Advice on home network equipment

3Greens

Novice Member
Hi, thanks in advance for your advice and guidance!

I am in the process of setting up IT equipment in my home and having researched the subject, find myself going around in circles and in need of some advice of what networking equipment I actually need. Hopefully someone here will be able to lend a hand/their opinion.

The general requirements/background info:
  • 2500sqft house over 4 floors with reasonably thick walls
  • The house has cat5e cabling throughout
  • Internet access is via 100MB fiber
  • The network needs to accommodate simultaneous streaming on multiple devices. I work from home and require a stable connection to my work network (which should be simple given the fiber connection!)
  • Multiple smart-home/IoT devices will be connected and accessible within and outside the LAN: e.g. Nest Cameras, doorbell, Zigbee hubs & lighting throughout, alarm, thermostat - I will set up HomeAssistant on a RaspberryPi 4 to manage these devices
  • For security, I would like to segregate IoT devices on their own LAN or VLAN (they will connect both via WiFi and Ethernet). If the set up has VLAN support, I would also want to set up a guest wifi network.
  • When accessing the network from outside the home, e.g. to set thermostat, I would prefer to do this via VPN rather than port forwarding to various devices - I'm not against setting up a VPN server on the RPi or having this integrated in the router.
  • As the house has Cat5e cabling, I will use this to connect some bandwidth hungry devices (Apple TV, etc.). It also makes sense to use this for wifi extenders/APs or Mesh router nodes if I go down that route.
Given all of the above, I think i need the following:
  • Basic ethernet switch
  • Router which supports VLAN (at least to some basic extent)
  • router with VPN server capability (ideally and for convenience)
  • Extendable wifi or mesh system supporting ethernet backhaul
  • I would prefer local config rather than systems which force you to use cloud hosted services.
Based on all of the above, I have looked at the following:
  • Google Nest Wifi - i liked the simplicity and supposedly good performance. I was ultimately put off by lack of more advanced features, inability to connect nodes via ethernet and the need to use google's cloud service for all config.
  • Linksys Velop - again i liked the simplicity and reasonable feature set. I backed away from this as the "guest wifi" only represents very basic VLAN support which can't make use of ethernet connections, anecdotally wifi performance is so-so for the price. Again put off by the need to configure via cloud service
  • Netgear Orbi - very impressed but given the high price tag, the focus seems to be on strong wifi and not a rich feature set (e.g. vlans and VPN).
My current front runner is the Netgear Orbi Pro as it provides all of the above features but i do have some reservations:
  • This is obviously a business router and i appreciate much of the functionality is probably overkill for home use
  • I like that it supports 4 VLANs for home users, IoT devices, guests and admin
  • I think documentation could be better - I'm still struggling to determine if the VLANs include devices connected via ethernet and if the nodes support ethernet backhaul
  • I like that it has a built in VPN server
  • It's very expensive to use as a domestic router.
At this point, I feel like there must be a better/cheaper option, even if it means using additional devices and while the Orbi Pro probably would do a great job, I can achieve all of the above very comfortably using consumer grade equipment. I appreciate that within all of this, there is going to be a degree of over-kill/tinkering value which I do fully accept and and am happy to tone up/down as makes sense!

I do wonder also whether, given the cat5 cabling, it makes more sense to go down a more traditional router -> switch -> AP model... but I guess this would require an expensive managed switch for VLAN support...

Thank you for reading this far and any advice is very much appreciated.
 

mushii

Distinguished Member
You need to start with a decent router as it will be the heart of your network, none of what you have discussed covers a ‘decent router’. Given what you want to do I think you need to start from scratch looking at MicroTik, Ubiquiti, pFsense, untangle, Draytek or similar. Once you have settled on a routing solution, then you will want a managed or smart switch (which aren’t that expensive- £150 for a 24port solution) and then decide on what kind of access points you want to use. In a property of your size I would forget any sort of mesh systems, you need wired backhaul to APs.
Once you have settled on all of this you can look at your vLans and VPN solutions.
 

