Best setup/config for a decent home network?

[LucasG]

I am looking to improve my network by going a little bit more serious. Currently I just run a Time Capsule connected to a Huawei modem provided by my ISP.

I can see I am not that savvy on networking, so I've been reading a little bit on mesh networks, using routers with their antennas/repeaters and so on, but I'd like to make sure my network is ready for home automation (will be adding a lot of sensors and would like to keep it as fast as possible for file transfer, tv streaming, etc.)

What would be the best route? I have not asked my ISP but is it possible for me to buy a mikrotik router and remove my providers by connecting the fiber optic to the Mikrotik SPF port? Or do they need to allow this first? Should I ask them regarding this?

Otherwise, what is the best way to go? I am understanding the idea of getting a router plus a couple of access points? I currently just have two pcs, one laptop, one smart tv, a smartphone and will be adding sensors for doors, smart plugs, etc.

Any guidance is greatly appreciated.

Edit: Was looking at something maybe like this:

https://www.amazon.com/gp/product/B01EL7TF9E/ref=ox_sc_act_title_2?smid=A2FXJMK2DLQ8YY&psc=1

https://www.amazon.com/gp/product/B079S7YLKM/ref=ox_sc_act_title_1?smid=A1DZ2KWUETHME0&psc=1

or with a

https://www.amazon.com/Ubiquiti-Net...8&sprefix=Access+Point+AC+Pro,aps,408&sr=8-2#

 

[Eulogy]

Well, first, realize most serious home automation doesn't use your normal network. ZWave, Zigbee, rtl_433 (RF) are the big ones in that regard. Whatever controller you have will be on network, but that's just a single container / PC / PI running the software really.

For router - it'd help to know your ISP in play. In most cases you can swap it in without any issue (likely have to return your rental and make sure they remove any associated billing fees for it). It's likely your ISP has that information somewhere just in their FAQs. If they do allow it, MikroTIk is a great choice. I have an RB4011 and have really enjoyed it.

I'd suggest also a dedicated, managed switch instead of plugging everything into your router. That's just a decision you can make though -- you can use the one you linked as a switch as well, though I haven't looked at the switching capabilities of RouterOS, so make sure it'll do everything you want/need.

Dedicated APs are also the way to go. MikroTiks are again fine, though I'd also suggest looking at TPLink, especially the EAPs.

 

[LucasG]

Well, first, realize most serious home automation doesn't use your normal network. ZWave, Zigbee, rtl_433 (RF) are the big ones in that regard. Whatever controller you have will be on network, but that's just a single container / PC / PI running the software really.

For router - it'd help to know your ISP in play. In most cases you can swap it in without any issue (likely have to return your rental and make sure they remove any associated billing fees for it). It's likely your ISP has that information somewhere just in their FAQs. If they do allow it, MikroTIk is a great choice. I have an RB4011 and have really enjoyed it.

I'd suggest also a dedicated, managed switch instead of plugging everything into your router. That's just a decision you can make though -- you can use the one you linked as a switch as well, though I haven't looked at the switching capabilities of RouterOS, so make sure it'll do everything you want/need.

Dedicated APs are also the way to go. MikroTiks are again fine, though I'd also suggest looking at TPLink, especially the EAPs.

Yup, I am aware for Home Assistant I will need a BigZee Hub and I am already running HA in a VM on a Windows machine I use as a server. Already eyeing:

• ConBee II The Universal Zigbee USB Gateway
• Aqara Motion Sensor
• Aqara Door and Window Sensor
• Aqara Temperature and Humidity Sensor
• Missing a good smart plug to add there

I will give them a call and ask them as there is no information that it is allowed, I am located in Costa Rica.

I have been looking now at the Ubiquiti APs, apparently they can do good throughput. Otherwise I might just go with Mikrotik completely just to make it easier on configuration:

• Mikrotik RB3011UIAS-RM RouterBOARD 10xGigabit Ethernet, USB 3.0, LCD, RB3011
• MikroTik cAP ac Dual-band 802.11ac Wireless Access Point (RBcAPGi-5acD2nD-US)

 

[Vengance_01]

Typically you have the following for Fiber. An ONT which receives the fiber and then ethernet from the ONT to the Modem/Router. There should not be any issues replacing this. But Who is your ISP and do you know if you have Ethernet from the ONT(outside) to the router?

 

[LucasG]

I think I have an optical cable from the ONT to the modem/router. I know that the ISP setup a box in my ceiling and then a small optical cable comes out and connects with the modem, it's not an ethernet though.

 

[Vengance_01]

Can you attach a picture of the modem/router and the connection coming from the ONT

 

[LucasG]

Need to buy me a ladder to get to the box on the ceiling… will do this week

 

[Vengance_01]

So it looks to be an all-in one device. The LAN connection goes to what in your network config?

