Redoing Home Network
-
@pmoncho said in Redoing Home Network:
@brandon220 said in Redoing Home Network:
Multiple subnets in your home?
I have 3 subnets at home. Main, IoT, and guest.
I need to upgrade to the ER4. My ERLite has been great so far though. My ISP connection is 120/5.I am thinking of doing something similar to your setup. ER-X, UAP-AC-Lite, with cloud key and Netgear 8 port POE switch.
Was thinking about 3 VLANS, as I want to separate work laptops from the girls/Roku's, and camera's (coming soon). Plus I will be adding a 2nd AC Lite to the other side of the house. Not a big house but with an aluminum awning and other obstacles, connection speed drops in half in only 30'.
Yeah I'm thinking the same. The boys are constantly gaming since they are stuck from home so I want to separate that traffic. Wife's traffic is not required to be separate but I want to anyway. If they changed their mind in future it would be a lot more of a headache to redo everything.
-
@Grey said in Redoing Home Network:
You're literally building a broken network.
Sorry guess I don't understand how I'm building a broken network. Can you explain?
-
@jmoore said in Redoing Home Network:
@pmoncho said in Redoing Home Network:
@brandon220 said in Redoing Home Network:
Multiple subnets in your home?
I have 3 subnets at home. Main, IoT, and guest.
I need to upgrade to the ER4. My ERLite has been great so far though. My ISP connection is 120/5.I am thinking of doing something similar to your setup. ER-X, UAP-AC-Lite, with cloud key and Netgear 8 port POE switch.
Was thinking about 3 VLANS, as I want to separate work laptops from the girls/Roku's, and camera's (coming soon). Plus I will be adding a 2nd AC Lite to the other side of the house. Not a big house but with an aluminum awning and other obstacles, connection speed drops in half in only 30'.
Yeah I'm thinking the same. The boys are constantly gaming since they are stuck from home so I want to separate that traffic. Wife's traffic is not required to be separate but I want to anyway. If they changed their mind in future it would be a lot more of a headache to redo everything.
You can have different networks if you want to do that, but it's very inflexible to separate it by doing one LAN per room. If you use VLANs you can decide what device (or port) belongs to what network. That's why everyone does it like that.
If you have for instance a NAS or server with VMs it will belong to the LAN in whatever room you have it, and not where it belongs logically. And all traffic that comes into it will have to be routed over the firewall.
And that's why the firewall should be connected to a core switch in your kind of network - if you want to build a flexible network.
-
@jmoore said in Redoing Home Network:
@scottalanmiller said in Redoing Home Network:
@jmoore said in Redoing Home Network:
@Pete-S I think my plan is similar, if not the same. 1 poe switch in each office and 1 in each bedroom. That makes 4 switches. I only need 1 ap for my size house. I plan on adding IP phones in each office and bedroom. I don't want them to have cell phones yet. The main difference in my plan is that I'm not doing vlans off my main switch, I plan on different subnets like Eddie mentioned. I want all the switches to have poe because I'm adding IP phones eventually. I have tried to plan for everything but I'm sure there's something I forgot.
Multiple subnets in your home?
Yeah I'd like to segregate government traffic from wife, gaming traffic from kids, from my own stuff. Since the router has multiple ports I think it will be easier to just use different subnets( 1 on each router port). Vlans might be easier but I also want to do it like this for the challenge. Im sure I can figure it out if it isnt dead simple anyway. After looking at the router I will know more. Now if I'm doing something completely stupid just say so.
The "challenge" is VLANs. What you are doing is LANs. LANs are crazy simple. VLANs are LANs but with added management.
Example....
Deploy a Windows 2019 server on physical hardware.
Or... Deploy Hyper-V, then deploy a Windows 2019 VM on top of that.
If this was a systems lab, you'd say step 2 is better because it "does more" and makes you learn more things and is more how a business would do it. Same with your network. What you are doing is old fashioned physical LANs circa 1998. VLANs are literally the virtualization of that concept so that it is more flexible.
So your logic, that you want challenge and to learn, you'd specifically do the VLAN approach.
There are good reasons to still use the physical LAN approach, but that's all about performance and in your case, doesn't do that so doesn't apply.
However, your base logic of segregating traffic doesn't make sense, since it all mingles before leaving the house, anyway. What problem does it solve? Nothing. It just makes a simple network very complex.
-
@jmoore said in Redoing Home Network:
Yeah I'm thinking the same. The boys are constantly gaming since they are stuck from home so I want to separate that traffic.
But why? What do you perceive as value in separating the traffic? "Separating traffic" on its own is a negative. Unless there is a specific need, it's something that by saying it, should make you want to avoid it.
