[Tech] Building a Multi-Level Home Network (Part 1)

Growing up, only a few people knew how to create a solid home network with some decent security. These days, devices come with software pre-loaded with settings/features that takes care of most of the trouble. Although, it’s still not bullet-proof. I’ve thrown together this guide on how I manage and work my own home network, in the hopes that it’ll make your lives a little easier when it comes to managing your home network, whether you have multiple floors and need wifi access to all rooms, kids whose internet traffic needs to be filtered and monitored, or just optimising your network to increase speed and reliability. You’ve come to the right place.

This article assumes you have basic-intermediate IT knowledge. If you know what a switch or router is, then you’re good to go.

What I’m dealing with here:

My home is a four-story house (including the garage which also hosts my workshop that needs a wired connection), the home was built in the early 2000’s and was not pre-installed with network cables (unfortunately, this would have made my life a whole lot easier) like most homes are today.

Let’s begin! So the heart of our network is our router and modem. Usually, in a basic home network, our ISP provides a device that can do both tasks of routing and modulating/demodulating. (More on this later). I use Optus Cable internet, meaning I have a coaxial cable coming into my house, plugged into my modem (in bridge mode) and directly connected to my pfSense router

Our WAN connection (Optus cable) is plugged in directly via coaxial cable into our modem (bridge mode), this is the plugged in via cat 5e into my pfSense router. From the pfSense, we plug directly into a Layer 2 Netgear Gigabit switch which is the backbone.

image-1-basic-wan-connection-vsdx-visio-professional

I decided to use a pfSense router due to the added customisation of it compared to the standard home modem/router that Optus gave me. We rent out a room of our house to a tenant and I didn’t want them using the same SSID and network as the rest of the family (This most likely won’t apply to most people here so I won’t delve too deep into it.)

If you’re using standard router/modem from your ISP, all you’ll need to do is plug it in. Most services that allow internet access will be on and working by default, such as DHCP etc.

Once the pfSense router is fired up we now need to get the cabling sorted to all the floors.

workshopperipherals

The backbone router is being used to distribute the connection throughout the house. The port layout are as follows:

Port 1 -> pfSense router

Port 2 -> AP #1

Port 3 -> User computer

Port 4 -> Cat 5e to fop floor

Port 5 -> Cat 5e to Switch #2

Also, there is a dedicated cat 5e running alongside the cable from port 5. This dedicated line is connected directly to the 2nd network interface card (NIC) on the pfSense router, the other side is connected to the Tenant AP. This is to isolate the tenants network entirely from the family network. The tenant is on a separate subnet, with a seperate access point with a separate SSID and password. (Obviously, for security purposes).

The level of house where all this is occurring is on floor #2, we will work our way to the switch underneath the house and then to the garage where my workshop is in part 1 of this series.

underhouse1

The Switch underneath the house is the second workhorse of the network.

Port 1 -> Connected to backbone switch #1

Port 2 -> Connected to Media Center Switch (Underneath TV in living room)

This connection was especially tricky, we needed to use an extra long masonry drill bit and drill a hole from underneath the house on level 2, to level 3 room next to the TV. Run a cat 5e up there. A good rule of thumb is not to have too many switches hanging off each other (max 2 in my opinion). This means that the media switch is 2 ‘hops’ from the backbone switch. Pushing it, but it works well.

Port 3 -> Connected to Garage Switch

Port 4 -> Linux Server

garage

Below is Garage Switch 3 and AP 2. (Cables are yet to be organised)

Finally, for part 1, we have the cable running from Switch 2 to Switch 3, which is in the garage workshop. Down here we have a Linux server, my gaming/development PC and a Linux server (Another post on that), that is currently under construction.

So there we have it, that’s the bottom two floors of the network – we already have a bunch of switches and multiple access points.

I’m not displaying IP addresses here for security purposes (even though their private IP’s). On top of that, all the access points are separated from each other and are split between channels 1,6,9 and 11. These channels do not overlap.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s