, mail services, network storage and pc backups.
I know its going to be EOL soon for WS2012. So i been looking at pricing for WS2016 and2019. I know with 2019 the essentials part is gone, etc.

So im thinking of dropping the WS all together and going with separate solutions.

i don't think i need an AD, there are only 2 users in the house and 5-6 pcs give or take. I think local user should be fine.
For storage i can use my truenas and configure SMB? to give access to pcs? I would have to manually configure the mounts, but shouldn't be too bad.
For backup i was looking at Aomei Backupper Technician to backup to TrueNas storage area.
i can find a standalone mail program.
DNS can be done on Pfsense, etc.

Any reason to purchase a WS2016/19 license or just go with dropping the WS/Ad all together?