-
@Pete-S said in Redoing Home Network:
@jmoore said in Redoing Home Network:
@pmoncho said in Redoing Home Network:
@brandon220 said in Redoing Home Network:
Multiple subnets in your home?
I have 3 subnets at home. Main, IoT, and guest.
I need to upgrade to the ER4. My ERLite has been great so far though. My ISP connection is 120/5.I am thinking of doing something similar to your setup. ER-X, UAP-AC-Lite, with cloud key and Netgear 8 port POE switch.
Was thinking about 3 VLANS, as I want to separate work laptops from the girls/Roku's, and camera's (coming soon). Plus I will be adding a 2nd AC Lite to the other side of the house. Not a big house but with an aluminum awning and other obstacles, connection speed drops in half in only 30'.
Yeah I'm thinking the same. The boys are constantly gaming since they are stuck from home so I want to separate that traffic. Wife's traffic is not required to be separate but I want to anyway. If they changed their mind in future it would be a lot more of a headache to redo everything.
You can have different networks if you want to do that, but it's very inflexible to separate it by doing one LAN per room. If you use VLANs you can decide what device (or port) belongs to what network. That's why everyone does it like that.
If you have for instance a NAS or server with VMs it will belong to the LAN in whatever room you have it, and not where it belongs logically. And all traffic that comes into it will have to be routed over the firewall.
And that's why the firewall should be connected to a core switch in your kind of network - if you want to build a flexible network.
I get what your saying and thanks for the comment. I understand vlans and have done them. I have not set up a network using subnetting like this before and wanted to try for a learning experience. I do agree it is less flexible but its my home and very little will ever change. Also, my firewall will be connected to my main switch.
-
@jmoore said in Redoing Home Network:
@Grey said in Redoing Home Network:
You're literally building a broken network.
Sorry guess I don't understand how I'm building a broken network. Can you explain?
I did.
-
@scottalanmiller said in Redoing Home Network:
If this was a systems lab, you'd say step 2 is better because it "does more" and makes you learn more things and is more how a business would do it. Same with your network. What you are doing is old fashioned physical LANs circa 1998. VLANs are literally the virtualization of that concept so that it is more flexible.
I have setup a vlan before, just not at home. I have never used subnetting like this to create different networks, so thought it would be worthwhile to do.
-
@scottalanmiller said in Redoing Home Network:
However, your base logic of segregating traffic doesn't make sense, since it all mingles before leaving the house, anyway. What problem does it solve? Nothing. It just makes a simple network very complex.
If I have wife's switch connected to a different port on the router than my switch is connected to, and these are different lans at this point, wouldn't that segregate her traffic from mine?
-
@scottalanmiller said in Redoing Home Network:
But why? What do you perceive as value in separating the traffic? "Separating traffic" on its own is a negative. Unless there is a specific need, it's something that by saying it, should make you want to avoid it.
The boys are always doing heavy gaming. I don't want that to impact anything that I am working on. It possible wouldn't anyway but I wanted to eliminate the chance of it happening. Plus, again, learning experience, as businesses would likely do this either by subnetting or using vlans. Is this a worthless exercise?
-
@jmoore said in Redoing Home Network:
The boys are always doing heavy gaming. I don't want that to impact anything that I am working on.
That's totally unrelated to what we are discussing, though. 1) Gaming has no network impact, it doesn't use much bandwidth and 2) any impact it has, it has regardless of this bizarre segmentation as that doesn't change anything and 3) where you actually lose performance is all the routing overhead, but even that is tiny.
-
@jmoore said in Redoing Home Network:
I have not set up a network using subnetting like this before and wanted to try for a learning experience.
Doing a VLAN does all this, and more. There can't be anything new here compared to a VLAN. This is the "simplest possible scenario", all VLANs are built on this as the lowest common denominator of "LANing".
-
@jmoore said in Redoing Home Network:
I have not set up a network using subnetting
This isn't subneting, either. This is routing. This is "Making multiple LANs without virtualization." The same thing as VLANing, without the V.
Subnetting is something different, that doesn't involve routing at all. So very different than what you are trying to do.
But to be clear, none of these techniques in any way meet your performance goals.
-
@jmoore said in Redoing Home Network:
Also, my firewall will be connected to my main switch.
If you do that, and don't VLAN, this all falls apart and it won't work.
-
@jmoore said in Redoing Home Network:
@scottalanmiller said in Redoing Home Network:
However, your base logic of segregating traffic doesn't make sense, since it all mingles before leaving the house, anyway. What problem does it solve? Nothing. It just makes a simple network very complex.
