I'm currently in the market for home networking equipment but having a bit of a hard time narrowing down what I want to opt for. Rather than take suggestions directly, I'd love to know what's working for HN readers so I have more things to research!
Don't overthink it...unless your idea of fun is spending evenings being a sysadmin doing network management:<p>Cable modem -> Unifi Dream Machine Pro -> 2x Unifi Access Points (w/injected POE).<p>I have the ability to create multiple WIFI networks, including a guest network with temporary credentials, and configure QoS, firewalls, etc. if desired.<p>The multiple access points provides full coverage across my 4-bedroom single-story (rambler) home.<p>You could achieve similar results with even less effort (and cost) by doing:<p>Cable model w/built-in wifi -> 2x Eero Access Points (mesh networking)
My main switch is the Aruba S2500-48P (48x 1Gbps POE + 4x 10Gbps SFP+) and I use 2 Unifi UAP-AC-HD's for Wi-Fi (which I no longer recommend due to ongoing firmware issues). For routing, I have a custom built desktop with a micro-ATX board which runs OpnSense.<p>For things that "need" the performance (<i>), I originally used a pair of Arista 7050TX's that I was kindly allowed to borrow from work. Unfortunately, these things were pulling 350W when idle and increased the temperature inside my rack by 15°F. They're also very significantly louder than a 2U Supermicro server. They're easily heard two rooms away due to the high-pitched fan noise.<p>Nowadays, for things that need a link faster than 1Gbps, I just use a direct connection so I don't need power hungry switches. I have my storage server connected to the main Aruba switch with 2x 10Gbps SFP+ DACs and then connected it to my desktop with 100Gbps fiber (Mellanox ConnectX-4). The storage server just uses plain old Linux bridges to behave like a switch. Actual performance without any tuning is less than half of the line speed, but that's good enough for me since the SSD's are the bottleneck for file transfer now.<p>For VLANs/subnets, I keep things relatively simple: 1 network for trusted things (no restrictions), 1 network for untrusted things (internet access only), 1 network for wireguard (access to trusted network only; no internet). Everything is dual-stack because I'm one of the crazy folks who love IPv6.<p>(</i>) "Need" because I hate slow file copies over SMB :)
- Cat6 copper and multiple sockets in every room<p>- 19" Mini rack to hold patch panel and the rest of stuff<p>- ISP provided cable model/router set in bridge mode<p>- Mikrotik RB2011 as the main router / fw / wifi<p>- Synology DS211j as NAS with two 2TB disks in mirror<p>- Raspberry PI 2 to handle all stuff that's supposed to be running constantly<p>- PXE boot for multiple OS'es from router / NAS config<p>Most of the setup was done a long time ago hence some dated equipment but it works for me
ISP fibre -> ISP fibre terminating box -> Router Netgear R6220 running OpenWRT.<p>My home server and several machines are directly connected to the router via ethernet, and it also offers WiFi in the house.
The router offers regular IPv4 NAT in a /24, and passes down GUA and ULA /64s. It also runs a wireguard VPN, DNS and DDNS, and acts as firewall.<p>My home server runs Ubuntu and runs a lot of stuff, like storage, Nextcloud instance, torrent, internet radio, UPNP media share to the TV, and more. Mostly docker containers and traefik for HTTP, managed with ansible playbooks.<p>Considering I got both of those devices from the recycle bin, I'm very happy how they work.
4 bed house in the UK. Switches were chosen because they were fanless but still fully managed. I can't stand the whine of the tiny fans a lot of networking gear has. I have an R210ii I use for labbing Kubernetes clusters and stuff but it's loud enough to be annoying so I only boot when necessary.<p>- EdgeRouter 4<p>- Ubiquiti AC-Lites (would like to upgrade to WiFi 6 soon)<p>- Cisco SG300 28 port core<p>- x2 Cisco C3560CG-8PC-S for various PoE devices<p>- x2 2960G-8TC-L for offices<p>- Cat6 throughout<p>- Custom build "shuttle" server running Proxmox with various Docker and Windows VMs for Emby, Home Assistant etc.<p>- HP EliteDesk mini PC for a secondary server<p>- Netgear ReadyNAS for storage<p>- Raspberry Pi for bits like ADS-B (I like having a FR24 Business account in return)
Much like aladac, I ran copper. I move large files, and find that wireless is painful. I also know how to terminate fiber, so I have a few fiber runs.<p>I also use much older gear that I can get on the cheap.<p><pre><code> - Cat 6 to multiple drops in each room
- Server closet that houses patch panel, switches, battery backup, cable modem
- WAP in closet, it is not doing DHCP, its an apple extreme (latest ver)
- Linux server for NAS and DHCP/DNS and Cameras (motion)
- server has multiple nics (1G/10G) and multiple vlans
- 10G fiber to server and my personal box
- 48pt POE switch in switch closet, patches to patch panel
- running VLANs, one for normal users, one for NAS, one for cameras
</code></pre>
I will admit, I have several PIs all over doing temp/env monitoring and audio streaming in rooms (e.g. spa music in the bathroom when you walk in and turn on the light), so I need a fair number of ports.<p>I am very tempted to get a 24pt 10G switch and run fiber to each machine. It is not that I need 10G, but after you get a taste for a very low latency network like all 10G fiber, it is very tempting. Now with 40G/100G, the prices of those switches are nothing (I can get them for $200 from server supply) and the nics are hovering around $35-$50 each. At that point, it is almost worth it to go 10G for the low latency and jumbo frames.<p>Again, I used to do installs, so running cable is not a big deal. Once you start moving a lot of data, it is worth it to have a wired network. Having Linux do dhcp/dns (pihole type setup)/NFS is super handy.
