Enterprise Network For Your Home? One Man's Journey...

[thiggins]

Lee Hutchinson over @ Ars has a nice long article describing his experience of building a pro level network at home.

 

[coxhaus]

Nice article but he seems to be missing network details like VLANs and network structure.

I found it. Some how I skipped it.

It is a very nice write up. He is a good writer.

Too bad no layer 3 switch. Routers have limits when you are talking 10 gig.

I wonder if he assigns DHCP IP addresses for guest clients? Where does the server live? The diagram does not depict it.

 

[sfx2000]

Too bad no layer 3 switch. Routers have limits when you are talking 10 gig.

Actually both switches are L3/managed... he's got a bit of overkill there, as he could define/design things for a home network at the router/gateway.

 

[System Error Message]

Nice article but he seems to be missing network details like VLANs and network structure.

I found it. Some how I skipped it.

It is a very nice write up. He is a good writer.

Too bad no layer 3 switch. Routers have limits when you are talking 10 gig.

I wonder if he assigns DHCP IP addresses for guest clients? Where does the server live? The diagram does not depict it.

my router can talk on layer 3/NAT at 28Gb/s without hardware acceleration as thats the total forwarding capacity needed to max out all ports, i bet ubiquiti's 80Gb/s router cant do this . It'd depend on the router you use. Layer 3 switches sometimes have a weakness and that is when things change on layer 3. So all layer 3 network switches/routers must communicate with each other (hence why we have things like BGP and other fancy protocols and methods around). So for him to set up layer 3 networking, it'd get long and complex.

 

[coxhaus]

My small Cisco business switch will route at layer 3 at 128 Gb/s. Layer 3 switches route at much higher speeds than switches. Plus if you use your router for local LAN traffic and internet traffic you are adding to the latency for your internet traffic. The router CPU has to time slice the WAN traffic and local LAN traffic at the same time. There is nothing complex about adding a layer 3 switch. There are no special protocols you need to setup. You just define the local LAN networks to the layer 3 switch.



I think L3/managed is another term for a L2 switch. Sounds like the router manages the L3 routing. The guy states in his article the switches are not L3 switches. Let me know what L3/managed means sfx2000.

 

[umarmung]

None of those Unifi switches are L3 switches. Only the Edgeswitch line is L3.

 

[sfx2000]

None of those Unifi switches are L3 switches. Only the Edgeswitch line is L3.

Yes, they are Layer 3 managed switches - read the info - links included

US-48-500W -- https://www.ubnt.com/unifi-switching/unifi-switch-poe/
US-16-XG -- https://www.ubnt.com/unifi-switching/unifi-switch-16-xg/

Folks need to get over this - yes, the network is way, way overbuilt...

 

[thiggins]

Hey, the guy is having fun. He said upfront that his build was not for everyone and not a recommendation for Ubiquiti gear.

 

[umarmung]

Yes, they are Layer 3 managed switches - read the info - links included

US-48-500W -- https://www.ubnt.com/unifi-switching/unifi-switch-poe/
US-16-XG -- https://www.ubnt.com/unifi-switching/unifi-switch-16-xg/

You cannot set up any Unifi switch as a gateway, hence they are not L3 switches.

If for some reason you are still not convinced, Ubiquiti maintain an impressive section for feature requests and this is a long running feature request:

https://community.ubnt.com/t5/UniFi...itches-Layer-3-Routing/idi-p/1315246#comments

 

[coxhaus]

I agree with umarmung. If the switch is routing then it would be a gateway just like a router.

I think L3/managed is a fancy marketing term which means nothing.

 

[netwrks]

IF there is any layer 3 on the Unifi switches, it would be inter-vlan routing, which is a supported configurable item on the Edgeswitch product line. Other than that, strictly layer 2.

 

[coxhaus]

In my Cisco layer 3 switch at home I have 4 VLANs and each VLAN has a network assigned to it. That means I have 4 network gateways in my 1 layer 3 switch . Plus there is a forwarding default gateway for unknown networks. My layer 3 switch routes IP addresses to which ever network it goes to or forwards it to the default gateway for unknown networks and out the switch.

 

[System Error Message]

so many people confused in what makes a switch L3. Its simple, if you can add routes to the switch and it can switch via IP then it is a layer 3 switch.

Vlans and MAC, layer 2
IPs and routes, layer 3
QoS, all layers.

If i have 2 layer 3 networks or subnets, and i want them to talk to each other without going through a router, this is what a layer 3 switch does.
A layer 2 switch can be IP aware but does not make it a layer 3 switch as it still switches on layer 2 even if it sees IP addresses. So unless your cisco switch has the option of routing between subnets for example, then it is not a layer 3 switch. A layer 3 switch is essentially a hardware based router.