3Greens

Novice Member
Thanks for the quick reply.
it makes sense and I think it feels like the more solid path to go down.
i still consider my understanding of this as very basic so why, as you mention, does something like the Orbi Pro not constitute a good router (I appreciate it’s effectively a multi functional device)?

I should add that while I want something robust and will admit that I do like the tinkering value (to a point!) this is a home network so some degree of simplicity isn’t a bad thing where there isn’t a significant trade off in performance.
It might be worth adding that ISP is virgin and modem is their media hub 3 run in modem mode.
 

mushii

Distinguished Member
Wow where do I start. This set-up is designed for open commercial type environments where you want to deploy a totally wireless network. Why do I say this, because each of the Orbi APs has an 8x8 mimo radio in it with 4 of those 8 channels being the backhaul, which is why each of the AP (satellites) SXS80 cost over £310 each and the SXR80 Router is close to £500. So unless you are going to utilize this 4x4 mimo 5GHz backhaul (which wont work well through dense walls as its 5GHz) you are wasting a lot of money on something that you will never use - and no you cant reclaim those 4 radios if you hard wire them, they are dedicated backhaul.
So for your property you are probably going to need (as a minimum) the 3 satellite package - which is £1,233 and then you will still need a managed switch for your VLANS so add another £130 for a Smart 24 port switch, total £1363. You could build a Prosumer network for less money.

eg.

Ubiquiti UDM UniFi Dream Machine WiFi 5 Network Appliance - £275
Ubiquiti UAP-AC-PRO UniFi AC1750 Indoor/Outdoor WiFi 5 PoE Access Point, Three Pack - £400
Ubiquiti US-16-150W UniFi 16-Port Layer 2 Managed Gigabit PoE+ Switch w/ 2 x SFP Ports (150W) - £275

Total £950

OK The Ubiquiti setup is only Wifi5 and not Wifi6 but its £410 cheaper and IMHO a much better setup and more flexible.

Its really down to what you want out of your network. My House is about 3000Sqft over 3 floors. I Run a UDMP, with 3 Ubiquiti AC Lites (one on each floor) and and 3 Netgear Prosafe Switches (one on each floor) in a heavy IoT home. I work from home, my wife has been working from home, 2 teenage daughters with Switches, macbooks, smart TVs, PS4s, Iphones etc and my network never misses a beat. Yes its pretty heavily cabled but even with 70 - 80 devices hanging off my network its fine, (looking at my network I see 33 active devices on my wifi currently).

I am also a Smart Home integrator and have configured a lot of smart homes and their networks. My best advice is take as much traffic off the wifi network (Cable what you can) and leave the wifi for mobile devices.

The question then is do you need £310 access points to deliver good quality wifi?
 

mickevh

Distinguished Member
If you want separate VLAN's then managed ethernet swiitches and AP's that can avail multiple SSID's then forward each SSID onto the ethernet infrastructure using separate VLAN's to a router that is capable of routing between the VLAN's and the Internet (which in routing terms is essentially "just another VLAN") as desired would be the way I'd go.

Essential this is a small scale "enterprise" type system like we'd typically build in a "corporate" environment, but on the scale of something like a smallish branch office. But without much (if any) "security" (in a corporate environment I might be deploying something more robust than the almost useless "Wi-Fi key" to police who gets access.) And a VPN end point in your router.

As described that sounds very complicated, but in networking terms it's quite a simple paradigm which should be (relatively) easy to set up and require no maintenance unless you want to change something.

You might be lucky to find something "out the box" in the SOHO marketplace that does all this.

With switches, there's managed switches and managed switches, with a catalogue of "additional" functionality various models avail to choose from and prices to match. An entry level switch with a basic feature set isn't much more than an unmanaged switch. For what you wish to create, you are really only looking for something that supports VLAN's and Port Trunks (support to pass multiple VLAN's over the same physical link) though I'd also look for Link Aggregation (bind multiple physical ports into a single logical link with more bandwidth) which could be useful in the future if you run out of bandwidth.