As much fun as it was to tinker with all of the networking gear in years past, I have settled on using a google wifi mesh system for the time being at home.<p>If I could do it over again, I think that I would have opted for something a bit more "pro-sumer", perhaps ubiquiti's mesh system. For what it is, the google system works well enough, but there are a few annoyances that make it less than ideal for the average hacker news reader. An example of this is that you DO NOT get a web interface. Everything must be done with their mobile app.<p>The best part about the google system is that they intend for the routers to be setup and managed by an average person, which in my experience has lead to a very stable system. I couldn't tell you the last time I had to reboot any of the hubs and the family hasn't had any complaints. A close second is that the hubs each have an ethernet jack on them, allowing my desktop to be "hard wired" into the network and still get fiber-like speeds despite the fiber drop not being near the desktop computer.<p>Even in my small-to-mid sized home in suburbia seems to benefit from the mesh system and I won't be going back! The benefits are real.
My ISP provided router and a couple cheap (15€) switches (the Ethernet cables were integrated in the walls at the construction of the house).<p>Why a home network would need more (apart from 10 GB Ethernet but it get expensive really quick)?
ISP router into an Asus rt-68u with cable connection to 2 other asus routers on other floors of the house. Uses Asus proprietary aiMesh tech to configure them as one.<p>They work well-enough, but some of the advanced features of their firmware like QoS and NAS are garbage so I run vanilla settings.<p>I also have a pi4 for NAS and Minecraft world, and a 4 port tp-link switch my entertainment unit so all the hardware there is wired.
A passively cooled Shuttle PC as a firewall (Shuttle Barebone DS10U with an Intel Celeron 4205U, 8GB RAM), running pfSense. This is absolutely overkill, but I'm in control and some Netgate HW would have cost just as much with customs & shipping, and I wanted a "real" firewall behind the cheap plastic crap my ISP forced on me. I might install OPNsense on it sometime.<p>Unfortunately, the built-in wifi chipset isn't supported by FreeBSD, so I use a CSL AC1200 USB 3.0 wifi stick for that. It works, but sadly only supports running a single network at a time.<p>Aside from that: Some DLink/Netgear switches and plain old copper.<p>As a NAS: A custom built Ryzen micro-ITX (I think?) build running NixOS.
Since our apartment has a weird u-shaped topology I have unmanaged gigabit switches and four Airport Extremes for Wi-Fi (which I got off eBay for standardization, since they’re not being built anymore). Fiber comes into the house and the ISP router gives me 4x1Gb ports where I plug in my “spoke”switches.<p>2 IPTV set top boxes, a handful of Macs, too many Raspberry Pi’s and ARM dev boards, a NAS, my two Windows work machines, everything hanging off Gigabit or 802.11n.<p>Zero Wi-Fi meshing, zero remote management, zero hassles.<p>In fact, I’m starting to worry what I’ll replace this with, since I can’t really find Wi-Fi gear that doesn’t try to provide “added value” by forcing me to use some kind of cloud service.
I alway s have to post this. The most comprehensive wifi/router AP site I've found is by a guy named Jerry Jongerius.