 

[LucasG]

I just set that modem to bridge mode and connect it to an old AirPort Time Capsule which does the PPoE connection for WAN.

 

[Vengance_01]

I just set that modem to bridge mode and connect it to an old AirPort Time Capsule which does the PPoE connection for WAN.

By putting it in bridge mode you have basically bypassed the provider all in one ONT. I would contact them to see if they can provision your own device but you still need an ONT and that I don't think you can get around unless they just an ONT without the router portion.

 

[LucasG]

Wouldn't I be able to do the same thing with the Mikrotik in the worse case? To just connect it from LAN to LAN? Or does it have to be SFP?

Edit: They use GPON system, some type of Fiber to the home access that makes that router the ONT with everything.

So apparently Mikrotik doesn't make anymore GPON interfaces, it appears some ISPs require like the last digits of the SN or something like that (some, not all), not sure if mine would, asking them. Otherwise I need to find some interface for GPON in the SFP...

https://www.quora.com/What-is-a-GPON-router

"And if you have no choice at least tell the ISP to put their poor quality CPE in bridge mode and use your own router."

Can I use Mikrotik as a router? Would I need to get an RJ45 SFP?

https://forum.mikrotik.com/viewtopic.php?t=124827#p614847

"If they won't, then you'll want to ask them if they can place the OLT (Huawei) into bridge mode so that your public IP address is passed through to your Mikrotik router.
In this case, you won't be using GPON to connect the Mikrotik to the Huawei - just regular ethernet with DHCP client enabled on its WAN interface."

I'm guessing this is my scenario.

 

[Vengance_01]

"If they won't, then you'll want to ask them if they can place the OLT (Huawei) into bridge mode so that your public IP address is passed through to your Mikrotik router.
In this case, you won't be using GPON to connect the Mikrotik to the Huawei - just regular ethernet with DHCP client enabled on its WAN interface."

Yes this is what you will do. So you just need a standard Router with an Ethernet WAN port. What ever you buy will replace your current Apple Router.

In this case there are alot of options. You can go AIO, or separate Router, Switch and APs but it really depends on your needs, goals, port needs/(POE or no) etc...

 

[LucasG]

I am really thinking into going with Mikrotik because I have always wanted to tinker with an advanced networking router, I understand I will have to setup and learn a few things I might not know already. But mostly because I do want to have a secure and stable network, specially now that I am adding a lot of devices to the wireless for home automation (lots of sensors) and I already have a couple of security cameras, two desktop pcs, two laptops, smart tv, etc.

My home is not super large but it is 3 bedrooms with concrete walls, that's why I was thinking on buying this option as it seems affordable and good to get started:

https://mikrotik.com/product/RB3011UiAS-RM

I can wire my cameras to the router, use two more for the desktop pcs and setup this AP in the center of the house through the roof to feed the whole house with one AP?

https://mikrotik.com/product/cap_ac

or

https://www.amazon.com/-/es/gp/product/B09G5H4XS2/ref=ewc_pr_img_1?smid=ATVPDKIKX0DER&psc=1 (which appears to be better for future mesh)

I keep reading people that you should go with a Ubiquiti AP as they are much better (about 5.2 gigabit aggreate?). They also mention faster roaming sync when changing from AP to AP? I don't think I need one but this is actually a good point. I understand it can be slower to use standard APs compared to those, unless I understood wrong.

 

[SamirD]

Those concrete walls makes all the marketing speak of all the wifi companies completely useless as all their testing and claims are based on wood framed houses in ideal conditions. Your scenario is like my wife's parent's house in India--the walls can stop gamma rays so puny wifi has no chance.

You will either need to have a wired ap in each room/area or if your roof has a non-concrete obstructed access to each room then you may be able to get away with a few in the roof.

But one thing I would keep in mind is that huawei probably has back doors reporting to china, so you will need to have something securing your router from it as well.

 

[LucasG]

Well right now I just have my Time Capsule in one room providing wireless to all rooms and backyard, so one of those APs should certainly be better.

 

[LucasG]

Ended up ordering:

Mikrotik RB3011UIAS-RM RouterBOARD 10xGigabit Ethernet, USB 3.0, LCD, RB3011

TP-Link EAP610 | Omada Business WiFi 6 AX1800 Wireless Gigabit Access Point| Support Mesh, OFDMA, Seamless Roaming & MU-MIMO | SDN Integrated | Cloud Access & Omada App | PoE+ Powered | White

Will set them up in the next two weeks.

 

[Vengance_01]

Make sure the AP has a POE+ injector in the box as that Router does not have POE

 

[LucasG]

ETH10 has POE, but no POE+. I will need a switch and apparently a 48V powersupply, and my cameras probably use 24V so I will have to run two power supplies. Lol costs about the same, $260. Oh well! Might leave this for later and just power everything on normally for now, just end the ethernet cable.