Fun fact, the internet is made up of layer 3 switches and routers that have either static routes defined or dynamic routes updated via something like BGP, this has to be done very very fast so a layer 3 switch is used as well, but since configurability needed, you get cisco blade servers used that have such high backplane bandwidth.

 

[coxhaus]

I can unplug my router on my home network and my Cisco layer 3 switch keeps all the networks running. My home network works fine just lacking internet. My wireless is not on the router so even my wireless is still working. It makes for changing routers easy.

My Cisco switch has some QOS in my layer 3 switch. It is limited. I think it is there to support phones but can be used for other things.

 

[tman222]

Very interesting and entertaining read - I also went from basic consumer networking gear to realm of "prosumer" a couple years ago with Ubiquiti gear and pfSense for routing/firewalling. I agree with the author of the article that it's easy to get sucked into all this and keep adding to it and even over-complicate it. However, it is nice to have access to enterprise level features and the ability to have additional layers of security. The most important thing though if going this route with a more complex network is: backup, backup, backup. Unless you are an expert to start, it takes a significant time investment to set everything up and get it running smoothly. Backing up configuration files is critical so that if something does break down, it won't take the same amount of time to get back up and running again.

 

[sfx2000]

Fun read here...

https://www.troyhunt.com/ubiquiti-all-the-things-how-i-finally-fixed-my-dodgy-wifi/

Someone on a similar journey...

 

[jlficken]

I know how the author of that article feels. I went from an 8-port dumb switch in my home to multiple L3 and L2 switches, multiple NAS's, over a dozen cameras, and 5 UniFi AP's in under 2 years.

Like that author I have a love/hate relationship with UniFi.

The USG and the switch at the bottom are for a lab that I run for work since we use a USG Pro there. Right now I am fighting the STUN is partially degraded issue that just popped up for no reason and it is annoying me since the firewall is open on the EdgeRouter and it was fine before I had to reboot the USG the other day to fix DPI not working


I have OM3 fiber ran between my house and shop. There are 4 lines in total but I am only using 2 of them.

House:

Shop:

 

[coxhaus]

Nice switch. I wish I had a Cisco SG350 L3 switch. Does the L3 work well? I have the Cisco SG300-28 L3 switch running in L3 mode.

Wouldn't those racks work better if they were a little more open for cooling? That is a lot of enclosed equipment. It would not work down here in Texas during the summer unless you run a window AC unit to cool the room. I have a 220v window unit that I ran in the past for that very purpose of cooling my computer room separate from my central AC at home.

 

[jlficken]

Nice switch. I wish I had a Cisco SG350 L3 switch. Does the L3 work well? I have the Cisco SG300-28 L3 switch running in L3 mode.

Wouldn't that rack work better if it was a little more open for cooling? That is a lot of enclosed equipment. It would not work down here in Texas during the summer unless you run a window AC unit to cool the room. I have a 220v window unit that I ran in the past for that very purpose of cooling my computer room separate from my central AC at home.

Thanks! I got that SG350-28P as an open box off of eBay for $255 shipped with full warranty so I couldn't pass it up.

That rack is in my basement so it is pretty much 75F or below ambient there. Right now that switch is running at 38C and the fan is running at 7163rpm it appears. I would like to have more space but I was dumb and bought too small of a rack since I have added so much stuff

I started working with routing on the SG350 last weekend but abandoned it as I ran out of time to mess with limiting Inter-VLAN routing since my router is handling that right now.

I need to find a good tutorial on setting all of that up as I am far from being a networking expert and the wife gets cranky when I kill the internet since I don't have a spare L3 switch around

 

[coxhaus]

I would think the easy way if you need to use the switch is to put your wife and everything which needs to work in VLAN1 on the switch. Connect the switch to the router using an access port not trunk. Turn off DHCP on the router LAN side and hard code 192.168.X.1 on the router. Then use 192.168.X.254 for the switch side. Setup DHCP on the switch using 192.168.X.254 as the default gateway. This should allow everything to work. Then start adding your VLANs to the switch. For each VLAN you setup on the switch you will need a routing statement on the router to route back to the switch.

I would recommend you setup the router in a separate VLAN. It works well that way. Just move the router to it's own VLAN.

The one thing I forgot to say is with layer 3 you need to setup default route on the switch pointing to the router. Default route is the layer 3 version of default gateway which is layer 2. Default gateway is only used within the VLANs on the switch since the switch is running layer 3.