Similarly you want some AP's that do the same - support multiple SSID's then deliver those through a Port Trunk onto the rest of the wired network (ie whatever switch it's connected to.)

In olden days, we'd have to buy routers with separate physical interfaces (ports) for each LAN/VLAN but these days routers also support Port Trunks so you'd take all your VLAN's up a single Trunked physical link between switch and router and the router then will have (depending on what they call it) "virtual" interfaces within which unpicks the Port Trunk and then routes as appropriate.

Power Over Ethernet (POE) would be worthwhile to. Most "decent" AP's run on POE these days which save you having to get a separate power cable to them. I'd source a POE switch rather than use separate POE injectors, though it might be cheaper to run a non-POE switch with injectors, it's less neat.

I agree, it seems pointless looking at "mesh" systems that backhaul over Wi-Fi if you have cabled infrastructure in place that can handle it much faster and more reliably. A small fleet of "managed" AP's is probably what to look for to get all the "good" stuff like client/waveband steering and a unified management platform, though I couldn't recommend any particular offering.
 
Last edited:

Streamer73

Active Member
Take a look at Aruba Instant On, ticks all your boxes and are basically re-engineered enterprise grade APs and switches - I have a friend using some of these in one of his pubs and they work great.

(For transparency, I work for them! - mods, please delete if this breaches any rules?)
 

mickevh

Distinguished Member
A further thought that occurs - when looking for switches that are "VLAN capable" be aware that there are some switches that are capable of "passing" VLAN tagged traffic, but have no facilities for configuring which ports are in which VLAN, setting up port trunks and so forth. They tend to be the cheap "unmanaged desktop" switches, but just watch out for it - just because is say "VLAN compatible" it might not be what you need - best to download the manual and check it offers the ability to "configure" VLAN's and ports as required.
 

mushii

Distinguished Member
Take a look at Aruba Instant On, ticks all your boxes and are basically re-engineered enterprise grade APs and switches - I have a friend using some of these in one of his pubs and they work great.

(For transparency, I work for them! - mods, please delete if this breaches any rules?)
Are there any licenses or ongoing costs with the Aruba Instant On? If there are, how much would they be?
 

Streamer73

Active Member
No licenses at all, the switches have lifetime warranty (for the first owner), APs have 1year warranty which can be extended if you choose - no other ongoing costs. We don’t sell direct but there are links on the website to purchase from partners.

Let me know if you need any help choosing!
 

3Greens

Novice Member
thanks again for the advice so far... having done some more research. I feel like the following would work quite well without being overly complicated:

router:
On checking, i actually don't need more than 10 Ethernet ports so could even get away without a switch (for now)

and just pair with some access points, e.g,:

Unless I'm missing something, that set up would give me ample support for setting up VLANs from the router and VPN, adding additional access points if needed (albeit would require a switch) and all using commercial grade equipment.

I haven't seen the ubiquiti UI but from what I've read i get the impression, it will let me configure all components as a single entity and potentailly is reasonably idiot proof...

Thoughts?
 

mushii

Distinguished Member
I wouldn’t go down that route. You would be better with the Unifi Dream Machine and a couple of the Wifi6 AC Lites using POE injectors. The interface will be much better and will allow much better provisioning of VLANs.
 

3Greens

Novice Member
I had looked at that but couldn’t work out what I was getting for the extra money (apart from a neater UI?). Obviously happy to have the AP built into the router but because of where it will be placed, wifi from the router itself will be sub optimal meaning an extra AP anyway.
 

mushii

Distinguished Member
To be able to update and deploy UniFi APs you need a Controller. This can be on a phone, a PC, in the cloud, or on a local device called a cloud key. The UDM contains a Router, a Controller, an Access Point and a 4 Port Switch all in one device. Given the size of your property you will need multiple (3 or 4) access points for good WiFi coverage.
 