<a href="https://www.duckware.com/tech/wifi-in-the-us.html" rel="nofollow">https://www.duckware.com/tech/wifi-in-the-us.html</a><p>Not just recommendations but incredibly detailed explanations. Recommendations can be found in Appendix B:<p><a href="https://www.duckware.com/tech/wifi-in-the-us.html#routers" rel="nofollow">https://www.duckware.com/tech/wifi-in-the-us.html#routers</a>
I have a Synology router and two base stations for it. This one - <a href="https://www.synology.com/en-global/products/RT2600ac" rel="nofollow">https://www.synology.com/en-global/products/RT2600ac</a> is the router and those two as base stations: <a href="https://www.synology.com/en-au/products/MR2200ac" rel="nofollow">https://www.synology.com/en-au/products/MR2200ac</a>. The router connected to the bases via ethernet cable, this ethernet cable almost hits a gigabit and wifi speed on my mac, inside the network, is about 800 megabits to the router.<p>The cost of the router and two stations was about the same as for router and one station of various hyped products.<p>It has got lots of smarts, VPN server, DNS server, highly configurable and you can opt in into Synology cloud with DDNS and connection to home network using their stuff. There’s security monitor, something akin to fail2ban, etc.<p>Additionally I have a Synology NAS that serves as a server using docker and as media station using Emby package. Additionally my old thinkpad laptop serves as a build agent for Drone CI primary that is running in docker on the NAS.<p>Everything else connects to internet and home network via WiFi, 800 megabits seems plenty for everything I want to do.<p>I am not affiliated with Synology, just a happy user that finds that everything I need to work, simply works.
Piggybacking on to this... I've currently split my home network into multiple VLAN, so that the IOT stuff can't access the "trusted" devices (or internet, depending on device).
However I realized it would be interesting to MITM the traffic and emulate the services these devices try to connect to, to see what data they are leaking. Does anyone know if there are any readymade software packages, or even tutorials, for this?
I’m experimenting a lot and will be upgrading/tweaking a lot more. Here is my current setup.<p>I have a TP-Link ER605 load balancing 3 Internet connections, and Wi-Fi with an old Apple AirPort Extreme (2013) + a few others as Access Points. I have CAT6 running around, served by a TP-Link Gigabit Switch.<p>A friend’s Startup shutdown at the beginning of the Pandemic and I bought his 27U Server rack for dirt cheap.<p>Here is the recent config - <a href="https://www.instagram.com/p/CUWeopdPVOp/" rel="nofollow">https://www.instagram.com/p/CUWeopdPVOp/</a><p>I added the 3rd Internet few days back. ISPs are competing and India is one of the cheapest when it comes to Internet Bandwidth/Speed.<p>Here is the typical speed <a href="https://www.instagram.com/p/CU1sAbcvHeY/" rel="nofollow">https://www.instagram.com/p/CU1sAbcvHeY/</a><p>Sneak peek of the Rack Setup<p><a href="https://www.instagram.com/p/CMhcHjEp-ww/" rel="nofollow">https://www.instagram.com/p/CMhcHjEp-ww/</a><p><a href="https://www.instagram.com/p/CVCRuf3PK-l/" rel="nofollow">https://www.instagram.com/p/CVCRuf3PK-l/</a>
I've recently updated my setup a bit.<p>FTTH -> MediaConvertor -> Ubuquiti EdgeRouter 4 (ER-4) -> Mix of TP-Link TL-SG2008P Switches, Netgear GS208E/GS205E Switches, all multi-VLAN -> Older HP Workstation with XEON procs running as VMware server (hoping to replace with something smaller and less power hungry eventually) -> OC200 Controller -> 2x EAP245v3 WAPs (Obviously not exactly in a chain order like that...)<p>I have a TP-Link TL-ER7206 that I may replace the ER-4 with (ER-4 is stable, and working well) (Would love to know if anyone is successfully running the TL-ER7206 with the Bell Canada provided SFP directly installed.)<p>(Had to go with the MediaConvertor because the SFP in the ER-4 has a bug and resets every 20 minutes or so)<p>Previously I had:<p>Cable Modem -> ALIX running pfSense -> Netgear GS208E/GS205E Switches multi-VLAN -> Older HP Workstation with XEON procs running as VMware server (hoping to replace with something smaller and less power hungry eventually) -> 2x MikroTik HAP AC as WAPs<p>I liked the setup, but the Cable Internet was slow by today's standards, and the ALIX only had 100M LAN ports, which limited my inter-VLAN communication speeds. (I couldn't justify the expense of new hardware required to run the newer pfSense/OpnSense) I liked the MikroTiks, but noticed that the wireless performance was slow once I moved to the Gigabit Fibre Internet.<p>The MikroTiks had replaced some TP-Link Archer C7 I was using as WAPs that were running OpenWRT. They were okay, but the devices needed to be reboot every 2 weeks or so (which was scheduled).<p>I've also run copper wire to various points to spread the equipment about the flat.
