Hello everyone,
I am currently considering how to set up the network in our house.
In this context, I thought it would be great if some of you could share how you have implemented a high-end network on an individual basis.
I am an IT professional myself, but my focus lies elsewhere. Nevertheless, feel free to get technical—I assume I will understand you.
I am interested in:
- How have you segmented your networks?
- What devices do you use (manufacturer-independent)?
- Which devices (manufacturer-independent) do you group together in which network, and why?
- Which networks do you allow to communicate with each other?
- How have you implemented external access, if desired?
- Do you perhaps have a DMZ?
- In your opinion, what is a “must-have” and what is a “nice-to-have”?
I am currently considering how to set up the network in our house.
In this context, I thought it would be great if some of you could share how you have implemented a high-end network on an individual basis.
I am an IT professional myself, but my focus lies elsewhere. Nevertheless, feel free to get technical—I assume I will understand you.
I am interested in:
- How have you segmented your networks?
- What devices do you use (manufacturer-independent)?
- Which devices (manufacturer-independent) do you group together in which network, and why?
- Which networks do you allow to communicate with each other?
- How have you implemented external access, if desired?
- Do you perhaps have a DMZ?
- In your opinion, what is a “must-have” and what is a “nice-to-have”?
JoachimG. schrieb:
It’s not the DNS performance itself that can become an issue, but the overall performance of your VM environment. You might not notice it on the other servers, but you will with the DNS.
Double NAT can be disabled with a proper router/firewall placed behind the Fritz box. The Fritz box handles NAT and is assigned a static route or multiple routes for the traffic behind the router/firewall. But towards the internet, NAT should only happen once.
That said, I have been running a Fritz box behind a Speedport Hybrid for three years now. So far, zero issues with double NAT.rick2018 schrieb:
DNS, RADIUS, etc., don’t require a Windows VM on the Synology. You can simply install the appropriate packages there, which results in significantly lower resource usage.Okay, that sounds like “just order a Dream Machine” and experiment, right? Fritz box, small switch for Magenta, phones, and so on, with the Dream Machine behind it, then the rest…Tarnari schrieb:
Ok, that sounds like “just order a Dream Machine” and experiment, right?
Modem, small switch for Magenta, Fon, and others, then Dream Machine behind that, and then the rest... Incorrect wording.
Not Dream Machine behind that, but modem, small switch for Magenta, Fon, and others, AND Dream Machine connected to the modem, AND then the rest behind that.
J
JoachimG.13 Oct 2021 11:52Yes, that's exactly how I would just start. 🙂
C
C.beckmann198623 Oct 2021 09:57I would like to join the discussion here. We are also about to move into our new house soon. Network outlets are installed in almost every room. I want to set everything up in a server cabinet in the basement and avoid having too many devices scattered around the living room. An access point is planned for each floor.
Gradually, I plan to further optimize everything in terms of smart home features. So far, I haven’t been able to do much in my current apartment. I currently have a Synology server, Hue, Alexa, and similar devices. Cameras and other equipment are planned. At the moment, I am also exploring Homematic.
What’s most important for me right now is deciding which devices or brands to use for the basic setup. I would describe myself as a tech-savvy layperson, but I’m willing to learn and improve. Statistics and analysis are probably nice to have but likely only sporadically interesting to me once everything is running smoothly.
When it comes to access points, you often encounter UniFi. I’ve liked them so far and initially looked at the NanoHD. Now there’s WiFi 6 (although I currently have very few devices that support it), so I’m considering going directly for the UniFi U6 Lite.
In principle, I like it if everything is from the same ecosystem and relatively easy to configure. However, I found UniFi switches quite expensive for my needs. So the question is whether it might be over the top for me. Alternatively, I came across the Omada series from TP-Link, which is more affordable but seems to have fewer tutorials or videos compared to UniFi.
What are your experiences? What makes sense, what is worth it, and what is just nice to have? And of course, the question of how to make it as secure as possible. I was thinking of having separate networks for guests and cameras, etc.
My current internet connection is via cable and the Vodafone Station.
I would appreciate any feedback. If I forgot to mention anything, please let me know. Thank you in advance.
Gradually, I plan to further optimize everything in terms of smart home features. So far, I haven’t been able to do much in my current apartment. I currently have a Synology server, Hue, Alexa, and similar devices. Cameras and other equipment are planned. At the moment, I am also exploring Homematic.
What’s most important for me right now is deciding which devices or brands to use for the basic setup. I would describe myself as a tech-savvy layperson, but I’m willing to learn and improve. Statistics and analysis are probably nice to have but likely only sporadically interesting to me once everything is running smoothly.
When it comes to access points, you often encounter UniFi. I’ve liked them so far and initially looked at the NanoHD. Now there’s WiFi 6 (although I currently have very few devices that support it), so I’m considering going directly for the UniFi U6 Lite.
In principle, I like it if everything is from the same ecosystem and relatively easy to configure. However, I found UniFi switches quite expensive for my needs. So the question is whether it might be over the top for me. Alternatively, I came across the Omada series from TP-Link, which is more affordable but seems to have fewer tutorials or videos compared to UniFi.
What are your experiences? What makes sense, what is worth it, and what is just nice to have? And of course, the question of how to make it as secure as possible. I was thinking of having separate networks for guests and cameras, etc.
My current internet connection is via cable and the Vodafone Station.
I would appreciate any feedback. If I forgot to mention anything, please let me know. Thank you in advance.
The advantage of Unifi is its unified management system, which even tech-savvy beginners can handle. There is little to no competition in terms of price for similar functionality. Of course, you can use any PoE switch to connect the Unifi APs. The management for the APs is set up on the laptop; once configured, you just create a backup and then forget about it. It runs smoothly on its own. Add a Fritzbox and you have peace of mind. For two access points, you don’t need a 24-port PoE switch. Something much smaller is sufficient, or possibly even a separate injector per access point if you really want to save.
However, if you want to do more advanced things like VLANs, multiple SSIDs, and other features, the complete package makes sense. This is roughly comparable to what you mentioned—Omada and possibly Aruba. If you have only moderate experience, the Unifi ecosystem, with its vast amount of available help resources, is a good choice. None of these solutions are perfect though; Unifi also sometimes struggles with unfinished firmware, but it is affordable.
However, if you want to do more advanced things like VLANs, multiple SSIDs, and other features, the complete package makes sense. This is roughly comparable to what you mentioned—Omada and possibly Aruba. If you have only moderate experience, the Unifi ecosystem, with its vast amount of available help resources, is a good choice. None of these solutions are perfect though; Unifi also sometimes struggles with unfinished firmware, but it is affordable.
Similar topics