Home Network

I decided to write some documentation around my home network - every now and then I start scratching out a diagram for someone who asks so thought it was about time to put something together. It is a bit of a mishmash of different gear which has been good to understand a few different platforms (Cisco, Netgear and Unifi / EdgeOS / Vyatta).

The majority of the network gear is Ubiquiti; I have been a fan of Ubiquiti wireless products for a while and more recently their USG product which has been a great router. Some of the main reasons I picked Unifi

  • Interface is nice - WebUI can be limited as all the functionality of the USG is not broken out yet. This is not so much of an issues as the configuration can still be manually modified on the controller.
  • Interface is still being worked on heavily and there are very frequent updates which fix bugs but also break out and add new functionality like IPS.
  • With the USG you can enable Intrusion Prevention System (IDS) or Deep Packet Inspection (DPI) which are both nice product features.

Equipment

Layout

Network Diagram

Internet connection

The Internet link for the network is decent. I have NBN, sadly not fiber to the premises but fiber to the node (VDSL). Luckily my node is not far away and I am syncing at 10040 MBit.

For connecting to the DSLAM I am using the TP Link Archer VR600. I was really surprised with the TP Link router. It has a no frills interface with lots of options - I do not really use any of the features but it was a nice experience when compared to some of the DLink / Netgear interfaces I have used before (they tend to be over the top, try to look flashy, are fragile and easily break). The TP Link router is run in bridge mode with most features disabled and the Ubiquiti USG handles the PPPoE connection.

The Ubiquiti Unified Security Gateway (USG) is a brilliant little router. It is very configurable through the centralised management interface and can be tweaked even more through modification of the configuration files if necessary. If you have not seen the interface before, have a look at the Ubiquiti demo.

Management

The main device that I use to manage the network is the Ubiquiti Unifi Cloud Key. This brings the Unifi centralised controller onto a small ARM PC. I preferred this over rolling my own as I tend to rebuild my Linux box every now and then so it has been good having the controller separated from the development box. The cloud key is easy to use - it is running Debian so the command line should be relatively familiar to anyone who has used Ubuntu Server / Debian on the desktop. Updates or beta installations can be done manually from the command line using dpkg (similar to installations on a Ubuntu / Debian box) or through the cloud key interface.

The other network devices, mainly switches all have their own management interfaces.

Wireless

The wireless network is a sole Unifi AC Mesh AP - it is a rock solid device. Never falters. Never drops clients. High throughput for all my devices. I cannot stress enough how much I love the Ubiquiti APs.

  1. The mesh APs are well priced - considering the cost of some consumer grade high end APs (worse for business grade solutions), Ubiquiti’s price point was quite good for a centrally managed wireless network.
  2. They gave some flexibility to rework placement in the house. I am renting so depending on the house I might need to pick up another mesh access point to get full coverage. The mesh APs support back haul between each other so should provide good throughput even without a wired connection to all the APs.

In the current 3 bedroom house the one mesh AP easily covers everywhere with very good throughput - including the front yard.

Switches

I have a number of switches in the network and a few spare ones which are not currently in use

  • Netgear GS724T - Picked up off eBay for around $50 delivered. Good 24 port switch with a web console for advanced configuration. The majority of the devices connect into this switch with things like the Synology using two gigabit network ports bonded together to increase the throughput.

  • Cisco 3750-24PS - This is a new addition to my network and is currently providing POE to the Reolink cameras. Configuration was originally done through the serial port but once Telnet was configured the remote interface was used. I will be separating the camera network in the near future to limit access to the main network. This should be possible with a Ubiquiti EdgeRouter.

  • Ubiquiti 8 port Tough Switch - currently sitting in a box unused. I am tempted to hook it back up but it would mainly be used with the Ubiquiti mesh AP which is currently using a POE injector. The main thing to note with the Ubiquiti APs is that they are all 24v so are not compatible with the Cisco POE out of the box. You can buy a POE converter to step down the voltage for their devices. So hooking it up might be a tad overkill for one AP.

Security Cameras

I am currently using two Reolink RLC-410S cameras; picked them up off eBay for around $60-$70 AUD each. They have a decent interface and nice picture quality for the cost. The cameras are both powered via POE from the Cisco 3750-24PS switch, which I picked up originally to start building a basic Cisco lab. Have not gotten around to that yet but currently working well powering the two cameras.

There is also a wireless version of this Reolink camera (RLC-410WS) but power still needs to be run to them so I opted for the POE ones. Another Reolink product that was interesting was the Argus 2 which is their fully wireless camera. Similar to the Netgear Arlo camera (just a heap cheaper), they use batteries and trigger on motion. They cannot do continuous streaming but do offer live view - overall it would depend on your use case. They can be purchased with a small solar panel to keep the battery topped up, which would save recharging the batteries every few months.

For the DVR I am am using the Synology NAS for both of these cameras. It is currently setup to record and alert on detected movement to try and save some space on the Synology.

Things to do

  • I do have a few Cisco routers sitting in the cupboard. When I have some free time I will add them to the rack to have a play around with.
  • Looking for a second hand Unifi Switch to add to my growing Unifi collection - I cannot really justify paying a few hundred for a brand new one…