- Cat 6E in all rooms, Netgear 24P gigabit switch in the garage.<p>- Internet Modem/Router set in Bridge mode & taking care of guest WiFi network<p>- Own router sitting right behind it and taking care of internal Wifi network and connecting to the Internet using PPPoE<p>- Second router at my desk, relaying the internal WiFi signal (Asus AC1900 with custom firmware: <a href="https://www.asuswrt-merlin.net/" rel="nofollow">https://www.asuswrt-merlin.net/</a>)<p>- Switch connected to the second router at my desk; used for PCs, printers<p>- NAS connected to the second router at my desk (8-bay Synology DS1812+) hosting all the good stuff, internal DNS zone (lol), OpenVPN, Docker, Plex, etc<p>- Another switch in the living room, with all fun devices attached (TV, amplifier, PS4, Nintendo Switch, etc)
2 bedroom townhouse:<p>WRT3200ACM running OpenWRT with 2 aftermarket antennas: <a href="https://smile.amazon.com/gp/product/B08HM3KBRH/" rel="nofollow">https://smile.amazon.com/gp/product/B08HM3KBRH/</a> and <a href="https://smile.amazon.com/gp/product/B00R1PA9EO/" rel="nofollow">https://smile.amazon.com/gp/product/B00R1PA9EO/</a><p>XFinity-supplied cable modem.<p>Gigabit semi-managed switch TP-Link TL-SG105E for my office upstairs, connected with a 50 foot cat6 cable.<p>Pretty simple. OpenWRT sends logs to my raspberry pi 4 general purpose server. Backups are sent to borgbase.com<p>Don't really have any issues with this setup. DNS is nice and fast, wireless reaches the whole (admittedly small) house. We have a separate 2.4GHz wlan for devices/sensors/doorbell etc etc.<p>I added the antennas because under some conditions some devices in rooms furthest from the WRT3200ACM would slow down, and they appear to have fixed any connectivity issues.
I used to have a number of tp-link access points running OpenWRT, a few netgear switches, and a protectli minipc running at first pfsense, then untangle. Nothing super fancy...I have a few vlans but that setup supported it well.<p>It was great, except I longed for a single pane of glass to manage it...especially for vlan configuration. Librenms at least provided visibility into the vlans across devices and ports, but not management. And upgrade time, especially on the openwrt front, was stressful, as I have had updates render a router unbootable.<p>I switched to Unifi products around 1.5 years ago, and now everything just works. I have a Unifi Dream Machine Pro, 2 16 port Unifi Switch Lites, and 3 Unifi access points. It's been pretty flawless, and the interface is extremely nice.<p>It was pricey, but now I get to focus on solving problems that add value rather than constant tinkering. Don't get me wrong...tinkering is great, but you reach a point where you'd rather not have to.
I've got my ISP router (because it needs to decode the fibre-optic), but that's bridged directly into a TP Link C6U router that handles PPPoE. It runs OpenWRT with most of the default packages, I've only installed some monitoring/stats graphs and all packages needed to setup DNS over TLS (via Cloudflare).<p>The home network is fully wireless (wiring is pretty old and sockets are in some unfortunate places). There are both 4GHz and 5GHz wifi networks.<p>All my personal devices have static 'leases' to my "dev" subnet, which has no restrictions, port forwarding for certain services, multiple split VPNs with different routes.<p>My significant other has her devices on a "trusted home" subnet (with static leases).<p>All other home devices that may need an internet connection (eg: Homepod), live on a restricted (firewall) subnet (with static leases).<p>Any new device gets leased an IP on a "guest" subnet, that can only communicate on that subnet, and to the internet unrestricted.
- Ethernet from local ISP that is fed into Ubiquity EdgeRouter Lite running OpenBSD (octeon platform) with extensive PF setup<p>- 8 port managed switch connected to the router with a number of VLANs (IoT network, general/guest Wifi, trusted local network + Wifi, NAS Service Processor, DMZ network, externally accessible services network etc.)<p>- 3 Apple AirPort Extreme WiFi access points (for various VLANs) + 1 in another room for extension via Ethernet. These run in bridge mode.<p>- 2 more unmanaged Netgear 4/5 port switches (16 port managed switch is hard to get these days due to chip shortages and also significantly more expensive than the current solution) connected to the managed switch<p>- another Netgear switch in the closet to connect the in wall Ethernet sockets from several rooms together<p>- handful of Raspberry Pi boxes running Raspbian (Pihole/NTP server, another for Weather/environment monitoring, another for Docker to host some Wordpress - via Cloudflare tunnel, another for displaying weather information on eInk display, another for monitoring my working habits)<p>- NAS running TrueNAS in Fractal design Node 304 case with 6 drives, PCIe SAS card (for redundancy/more robust checksumming), beeper for alerting. Backups done to Backblaze and also to internally strapped USB drive.<p>Some of the stuff has alerting setup via PagerDuty (esp. the NAS and environment monitoring). General monitoring done by Grafana.<p>Most of the stuff is located on the top of a large bookshelf.<p>Except the NAS everything is fanless and the NAS was modded to be as quiet as possible (large silicone feet, large+slow fans)<p>The network is double NAT and there is no IPv6 which sucks.<p>Would like to buy Intel NUC for learning K8s however these are hard to get these days, at least in the spec I want.
