Network setup for multiple IOT (30+) devices

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Zentachi

Regular Contributor
Currently I have an asus ac86u router with around 60 devices connected.
7 wired / 9 on 5Ghz and the rest on 2.4 Ghz majority being IOT (30+ devices).
I use the latest merlin firmware on my asus, few scripts and openvpn.

I am moving soon and the asus won't be sufficient both in terms of coverage and the amount of clients (more IOT devices will be installed).
New place is around 90sqm (970sqf) split in two floors.

I was thinking of maybe getting another ac86u and connect it by ethernet (CAT6).
However, I am afraid that this might not be the best solution with 70+ clients and devices might get frequent disconnections.

I have read about ruckus that can support 100+ clients and have seen solutions like ubiquity, omada, etc. But I am too confused.

I saw also this post from Trip https://www.snbforums.com/threads/multiple-routers-or-mesh.67798/#post-636991
which seems to maybe fit my situation.

I don't expect a plug and play solution and don't mind getting dirty and learn.
Your recommendations and opinions will be greatly appreciated.
 

OzarkEdge

Part of the Furniture
Currently I have an asus ac86u router with around 60 devices connected.
7 wired / 9 on 5Ghz and the rest on 2.4 Ghz majority being IOT (30+ devices).
I use the latest merlin firmware on my asus, few scripts and openvpn.

I am moving soon and the asus won't be sufficient both in terms of coverage and the amount of clients (more IOT devices will be installed).
New place is around 90sqm (970sqf) split in two floors.

I was thinking of maybe getting another ac86u and connect it by ethernet (CAT6).
However, I am afraid that this might not be the best solution with 70+ clients and devices might get frequent disconnections.

I have read about ruckus that can support 100+ clients and have seen solutions like ubiquity, omada, etc. But I am too confused.

I saw also this post from Trip https://www.snbforums.com/threads/multiple-routers-or-mesh.67798/#post-636991
which seems to maybe fit my situation.

I don't expect a plug and play solution and don't mind getting dirty and learn.
Your recommendations and opinions will be greatly appreciated.

My AC86U covers 1650 sq ft x 3 levels from one side of the middle level, more or less. A second AC86U out the other side in a detached 1750 sq ft garage picks up any slack.

You may be fine with one AC86U. You'll be golden with two.

OE
 

Zentachi

Regular Contributor
My AC86U covers 1650 sq ft x 3 levels from one side of the middle level, more or less. A second AC86U out the other side in a detached 1750 sq ft garage picks up any slack.

You may be fine with one AC86U. You'll be golden with two.

OE

I am not that much worried with area coverage of the AC86U but mostly at it struggling with many clients. Right now with 60 devices I do get disconnections to devices a bit further away. I know for sure that I will do have more IOT devices on the new place and afraid that both AC86U will be struggling with so many clients.

Reading various suggestions on the forum for kinda of similar questions it seems that a setup something like a full Cisco small-business stack - RV340 router, SG110-16HP switch and CBW140AC APs (or similar) might be a more efficient solution. My hesitation is again in regards to the APs be able to support 50 IOT devices all on 2.4Ghz.
 

Trip

Very Senior Member
If you have the skillset, best bang for the buck would be actual VLAN-capable gear plus wifi APs built for 2.4Ghz density. Example stack:

EdgeRouter X ($60) (or EdgeRouter 4, $175, if you have gig internet)
Two used Ruckus R500's off eBay (usually $50 ea., ~$100-120 total)
Optional managed PoE switch in between router and APs if you can hard-wire both APs with ethernet (<$100). Otherwise, two PoE injectors or 12V/1A barrel plug AC adapters to plug-power the APs locally, hard-wiring the root AP to the router or switch and deploying the second wirelessly uplinked in SmartMesh.

Setup and configure the ER-X/ER-4 (several guides on YouTube) and add in VLANs, subnets, DHCP scopes and firewall rules to segment traffic. Then flash the latest Unleashed firmware for the R500 (free download, just have to register a Ruckus account) to both APs and do the Unleashed <10-minute setup, configuring private, guest and IoT SSIDs and SSID-to-VLAN mappings, and you're good to go.

Rock-solid network with segmentation done the right way, using the best possible antennas for high-density 2.4Ghz (PD-MRC and BeamFlex really do work, and do so for N-class clients, which basically no other product offers).
 
