What's new

Good News: GB fiber; Bad News: AT&T snooping --> VPN router?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Strong Lead

New Around Here
First off, thanks for sharing your expertise with me. Back when I used to sell automation products, I used to tell my customers, "Hey, I'm an ME. I understand what the machine does. When it comes to wiring it, I break out in hives and punt to the smart applications engineers." Well, networking involves wires, which means my eyes glaze over when discussing the 7-layer networking model. I suspect my questions are "no brainers" those who actually work with this stuff on a regular basis, but there's quite a bit for the uninitiated to digest.

AT&T recently updates their TOS to specify they reserve the right to track and record every web site visited by anyone on the network. Not that I distrust a multinational corporation that answers only to a distant board of directors. Forget it! I trust them as far as I can throw one of their vans.

Although they deny throttling, I noticed some sites--even their own DirecTV on demand streams--run way slower than a GB connection should allow. Yes I know some sites bog down, but not the broad swath I see at any given time. I'll stop my rant before I get off into the weeds...

This weekend, I should receive my new QNAP TVS-873. If I want to do any P2P connections, VPN is pretty much required. While faster is always better, P2P speed is not really that critical (if I'm honest with myself).

Existing network:
  • ARRIS BGW210-70 from AT&T: handles fiber connection, wifi and telephony.
  • Cheap GB Ethernet switch (not managed).
  • Cat 5e cable.
  • I get 700 - 900 mb/s down/up from the farthest PC using the AT&T backbone for a speedtest. Other sites, not so much. As far as I can tell, I'm network limited, not router limited when connecting to their backbone without any VPN.
  • 4-6 hardwired devices (PCs & streaming)
  • 2-7 wifi clients (iPhones and tablets) at any given time
  • One UniFi AC Lite Access Point
  • A READYNAS NV+ V.1 that I plan to fob off on my brother-in-law. Talk about a miserable configuration & management experience...
  • Soon-to-be QNAP TVS-873 NAS (woot, woot!). Did I mention that I'll be able to get rid of the NV+?
  • Additional access point if I go with an Edgerouter (probably the UAP-AC-LR-US)
This leads to a few questions:
  1. I assume a VPN router is the way to go because it's designed to manage all the network connections. Is there an advantage to using the hefty CPU on the NAS?
  2. I don't see a need for QoS. Are the Edgerouters (ER-6P-US or ER-4) the preferred option for GB fiber <---> VPN?
  3. I've seen some threads mentioning the CCR1009 from Mikrotik, but I know even less about them than the EdgeRouters. Do they offer anything compelling for my usage profile?
  4. I have one computer that I use for on-line gaming (EveOnline), which can be sensitive to latency. Can I configure low latency for one PC without killing performance for the GB fiber connection to the rest of the network (I don't want to lose the HW acceleration)? I expect most users will prefer non-snooping access to the internet.
  5. I'd appreciate some links helping me chose a VPN that has servers in London (for EVE), the US backbone for web browsing/streaming services and international servers for P2P.
  6. I'd like to give close friends and family read/write privileges on public directories on the NAS. I hope someone can point me in the right direction for setting up the network side of remote access with a dynamic IP address, especially if I have a VPN.
  7. The NAS has 4 GbE connections with link aggregation. Is there a particular switch that fits my usage pattern, especially if I decide to pull dual cables? I don't plan to upgrade to a 10GbE switch until they get cost competitive. (Yeah, I know it doesn't do much good to hook up a fire hose from the NAS & switch to garden hoses connecting all the hardwired devices; or a 7.5 KW generator to a bunch of 16 gauge extension cords for those of you who live in hurricane country.)
I'm not particularly wedded to a single solution. Other than the labor to pull the cable, I don't have much sunk cost in the network itself. I know I'll have to go through the misery of pulling replacement cable when I upgrade the backbone to 10Gb-E, but I'll delay that as long as possible.

I've been building my own computers since the 1980's, which means I have basic PC HW & SW skills (including flipping dip switches, moving jumpers and getting those damned memory pins to fit into the small sockets that were narrower than the pin spread), but I'm a bit of a N00b with networking. I have no desire to invest 100 hours training myself on networking only to forget most of it by the time I need to use it again. While CLI brings back horrible memories of the VI editor, it's not really that bad with a real text editor --> copy/paste.

Anyway, thanks for your input.
I hope you all get the great experience of having friendly people offer their expertise in some other area where you're ignorant and over your head.

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!