I've been running the (relatively) well known EdgeRouter-X (aka ERX) + Unifi AC Lite setup for a couple of years at this point and I haven't had any issues with it.<p>The ERX is tiny, sips power and can route traffic with QoS turned on at ~100-120Mbps (without QoS it routes at 1Gbps). The wireless access point provides good 5Ghz coverage for an average two bedroom flat (placed centrally in the flat).<p>Both devices support Ubiquiti's old PoE standard and the ERX has a PoE passthrough port so I power both with a single PoE injector.<p>The QoS feature of the ERX was a life saver in our old flat where the best connection we could get was DSL (~16Mbps). Without it we couldn't have worked from home during lockdown (two developers constantly in meetings and pulling/pushing Docker images and npm packages :)<p>Now we've got fibre but I'm still running the same setup because it worked so well in the past (with the ISP's fibre modem in front of the ERX).
Late to the party, but still:
- WiFi (Mikrotik cAP over PoE - do not recommend, WiFi is not best)
- Mikrotik hAP as main gateway. Highly recommended.
- Upstream is a Mikrotik LTE (provided by mobile provider; ~100Mbps)
- Two Netgear Prosafe switches (5p and 8p)
Network is simple.
- Two LANs - one isolated with a whitelist for internet access for smart devices (irrigation controller, vacuum, IoT sensors, heatpump), other for home users.
- Synology 218+ NAS with 2x3TB with some dockerized stuff (PiHole, HomeBridge, Mosquitto, Deconz)
Main goal - if something fails, it somehow continues to work, and can be replaced without fuss. Mikrotiks are backed up, pihole can die (it's an uplink from mikrotik DNS - script switches over to 1.1.1.1/8.8.8.8), etc.
Three bedroom apartment: Main router/wifi in a bedroom/office. There is also an auxiliary wifi access point in the living area.<p>The living-room wifi access point usually serves two iphones, a smart TV and a laptop.<p>The main router/wifi in the office serves the main server computer via ethernet cable, and a raspberry pi which is a UPS controller and dedicated web server also via ethernet cable.<p>A separate office laptop, when used, is served from the router's wifi. A wifi printer-scanner is also served from there.<p>The extra wifi access point in the living area is connected to the router via an Ethernet-over-Power-Lines adapter.<p>I used to have bandwidth problems in the living area until I added the extra wifi access point.<p>Occasional wifi connections are served to MP3 players, etc.<p>Most stuff has IP addresses allocated via a DHCP server in the router, though some pieces of equipment have reserved IP addresses, such as the printer, the main server, and the raspberry Pi.
In the UK, super simple wifi only, have Sky Broad Band but have abandoned their router and wifi mesh completely. We have 5 of the BT Whole Home mesh devices, tried to wire the SkyQ tv boxes into them so we could turn off the Sky Wifi and discovered a bug where the Sky Router would basically kick the BT device of the network if wired to a SkyQ box. Ultimately bought a TPLink Router just for broadband and dumps the Sky one, works brilliantly now. So our setup:<p>TP-Link TD-W9970 Router
5 x BT Whole Home Wifi (one wired to router, two wired to the SkyQ boxes)<p>Went with BT Whole Home Wifi as it was cheaper than the other mesh networks and had good enough reviews.<p>We have actually kept the Wifi on the TP-Link router turned on as an additional network (hadn't planed to) as we had connection issues between the BT system and a Natatmo Indoor Camera, it would constantly disconnect/reconnect to the network.