JP56

Member
If you want separate VLAN's then managed ethernet swiitches and AP's that can avail multiple SSID's then forward each SSID onto the ethernet infrastructure using separate VLAN's to a router that is capable of routing between the VLAN's and the Internet (which in routing terms is essentially "just another VLAN") as desired would be the way I'd go.

Essential this is a small scale "enterprise" type system like we'd typically build in a "corporate" environment, but on the scale of something like a smallish branch office. But without much (if any) "security" (in a corporate environment I might be deploying something more robust than the almost useless "Wi-Fi key" to police who gets access.) And a VPN end point in your router.

As described that sounds very complicated, but in networking terms it's quite a simple paradigm which should be (relatively) easy to set up and require no maintenance unless you want to change something.

You might be lucky to find something "out the box" in the SOHO marketplace that does all this.

With switches, there's managed switches and managed switches, with a catalogue of "additional" functionality various models avail to choose from and prices to match. An entry level switch with a basic feature set isn't much more than an unmanaged switch. For what you wish to create, you are really only looking for something that supports VLAN's and Port Trunks (support to pass multiple VLAN's over the same physical link) though I'd also look for Link Aggregation (bind multiple physical ports into a single logical link with more bandwidth) which could be useful in the future if you run out of bandwidth.

Similarly you want some AP's that do the same - support multiple SSID's then deliver those through a Port Trunk onto the rest of the wired network (ie whatever switch it's connected to.)

In olden days, we'd have to buy routers with separate physical interfaces (ports) for each LAN/VLAN but these days routers also support Port Trunks so you'd take all your VLAN's up a single Trunked physical link between switch and router and the router then will have (depending on what they call it) "virtual" interfaces within which unpicks the Port Trunk and then routes as appropriate.

Power Over Ethernet (POE) would be worthwhile to. Most "decent" AP's run on POE these days which save you having to get a separate power cable to them. I'd source a POE switch rather than use separate POE injectors, though it might be cheaper to run a non-POE switch with injectors, it's less neat.

I agree, it seems pointless looking at "mesh" systems that backhaul over Wi-Fi if you have cabled infrastructure in place that can handle it much faster and more reliably. A small fleet of "managed" AP's is probably what to look for to get all the "good" stuff like client/waveband steering and a unified management platform, though I couldn't recommend any particular offering.
Everything discussed in this thread is way above my level of understanding, since I am just a home user and really know nothing about IT, but it is interesting reading and has brought to mind for me, a big question since I was just looking to expand a router capability. WHAT is the difference between a "Managed" and an 'Unmanaged" router switch please?
 

ChuckMountain

Distinguished Member
WHAT is the difference between a "Managed" and an 'Unmanaged" router switch please?

You are compounding two different things.

A router is generally always managed.

By "managed" it means it has an interface usually a web page interface (GUI) but could be a command-line (CLI) one that allows the administrator (you at home) to configure the settings on it. On an ISP one that will be generally not much as they want to keep support simple. On a one that you buy it could offer a lot more functionality.

SOHO routers are a jack of all trades and often combine a modem, a router, a switch and a wireless access point.

Then switches can come in managed and unmanaged varieties. Unmanaged are just plug and play and either work as intended or not, usually the former, you cannot configure them in anyway.

Managed switches allow you to change settings via a GUI\CLI and this can range from everything from disabling a port to create VLANs etc.
 

mushii

Distinguished Member
In laymans terms - an un-managed switch is one that you plug in and it performs the basic functions of a switch, it allows multiple connected devices to communicate.

A managed switch has an interface (either Command Line or GUI) that allows you to make changes in the way that the switch performs its core functions. Examples being creating VLANS or prioritising certain types of data for processing - e.g. AV or Voice data over other data types.