If I have wife's switch connected to a different port on the router than my switch is connected to, and these are different lans at this point, wouldn't that segregate her traffic from mine?
Yes, it's segmented.... some of the time. But... why? What value does that provide? They are not segmented in the router. So the data all merges before doing anything useful.
It's like having two bedrooms in your house and telling people that the house is segments. It is, for sure. But the people in the bedrooms merge together in the hallway. And if there isn't a reason to keep their bedrooms apart, you are just adding walls without value.
Segmentation is never a goal. Segmentation is a tool. Tools are to meet goals. What's the goal that you are using this tool to achieve?
-
@jmoore said in Redoing Home Network:
Plus, again, learning experience, as businesses would likely do this either by subnetting or using vlans. Is this a worthless exercise?
Well, let's move up one level. A business would take any planning like this and say "we only do things that meet a goal." So while your goal can be "learning something", the vastly more important thing to learn is "how to decide how your network should be designed." Does that make sense?
You are asking a question "Would a business build this way?" But why not ask "How would a business approach the design in the first place?"
A business would say "here are my goals: X, Y, & Z". Then the business would enact a network design to achieve those goals.
Might a business use LANs, VLANs, or Subnetting depending on the available goals? Yes, they might. All three are valid. All three do very different things under different circumstances.
The problem here is, you are skipping the important step of value, which is determining what has value, and instead going to the under the hood "buttons" of the process. But since the buttons you are interested in pushing don't teach you anything new or anything you've not done before, and because they meet no goal or accomplish anything, it'll be very, very hard to learn from it because it doesn't do anything other than make your network harder to use.
Doing things for the sake of learning is great. But don't skip the best learning - learning how to decide on the design to meet your home business needs.
-
I always say: treat your home like a business. That doesn't mean "spend lots of money and use the same equipment that a business uses", because a business is bigger and makes its decisions based on its needs.
In order to "act like a business", you need to "think like a business": and that means looking at your needs (which includes getting learning and experience, don't discount that) and then choosing an answer that best suites those needs. Anything else is anti-business.
In your example, you keep mentioning segmenting and performance. But you don't state why segmentation of network traffic would be beneficial in this case (spoiler: it's not) nor why performance would benefit (spoiler: it doesn't.) So if you were thinking like a business, and presenting your case to do this to us as a CIO board, we'd turn down your proposal as lacking merit. Maybe the design makes sense, but if it does, you've not presented a reason for it yet.
That's the biggest value... treat this as a business proposal. In doing so: present a design and defend why it is superior to other options.
-
The reason segmentation doesn't matter: the data already is going to merge in the router. Merging in the switch doesn't make the data talk to each other or get mixed up in the switch. That's not how the data works. It's discrete. The idea that you need segmentation because somehow packets leak to each other is what VARs hint at to sell VLAN services where none are needed. VLANs have great use cases, but avoiding the comingling of packets one device sooner than they will mingle anyway, isn't one of them.
For the video games: if the boys were gaming with each other, instead of online, and their game traffic stayed on their physical LAN and never went to the router, then that would make sense and physically isolating that for performance could make a lot of sense. But that's not how it works. Their games are online. So their traffic is flowing up to the router and getting in the way of your traffic identically whether you put them on a different LAN or not, it doesn't change anything.
At the end of the day, the data is not segmented where it matters, only segmented where it doesn't matter. Rather like buying a car and being told that it is redundant. Sounds great, right? But what if the only parts that are redundant are parts you can't use like a spare steering wheel in the back seat or a second glove compartment in the trunk?
-
@scottalanmiller said in Redoing Home Network:
@jmoore said in Redoing Home Network:
I have not set up a network using subnetting like this before and wanted to try for a learning experience.
Doing a VLAN does all this, and more. There can't be anything new here compared to a VLAN. This is the "simplest possible scenario", all VLANs are built on this as the lowest common denominator of "LANing".
Alright I see what your saying. So basically a worthless exercise. Sounds like I should just use vlans if I want to do this. Btw most of my perceptions about how this works are from my studying. I passed the Network+ because they said subnetting and creating different networks to keep traffic separate will always improve performance and increase security, but make it less flexible. My home isn't going to change so I wasn't worried about the flexible part. It was also said that vlans will accomplish the same thing but just do it much differently. So I wanted to learn this other way of doing it just in case.
-
@jmoore said in Redoing Home Network:
Alright I see what your saying. So basically a worthless exercise.
Potentially worthless, but maybe there is a value here that we've not found yet. But not worthless if it turns out to be good practice in evaluating needs!