3 bedroom flat. I use Ubiquiti equipment since sourcing Ubiquiti is much easier than Mikrotik here in the Philippines, and I've had bad experience with TP-Link, DLink, etc. randomly requiring restarts or outright failing after a few years.<p>* Unifi Security Gateway Pro (for the 2 WAN ports with failover)<p>* Unifi US-8-Lite-PoE<p>* Unifi AP-AC-Pro meshed to a:<p>* Unifi AP-AC-M
Cat 5e cabling (20 years old)@ 1 Gbps, 5 small switches of 5-16 ports, 1 Cisco router with 2 incoming internet lines, one on CATV and one on fiber (very cheap, less than $20/month each). Redundancy needed as the setup is used by 3 families with 2 people are working from home permanently and several kids doing school online from time to time (on Covid peaks).<p>2 servers, about 40 devices (including ~10 phones), 2 WiFi access points. Looking for 10 Gbps fiber in key places, but other than affordable Mikrotik switches I was not able to source the components. Several computers have 2.5 Gbps onboard, but good luck finding cost-effective 2.5Gbps switches with 10 Gbps uplink.<p>I have no recommendation for switches, availability and price is very good for 1 Gbps. For access points any decent Wifi 6 from a reputable manufacturer should be fine.
3 Bedroom free-standing house in Australia...<p>- 200Mbps FTTH (Australia NBN via iiNet)<p>- ASUS RT-AC68U AC1900 WiFi router running Asuswrt-Merlin<p>- Internal Cat6 cabling from FTTH NTU to comms closet then to office desk and TV.<p>- Cisco SPA112 VoIP adapter<p>- Intel NUC7I7BNH running with external drives for media storage and Plex server (recently had to take it apart and apply new thermal paste due to overheating).<p>It all works very well.<p>My next enhancement would likely be some Raspberry Pi-based audio devices/speakers in different rooms and on the back deck, perhaps running balenaSound.<p>(I keep thinking I should get a proper NAS again; I had one for media and backups years ago but it died, and it's never been a huge urgency to get another one, I guess because there's not so much need for local storage now with the streaming platforms and cloud storage.)
- Cat-5 in my apartment wall from my ISP.<p>- ISP provided router that splits out IPTV into my TV box and has one port as passthrough to my pfsense box. It should be possible to do this splitting in pfsense but I never managed.<p>- The pfsense box is a passive ITX machine with a Celeron N3350 and two intel NICs.<p>- A dumb gigabit switch is connected to the LAN side of the pfsense box.<p>- I run ethernet to my stationary machines.<p>- A Ubiquiti access point feeds the wifi.<p>This setup has worked pretty much flawlessly for two years.<p>If I was goinig to do it again I would install OpenBSD instead of pfsense on the box. I didn't like the political drama around pfsense the last few years and I hardly use any of the features. I just want something that never breaks and has few foot-guns.
I use a few secondhand Netgear R7800 with OpenWrt installed to blanket the house in fast WiFi and 1Gb Ethernet. This setup has been in place for almost 4 years now and has been very reliable. Maintenance is needed to keep software up to date.<p>With so many radios, I've segregated IoT devices on their own frequency to maximize throughput on workstations. VLANs provide network isolation.<p>I think the routing performance is fine for most households. If you need a router that does QoS on a gigabit internet connection, you'll need something more powerful.<p>Occasionally I'll wish that I had something faster than 1GbE, so the hunt for hardware continues...
ISP fiber box is some kind of a Mikrotik, feeds into my own Mikrotik firewall. From there on I have two gigabit switches, connected to e.g ethernet outlets around the house and anything else that needs Ethernet like the Ubiquiti mesh WiFi endpoints and TV's, computers. It is housed in a rack cabinet inside a cupboard, and I also have a few Raspberry Pi's, external disks, MacBook Pro 2016 model that has been turned into a Linux server since I have a newer Mac now. Also, there's a UPS with a 100Ah external battery in the same cupboard on the floor. So a pretty minimal homelab overall.
1Gig fibre served via Netlink Trust to fibre optical termination point, fixed IPv4. Behind it I have a Qutom mini PC version with 4 Ethernet ports running opnSense (FreeBSD based router project). Copes with 1GigE just well. My HP Microserver Gen8 running FreeBSD 13.0 serves media, Plex, and various torrent download services to the home. Wifi is served via Google Mesh pods, covers my Singapore condo just fine. All up I’m quite happy although I need to replace the Gen8 server soon with something more modern.<p>What hardware do you use for your home ZFS-based NAS setup? (Motherboard, chassis, cpu, PSU)
600 Mbit fibre from Telenor to converter box with one RJ45 port. Cat6 from box to ISP-supplied router (but I could use whatever, there's no translation/bridging or whatever).<p>ISP-supplied wireless extender for the annex which gets ~ 200Mbit due to distance and walls, but better than the crap we used to have.<p>Native, full IPv6 with a /64 subnet so I have port 22 to one /128 destination (my old recycled HP used as a media server) open in the IPv6 firewall with an AAAA record pointing to it.<p>It sucks when I'm on a network without IPv6 but I can always use one of my Linodes as a jump host to reach it.