Last edited:

Zentachi

Regular Contributor
If you have the skillset, best bang for the buck would be actual VLAN-capable gear plus wifi APs built for 2.4Ghz density. Example stack:

EdgeRouter X ($60) (or EdgeRouter 4, $175, if you have gig internet)
Two used Ruckus R500's off eBay (usually $50 ea., ~$100-120 total)
Optional managed PoE switch in between router and APs if you can hard-wire both APs with ethernet (<$100). Otherwise, two PoE injectors or 12V/1A barrel plug AC adapters to plug-power the APs locally, hard-wiring the root AP to the router or switch and deploying the second wirelessly uplinked in SmartMesh.

Setup and configure the ER-X/ER-4 (several guides on YouTube) and add in VLANs, subnets, DHCP scopes and firewall rules to segment traffic. Then flash the latest Unleashed firmware for the R500 (free download, just have to register a Ruckus account) to both APs and do the Unleashed <10-minute setup, configuring private, guest and IoT SSIDs and SSID-to-VLAN mappings, and you're good to go.

Rock-solid network with segmentation done the right way, using the best possible antennas for high-density 2.4Ghz (PD-MRC and BeamFlex really work do work, and work in N-class wifi as well).

Thanks for your input Trip!
I was considering the EdgeRouter 4, but since no gig internet yet, might be better indeed to get the X.

I have a 24/7 PC, i7-6600U 2.60GHz 6th gen, 16GB Ram, 512GB SSD which I use for HomeAssistant in Hyper-V. The load is minimal and was thinking maybe to use this pc as a router with pfSense in Hyper-V as well. Will this setup have any advantage against the EdgeRouter?

Is the SG110-16HP switch a good choice (at least 8 ethernet connections)?

I will have a look around about the Ruckus r500 and might go ahead with them, but just in case any alternatives to them ?
 

Trip

Very Senior Member
Virtualized pfSense on x86 will bave the advantage of much higher CPU-driven throughput for software-based items such as OpenVPN, SQM, IDS, DPI, etc. Just make sure you spec enough virtual disk and dedicate enough NICs (I'd throw at least an Intel X350-T2 or -T4 in the PC, to pass through exclusively to pFsense.

Best alternative to R500"s would be... newer Ruckus. Haha. R510, R610. Also popping up on FleaBay quite often, per my post here.
 

Zentachi

Regular Contributor
Virtualized pfSense on x86 will bave the advantage of much higher CPU-driven throughput for software-based items such as OpenVPN, SQM, IDS, DPI, etc. Just make sure you spec enough virtual disk and dedicate enough NICs (I'd throw at least an Intel X350-T2 or -T4 in the PC, to pass through exclusively to pFsense.

Best alternative to R500"s would be... newer Ruckus. Haha. R510, R610. Also popping up on FleaBay quite often, per my post here.

Point taken about the Ruckus. I will try to grab two R500s (unless I find anything newer at a good price).

Last question and I will stop bugging you.... Just realized that the SG110 I mentioned earlier is an unmanaged switch. Any recommendation for a managed one?
So far I have seen this one ZyXEL GS1900-8HP but I am not very convinced.
 

Trip

Very Senior Member
For a basic managed switch for home use, TP-Link TL-SG series would suffice, as would Netgear or Zyxel (probably). If you're willing to pay a bit of premium to for guaranteed functionality, go Cisco SG250/350 or the newer CBS250/350 series, HPE 1820 and up, or if you CLI-fu is up to snuff, you can save big on rock-solid functionality with refurb enterprise off eBay (Catalyst, HPE 25__ and up, Juniper EX2200 and up, Brocade ICX, Adtran Netvanta, etc. ). Just make sure to watch out for models that might be excessively noisy and/or hot.
 

Zentachi

Regular Contributor
Added them to the shopping list and preparing the letter to Santa :)
Most probably will be going for Ruckus R610 and CBS350 (or Juniper EX2300, HPE 2530).

Many thanks!
 

Trip

Very Senior Member
Hopefully Santa reciprocates! Best of luck with the build-out. If you have questions, don't hesitate.
 

Smokey613

Very Senior Member
I have 38 devices on my network and another 5 Blink cameras that connect as needed.
 