@mickevh can explain this better at a technical level, but I think that this simple explanation should suffice.
 

mickevh

Distinguished Member
I don't have anything much to add to what's been said already, except the reason unmanaged switches are unmanaged is that as there is literally nothing required to "configure" them to get them working, so they don't need a management tool. Power up, plug in, and off you go.
 
Last edited:

JP56

Member
I don't have anything much to add to what's been said already, except the reason unmanaged switches are unmanaged is that as there is literally nothing required to "configure" them to get them working, so they don't need a management tool. Power up, plug in, and off you go.
So if my router has 4 ports and I need more, can I just get an unmanaged switch with 5 ports, and plug it into one of the 4 ports on my router and get the additional ports I need, and my router would then be the equivalent having 8 ports?
 

ChuckMountain

Distinguished Member
So if my router has 4 ports and I need more, can I just get an unmanaged switch with 5 ports, and plug it into one of the 4 ports on my router and get the additional ports I need, and my router would then be the equivalent having 8 ports?

Yep basically.

The reason I say basically is that some routers don't have gigabit switches\sockets and are limited to 100Mbps. Now that is fine because most non Virgin\FTTP broadband speeds are below 80Mbps.

However if you want to say copy files between two PCs or a PC and a NAS they can copy them a lot faster on gigabit (1000Mbps).

If that was the case, I would buy an 8 port gigabit switch and plug one cable from router to switch and everything into the switch.
 

JP56

Member
Yep basically.

The reason I say basically is that some routers don't have gigabit switches\sockets and are limited to 100Mbps. Now that is fine because most non Virgin\FTTP broadband speeds are below 80Mbps.

However if you want to say copy files between two PCs or a PC and a NAS they can copy them a lot faster on gigabit (1000Mbps).

If that was the case, I would buy an 8 port gigabit switch and plug one cable from router to switch and everything into the switch.
I think I am beginning to understand all this stuff a bit better, although not positive yet lol. This all started with me wanting to add a VPN and had been looking at something called ExpressVPN which would require an open source router so that I could just install it there and protect everything that I use online as opposed to putting it into each device. I don't know if you saw my original post on that ( Need advice on Internet Equipment & Compatibility PLEASE HELP! ) on this site, but that is where I posted my initial questions on equipment to buy to do this & get the best Wi-Fi coverage thru my home. My ISP is Xfinity/Comcast and they have been horrendous for the entire 30 years I have had them. They are also the "only game in town" here at my location in Bethel CT. My service has worked it's best after one of their service techs came & told me to order a Nighthawk X6 R8000 router. That helped really well, until my modem started acting up AGAIN because my ISP decided that once again my modem had reached it's "End of Service Life" which only meant that they wanted me to upgrade again since I was not renting their modem. I ended up giving them their blood money on their modem/router rental because it started getting pricey replacing my modem every time they went nuts about it! So right now I have my AC4200 nighthawk hooked up to their Modem/Router but now my 5g connections have disappeared and I want a VPN and at the same time do not want to keep paying them for equipment rentals for something that should be included in the cost of my monthly bill anyway. So I am looking to expand so to speak by buying my own equipment, and hopefully I can find something new enough capability wise that will last me for sometime before requiring another upgrade. Hope I am making sense here to you. I do appreciate the time and input from you.
 

The latest video from AVForums

LG G1 OLED Evo TV and SVS SB-1000 Pro subwoofer reviews, Samsung OLED rumours and more...
Subscribe to our YouTube channel

Latest News

What's new on UK streaming services for May 2021
  • By Andy Bassett
  • Published
Samsung's 110-inch Micro LED TV on pre-order at Harrods
  • By Andy Bassett
  • Published
Bang & Olufsen introduces Beosound Emerge speaker
  • By Andy Bassett
  • Published
Sony launches native 4K VPL-VW290ES and VW890ES projectors
  • By Andy Bassett
  • Published
AVForums Podcast: 14th April 2021
  • By Phil Hinton
  • Published

Full fat HDMI teeshirts

Support AVForums with Patreon

Top Bottom