- 1 Gbit/s fiber
- TP-Link media converter
- UI Security Gateway
- UI PoE Switch
- UI Cloud Key+ Gen. 2 (PoE fed)
- UI Flex Mini switch (PoE fed)
- 2x UI AP Lite (PoE fed)
- RPi for services<p>Pros:
- Reliable 1 Gbit/s symmetric with dedicated IPv6/48 block with prefix delegation, so no NAT on IPv6.
- Good WiFi coverage, typically ~300-500 Mbit/s
- Easy management and option to add camera surveillance
- No power cables to most equipment<p>Cons:
- UI software at times flaky
- USG doesn't support real-time protection at 1 GBit/s (but at ~120 Mbit/s)
My setup is the following:<p>1. Ubiquiti ER-X<p>2. Ubiquiti AP Lite x 2 (upstairs and downstairs)<p>3. Inbuilt Cat6 cabling in house<p>The benefit of this approach is I get to use prosumer hardware but at reasonable cost (total < $350 AUD). For the AP's I have just setup via pairing on the mobile app and use the same SSID and passwords which allows for easy roaming.<p>I'm contemplating upgrading to an Ubiquiti dream machine pro to replace the ER-X for more ports and ability to have video recording & security cameras but really happy with current setup from a wifi performance and stability perspective.
* DOCSIS w/ cell failover - Cell to be possibly migrated to Calyx Institute<p>* Asus with ai.mesh for access layer, sometimes openwrt, sometimes merlin<p>* Ubiquiti ER-Pro 8 with openwrt. Likely Mikrotik RB5009UG+S+IN soon<p>* copper to APs, copper for core<p>* chunky Linux server for compiling and rendering<p>* tiny Linux for Ceph nodes<p>* mysensors for sensing and control<p>* pis (orange and raspberry) and Jetson Nanos for kubernetes<p>* nodered and mqtt for mysensors and integrations - mostly replaced Home Assistant<p>* Most VLANs are dual stack (IPv4 and IPv6)<p>* openvpn to a central cloud hosted server<p>* tor specific SSID<p>* Nautobot to keep track of everything<p>* CoreDNS, traefik, terraform/matchbox, jellyfin
Aside from my modem (Netgear CM1000) I have all UniFi equipment: a USG, couple of switches, couple of access points, and two mesh antennas to join the house and shop networks. Overall it works great, although with the direction the company has been headed recently I don’t think I could recommend building such a setup today.<p>I also run my own DNS: two pi-hole docker instances running on Linux servers, backed by unbound. <i>That</i> I can recommend wholeheartedly.
Mikrotik HAP AC2 as router and wifi, with HAP AC providing extra access point. Fiddly to set up, but solid and trouble-free since.<p>Used to use Ubiquiti Edgerouter, until it failed. The Smart QOS feature was pretty good. Used to use Unifi for wifi, but always struggled with clients getting stuck communicating with the most distant access point.<p>(Edit: In case it's relevant for some, I should also list: a Draytek 130 to adapt perculiar UK PPPoA broadband to PPPoE.)
ISP Router in modem mode<p>pfSense router<p>24 port PoE Managed Switch<p>This then splits off to my homelab, Ruckus & Unifi APs for WiFi and a few other switches around the house for the office, TV and bedrooms.
DSL line connected to a AVM Fritzbox forwarding to a Unifi Dream Machine Pro with VLANs for home lan, guest wifi, DMZ, IOT jail<p>Unifi 24 port switches as backbone<p>6 Unifi WiFi APs powered over POE<p>Pihole on 2 virtual machines for redundancy<p>an old IBM M3650X4 2HE server running Proxmox with dual CPUs, 40 cores, 400GB RAM<p>Self built freenas with 72TB of storage<p>Some Pis for home automation stuff<p>A plethora of servers running on the VM host.<p>I am Planing to get another Server machine to make it more redundant.
About 40 networking devices spanning 3 properties (mostly Mikrotik). Around 24 cameras. Two NAS, each with 24TB. Around 30 network points. Two properties are linked via 60Ghz wireless connection. Third property linked via IPTunnel through Internet. Whole network is backed up with Li batteries, some charged with solar.
Starting to upgrade some of the network to 10Gbs.