Attachments

  • DA88F693-C351-4191-A65D-A15C9C5BF895.jpeg
    DA88F693-C351-4191-A65D-A15C9C5BF895.jpeg
    93.5 KB · Views: 86

Zentachi

Regular Contributor
I have 38 devices on my network and another 5 Blink cameras that connect as needed.
No major complaints about my AC86u as you can see has been working like a mule fully packed :)
empire.JPG

However, I am looking for something kind of future proof as I will be adding more IOT devices (10+ shelly) and I would like to keep all these IOTs to different VLANs.
 

sfx2000

Part of the Furniture
However, I am afraid that this might not be the best solution with 70+ clients and devices might get frequent disconnections.

I would strongly recommend to have a dedicated AP (with it's own SSID) for the IOT devices... otherwise they'll eat up airtime that one would want for Tablets/Laptops/Phones...
 

Zentachi

Regular Contributor
I would strongly recommend to have a dedicated AP (with it's own SSID) for the IOT devices... otherwise they'll eat up airtime that one would want for Tablets/Laptops/Phones...

That would be the ideal case, but I am not sure all the IOT devices will be able to reach this one AP. However, even if just the majority is using one AP that would be helpful. I was thinking of using my ac86u for this purpose. I found some articles around on how to use VLAN on asus. I will check it out to see if I can make it work.
 

Trip

Very Senior Member
I would read @sfx2000's comment as APs (plural), meaning a wireless topology however large, with a dedicated SSID + VLAN combo just for IoT.
 

sfx2000

Part of the Furniture
I would read @sfx2000's comment as APs (plural), meaning a wireless topology however large, with a dedicated SSID + VLAN combo just for IoT.

Depends on the 2.4GHz footprint - one might be enough, data rates for IOT needs are generally pretty low - the exception being video devices, so play it by ear...

One thing that can help with airtime is to disable legacy support for 802.11b - and airtime is the key challenge with 50+ IOT devices in a WLAN.
 

Zentachi

Regular Contributor
I would read @sfx2000's comment as APs (plural), meaning a wireless topology however large, with a dedicated SSID + VLAN combo just for IoT.

There will definitely be multiple VLANs and dedicated SSIDs. I am putting the plan down on paper. Already have watched a few video tutorials for setting up the Edgerouter 4 as well as Cisco switch for VLAN.


Depends on the 2.4GHz footprint - one might be enough, data rates for IOT needs are generally pretty low - the exception being video devices, so play it by ear...

One thing that can help with airtime is to disable legacy support for 802.11b - and airtime is the key challenge with 50+ IOT devices in a WLAN.

Indeed the data rates for IOT needs are pretty low. I am not sure how many 802.11b devices I might have. I will disable legacy to find them. Most probably I won't have a problem in replacing them to able to disable legacy support permanently.
 

sfx2000

Part of the Furniture
There will definitely be multiple VLANs and dedicated SSIDs. I am putting the plan down on paper. Already have watched a few video tutorials for setting up the Edgerouter 4 as well as Cisco switch for VLAN.

Don't go overboard with VLAN's and SSID's - as they add overhead...

Keep it simple - maybe two SSID's for the IOT WLAN, one for things that need internet access, and one for those that don't - which implies, at most two VLAN's.

even there, adds complexity - the best networks are simple networks, most folks over think it...
 

Zentachi

Regular Contributor
Don't go overboard with VLAN's and SSID's - as they add overhead...

Keep it simple - maybe two SSID's for the IOT WLAN, one for things that need internet access, and one for those that don't - which implies, at most two VLAN's.

even there, adds complexity - the best networks are simple networks, most folks over think it...

I was thinking of having 6 vlans, but maybe I should go simple with just Home, Guest and only one for IOT (blocking from internet the ones I want).
 

MichaelCG

Very Senior Member
I run 4 VLANs at my house.
- LAN - default internal network where most modern compute resides
- WAN - sits outside my FW on the ISP router, this is where guest traffic drops
- LAN_IoT - controlled access to/from LAN, this is for my phones, media players, cameras, etc
- DMZ - for things I really want segmented...they get parked here with controlled ingress/egress to/from all other zones (there is no WiFi for this segment)

Another thought to limit the number of 2.4GHz IoT devices is to avoid them...is there a reason you are avoiding Z-Wave+ devices to help unload your WiFi? Just a couple of cameras being active pretty much tanks my 2.4GHz performance even with multi-APs. There are only so many channels to go around before you start stomping on each other.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top