Home networking 2.0
Last weeks I saw several posts on twitter and the general interwebs about people who have a “provider” modem/router that is underperforming and not getting fixed by the provider or modem supplier.
Because Bart Breij always figures out what chinese headphones to buy, I’l try to return the favour by providing a list of things to buy to get a decent network.
The problem
What happens is that your perfectly working router gets a update. Most of the time it’s a good thing, especially when you receive a security update. But sometimes they mess up your whole network and there is no way to fix it but resetting and hope for the best.
Little more than a year ago after a issue with my KPN box I decided to take matters into my own hands. I did my R&D and re-did my home networking.
Research phase
First I needed to figure out what the my problem was. I made a short list:
- I did not have full control over the router part
- The build in switch was not manageable
- No external antenna’s for the wifi
- No way of building a roaming wireless network
Bottom line, only thing I thought was okay was the modem part that translates the signal to a ethernet connection. My provider (KPN back then) had the possibility to switch the box to “bridge mode”. That bypasses everything, making it a plain modem.
I needed to replace the following parts: Router, Switch, Wifi Access-point. You can buy a all in one solution like a Netgear Nighthawk, or a TP-Link Archer, but I decided to go for separate components so I could replace parts when they get outdated.
Wireless
Because we have Ubiquity hardware at the office I looked in to that, and the hardware of MikroTik. After reading a few redit threads about both ecosytems I decided it was best to use a Unifi (by Ubuquity) WiFi Accesspoint (AP) and a PoE switch so the AP gets power from the switch. That way I only needed one networking cable from my switch to the AP.
Router
Then the router part. It was an option to buy a standard router from the Unifi family, but I decided to recycle a old computer instead. Your old PC is probably much faster than your average router. There are a lot of dedicated router-linux versions. For example the OpenWRT software, originally designed as replacement for the good old Linksys routers, but now available for nearly every platform you can think of. There is a complete list of router OSes on Wikipedia.
I tried two of them out, OpenWRT and pfSense. After a few days with OpenWRT it was clear that it was ment to run on less powerfull hardware and didn’t have features like household wide ad-blocking and stuff (maybe it did with a patch, but not out of the box at least). So I tried pfSense. At first it was a litte hard to navigate all screens, but you’l get the hang of it.
What I bought
Well quite a few things in the end, but I’l leave it at the bare minimum I needed.
The switch, at the core of the network is a UniFi Switch US-16–150W. It has 150 watt of PoE power, more than enough to power my accesspoint. It doesn’t use 150watt of power constantly. It sends about 3.5 watt (yes, you can see that in the management software) to each accesspoint, unless they are booting up, then they use more. I chose the 16 over the 8 port model because of it’s 19" form factor.
The next thing I needed was an accesspoint, because I do like everything working together I choose a UniFi accesspoint as well. I chose a UniFi AP-AC-Pro. I picked the Pro model because it has 1300 mbit capacity (enough for a few years) and it has PoE+. That means it will negotiate with a switch to get the right amount of power.
The other thing I needed was some cables to hook everything up. I bought 6 red Cat6 UTP patch cables, and 3 blue ones.
Hook it all up
The provider modem/router/wifi-accesspoint is in bridge mode. So it only acts like a modem.
The pfSense router has two network interfaces, WAN and LAN. LAN is connected to the switch, the other to the modem. Setting that up is quite simple, I followed these steps: https://doc.pfsense.org/index.php/Installing_pfSense
It should not take you more than a hour to complete the installation and setup process. If it mixed up the WAN and LAN part, just switch the cables around 🕵️♂️.
If you connected everything you can start the UniFi controller software. It will guide you in setting up the switch, and the accesspoint. When you followed all the steps you should see something like the screenshot below.
Running for more than a year
I have had no issue at all for a year running this setup. Bridging the modem is the best way to stabilise your network and separate accesspoints make much more sense. Most houses do not have the meter cupboard in de center of the house, so it does not make sense at all to combine it with a router in most cases.
I’ve changed a few things in the past year:
- Added an extra accesspoint for better coverage in the house
- Virtualised the router in the home server (it has 4 network connections, so I mapped two of them straigt to the pfSense VM)
- Added a extra switch that does not have PoE to hardwire every wallsocket in the house so I can plug in everywhere.
- Moved to different house
- Switched from KPN to Ziggo (both Dutch ISP’s)
- Installed a small patch cabinet in the garage
If you have any questions about my setup and how to set it up, let me know. Maybe I can update the post to accommodate your questions.