FRITZ!Box 7530 on a 100/50 MBit/s DSL line. 5GHz Wifi. Fritz!Phone app on iPhone for landline calls instead of a DECT handset.<p>I'm the only user, with 6-8 WiFi devices, so bandwidth is not an issue.<p>There's also a QNAP NAS and a gaming PC connected via LAN, everything else is WiFi only.<p>I used to have a FRITZ! repeater as well, but in the new flat it's not necessary anymore.
I have 1Gb/s FTTH, just bought a FritzBox which will replace my ISP modem/router.<p>Then I have a Google WiFi mesh system that is linked to the main modem in cascade and I use that in order to have reliable WiFi all over the house.<p>Will probably add a Pi sometime later this year in order to have ads blocked globally while keeping Cloudflare as encrypted DNS provider.
As of now it is pretty basic. One main router connected to ISP and then, recently running a cable to the ground floor to extend wifi using another router in AP mode(older one). Before having this cable the extension used to be via a wall plug AP that extends via Wifi.<p>- Main router: D-Link DIR-1960 with openwrt<p>- 2nd router: Asus RT-AC51U (old router)<p>- Wifi AP: Netgear EX-6120
FttH with Ubiquity Unifi USG Pro 4 router (fiber goes straight into my router, no provider equipment) connected to a Netgear MS510TX switch.
I have two ubiquity access points and the controller runs on my NAS in a docker container.<p>If I were to build it again I'd have a look at the TP Link Omada gear, I hear good things about it.
Odroid behind a simple modem/router blocking ad domains and providing dns as well as ipsec with a vpn in some country that isn't a 3rd world shithole where politicians make gratuitous decisions to block sites like google docs, github and pastebins to save their sorry asses from document leaks.
Fritz!Box 7390 (cursed piece of crap) -> Wifi -> TP-Link WDR3600 that gives me Ethernet in a different subnet -> my stuff, including an old laptop that serves as a NAS and handles other stuff that needs to run constantly.<p>DNS and DLNA is managed on a Raspberry Pi B+ dangling with a USB cable from the Fritz!Box
As someone who’s in the middle of purchasing a 4bed home in US and needs a new network, thanks to OP as I would’ve never thought to ask HN this.
I’m leaning heavily towards an all Ubiquiti setup with their UDMP and WIFI6 APs. It appears to provide the most seamless integration and easy management.
2 bedroom apartment with ethernet wiring to all rooms<p>* Unifi AP-AC-Pro
* Edgerouter X
* Netgear GS308E managed switch<p>Split into VLANs for trusted devices, IoT devices and guest wifi. Proxmox server with Pihole and Wireguard for adblocking and VPN access, along with other non-networking services (Firefly III, MySQL DB, Plex...)
Synology NAS. 11 year old laptop as a home server. Linksys router. The server runs Plex, Valheim, transmission, irssi, and Adguard containers.<p>Before the NAS I just plugged in multiple USB HDDs in a "poor man's home server" setup.<p>Works well for me.
1x MikroTik hAP AC, router, switch & AP<p>1x MikroTik RB952-something, switch & AP<p>Though I'm in the planning stages to replace it all with a NixOS solution, the CPU is too slow to encapsulate with wireguard at decent speeds. (caps at 70 Mbps)
I have a UDM Pro and USW-24-PoE racked in a Tripp Lite 12u network rack. From there I’ve got 2 UAP-AC-Lites and 1 UPA-AC-Pro for inside and 2 UAP-AC-Ms for outside that connect to the switch via CAT6 1Gb links.
We use meshed Mikrotik Audience routers. They work great. Only issue we had was that the first 2 orders on Amazon came as empty boxes. Once actually got them setup and meshing/extending was a breeze!
Gigabit fibre. Openwrt router. And then a proxmox server doing various things like pihole and local caches for Debian apt.<p>Been researching 2.5Gbe retrofit but it’s still a touch expensive for the benefit
I use the guest wlan as an IOT network. Network segmentation! It is not very secure as the other subnet and network is addressable, but it is better than absolutely Bo isolation.
I had my machines on wireless ethernet, but it was too flaky in my circumstances, so my desktops and laptops use wired ethernet now. I still use wireless ethernet for my tablet.
I have one WiFi6 Eero acting as the main one, a further 4 around the house, a Raspberry Pi running AdGuard pointing at NextDNS for the DNS. It's rock solid.
NAS + Entertainment console ( TV + Apple TV + Xbox Series X) are on a switch directly from Xfinity Modem with Gigabit. Everything else is 3x eero pro via wifi.
TP-Link Deco E4 Whole Home Mesh Wi-Fi System.<p>Pack of 3 works well enough to cover the whole house + shed located in the far end of the garden.<p>Also cheaper then google mesh.