J

Home network

15 Dec 2021

Since we purchased our new house in 2015, I’ve slowly been building up the home network and the components in it. Until this earlier month, majority of my network was run by Google Wifi and for the most part, it worked great. Unfortunately, between Google making some product changes which I didn’t really agree with and the more complex configuration, I outgrew it. Google Wifi is still my recommendation to family and friends who want a simple yet pretty powerful mesh and router combo.

Now, we’re a part of the Ubiquiti cult family.

Initially I wasn’t going to go all in on their gear due to the extra cost, however, after discovering how well it all integrated together, I was sold. I’m a sucker for when things Just Work™. Along side this, the other selling point was how well the UI/console makes some very complex topics straight forward to understand and use. As a bonus, you can SSH into the Ubiquiti hardware if you need to pull logs or do something complex the UI doesn’t expose.

House is wired with cat6 cable

The sweatiest portion of the upgrade; getting into my roof and running cat6 cable everywhere. Unless you have a need (like I did) I wouldn’t be too phased if you already have wired cat5e. It will work almost as well for most connections.

Wireless Access points

in-wall ap

I opted for a mix of Ubiquiti in wall and in wall HDs depending on the need for wired connections in most rooms. For instance, my lounge room doesn’t have any wired connections so a regular is fine there however my office has a HD to connect up to 4 other wired connections if needed.

18U rack enclosure on casters

I purchased this quite early on and was glad I opted for the slightly larger unit given some of my tech wasn’t initially rack mounted and took up a bit more room. Nothing too fancy here but it keeps all my hardware less dusty and cooler than sitting on top of one another in a cupboard somewhere.

Keystone patch panel

24port-patch-panel

Truly a MVP for the revamp. While looking at patch panels, I stumbled upon a video that showed a modular (or keystone) patch panel and I was instantly hooked. Unlike other types, this doesn’t require punching down the cables and instead, uses existing keystone connections to mount into the patch panel. This also means if I ever want to put a RJ11, HDMI or any other keystone connection into the unit, I’m not going to have to install a different blanking or vent plate to support it.

Ubiquiti Dream Machine Pro

udm-pro

Probably the most expensive part of the build and definitely the most exciting. I had been eyeing off the regular UDM for the better portion of 6 months after my Google Wifi configuration started to have issues with IPv6 and I wanted to replace it. Lots of people I spoke to loved their UDM however a couple mentioned they had random hardware issues that required a replacement unit. I nearly pulled the trigger on getting on until Ubiquiti announced a V2 model would be replacing it in the near-ish future. I decided to hold off until that was released but in the meantime, I managed to find a UDM pro locally for a bargain and couldn’t resist. Despite the UDM pro SE being available, the differences are negliable for my intended use so I didn’t bother with the “upgraded” version.

My configuration is primarily managed using Terraform and the Unifi Terraform Provider but in a nutshell, it looks like this.

  • Multiple LANs for devices based on their usage and what their intended network profile is. I.e. NAS dedicated LAN and can only connect to backup targets, IoT LAN for things like Roomba which cannot connect to the internet without manually adding a rule for it, Guest LAN to keep people off the internal devices like my NAS or computers.
  • VPN configuration on a single LAN for easy swapping or testing. This is still in the early days of use but it allows me to quickly jump onto a Wireguard VPN connection without any additional setup on the device.
  • Backup 4G LTE internet. Automatically fails over to connection when my primary internet connection fails (more on this below).

USW 24 port PoE switch

usw-24-poe

To support the other Ubiquiti hardware like access points and cameras, I added a PoE enabled switch. By default, the UDM pro doesn’t have PoE ports (SE does) so unless I wanted to add power inline to these devices somewhere, I needed a switch.

Netgear LB2120

lb2120

While I have access to the NBN, I have always had a backup connection. This means that if the NBN or my ISP specifically goes down, I still have a connection. Up until now, the workflow was a little something like this:

  • Notice apps/webpages aren’t loading
  • Open Google Wifi, check mesh connectivity
  • Open modem, check internet connectivity
  • See internet failure, swap 4G/5G modem out for the modem and wait for the IP to be assigned

Not horrible, but definitely could use less human intervention.

With the UDM pro, port 10 is a SFP socket that, with the right adapter, (Ubiquiti RJ45 – SFP Transceiver Module, SFP to RJ45 1G) becomes a backup WAN port. Once the adapter is inserted the SFP socket turns into a standard RJ45 Gig-E port which a 4G/5G modem can stay plugged into. After some searching, the best bang for buck 4G modem I found was the LB2120 from Netgear. It doesn’t do a lot (which is perfect) but it does work in bridge mode which allows the UDM to do it’s thing in the event of a failed NBN connection.

Now I don’t even know when my primary connection falls over as the 4G automatically kicks in without my intervention.

Synology 420+ NAS

I’ve previously blogged in detail about how I use my NAS for my home setup. Check it out if you’d like full details.

APC 2U UPS

My need for a UPS came a few years ago when we started having grid upgrades in my area. What felt like every couple of weeks, we’d either have brown outs or total power outages resulting in things like my NAS abruptly shutting down. While the NAS survived a couple, I didn’t want to tempt fate more than necessary so I forked out for a 2200VA UPS. This doesn’t power much but it does have enough to hold power while my NAS shuts down gracefully and the network runs for about 3 hours. After that, it’s time to bust out the petrol generator (which luckily I’ve only had to do once in three years during storms).

I first purchased a non-rack mounted one but ended up swapping it to a 2U UPS in order to save a bit on the space side.

i7 16GB RAM NUC

I picked up this NUC off Facebook Marketplace for a bargain as it was thought to be completely busted. I replaced the RAM and came back to life so for once, a win on Marketplace. It currently runs nixOS (I’m wanting it full time eventually!). Previously, it was dual booting Debian and Windows as a test machine for my personal projects and cross compiled tools. On the device itself, I mainly just have a bunch of Docker containers running for things within my network. Grafana, Smokeping, etc.

Mac mini

Purely an Apple cache server and a playground for early Apple releases. Used to use it more when I was maintaining Boxen and needed to constantly wipe the OS to a clean slate but now is largely under used. The biggest advantage is the devices wanting to update are already on my network so the upgrades are faster and generally behind the scenes without anyone even noticing.

Raspberry Pi 4

Relatively new entrant running as a PiHole providing DoH for the network. (Scott Helme has a great article if you’d like to do this too)

Misc

Lastly, I’m working on a custom 3d printed 2U rack plate for the Mac mini, NUC and the Raspberry Pi to store them more efficiently than on their current shelf. By the end, I’m hoping to have it look like a HDD bay instead of a collection of different devices.