This: https://mikrotik.com/product/crs112_8p_4s_in#fndtn-gallery?
with
https://www.amazon.com/gp/product/B07D5WGTPW/ref=ox_sc_act_title_1?smid=A2D0YFB4ZQHPN0&psc=1

 

[LucasG]

Will I be seeing better network throughout now?

I just upgraded my internet to 500mbps and through the time capsule I can’t get it, but if I connect directly to the gpon router I can.

 

[Vengance_01]

Will I be seeing better network throughout now?

I just upgraded my internet to 500mbps and through the time capsule I can’t get it, but if I connect directly to the gpon router I can.

Wifi speeds are fickled to predict. Will you see better speeds? 100% yes. Will you be able to max out your 500/500 connection from one client really depends...

 

[LucasG]

Wifi speeds are fickled to predict. Will you see better speeds? 100% yes. Will you be able to max out your 500/500 connection from one client really depends...

Well, at least I would expect to be able to max the clients connected via ethernet, which does not happen now via ethernet with the Time Capsule. But if I connect directly to the GPON router I do get 500/500. I am aware though that wifi speed will be a little bit different but still better than what I currently have.

 

[Vengance_01]

Well, at least I would expect to be able to max the clients connected via ethernet, which does not happen now via ethernet with the Time Capsule. But if I connect directly to the GPON router I do get 500/500. I am aware though that wifi speed will be a little bit different but still better than what I currently have.

Oh hardwire will have no problem. You will easily be able to max 500/500 on your new router

 

[zandor]

Ended up ordering:

Mikrotik RB3011UIAS-RM RouterBOARD 10xGigabit Ethernet, USB 3.0, LCD, RB3011

TP-Link EAP610 | Omada Business WiFi 6 AX1800 Wireless Gigabit Access Point| Support Mesh, OFDMA, Seamless Roaming & MU-MIMO | SDN Integrated | Cloud Access & Omada App | PoE+ Powered | White

Will set them up in the next two weeks.

Sounds like my setup except I went with the Mikrotik RB5009. I wanted a 10Gb SFP+ port and a 2.5Gb port to connect to a modem in order to support internet speeds over 1Gb (1.2Gb advertised, but often 1.4... Comcast) so I went with the slightly more expensive new model. For 500Mbit an RB3011 or RB4011 is probably better since the RB5009 can only run RouterOS 7 and it is new and has some bugs. Don't upgrade to RouterOS 7. Just run the latest "long term stable" verstion of RouterOS 6. A MikroTik router is a whole lot more complicated than a consumer router and you don't want to deal with RouterOS 7 bugs and quirks while you are learning if you can avoid it. RB3011 is a good choice if you think you will be at <1Gbps for some time.

Another thing to bear in mind about an RB3011 (or RB4011) is they have two switch chips. Ports 1-5 and 6-10 are on different chips. Anything going between switch chips or to the SFP port (or SFP+ on the 4011) goes through the CPU. So basically you have two groups of 5 ports you can use without bothering the router's CPU and you'll want to group them based on what talks to what. The CPU can handle a few Gbps (with traffic going both ways) but the connections to the CPU are only 1Gbps each way on the RB3011 which is the real bottleneck. If you have internet and NAS on one switch chip and the computers on the other you will get a bottleneck if one computer is downloading from the Internet while another is downloading from the NAS. Any decent NAS will do 1Gbps + 500Mbps from the internet and oops you're at 1.5 on a 1Gb link so you get 1Gb total. Not a huge problem for home use but something to think about when plugging stuff in. If you have a busy network with a bunch of machines just get a switch with more ports. 1Gb switches are cheap.

As for the TP-Link, the pair of EAP610s I have are working well for me. I think going with TP-Link instead of MikroTik for WiFi is a good idea. MikroTik is way behind on WiFi. They don't even have ax/WiFi 6 stuff. At this point they might as well skip WiFi 6 entirely and go straight to 6E with 6GHz band support. You probably don't want to bother with a controller for just one AP. With two the main point to running a controller is so you can use fast roaming. It makes my devices switch APs a lot quicker. But if you only have one there is no switching. I actually don't have an AX device, but my laptop with AC wireless gets 650-700Mb/s when close enough to the AP, so you shouldn't have any trouble getting 500 over WiFi as long as you are close enough to the AP and have an AX or AC client. The TP-Link software controller should be easy to set up but the documentation at least for Linux is terrible. The controller is written in Java and can run on a lot of unsupported devices and Linux flavors. Macs are unsupported but could probably run it.

 

[LucasG]

You make really good points.

Would a switch with 10 gbps ports and a few 10 gbps interfaces alleviate for example if I were to be using the NAS plus internet at some point?

I went with EAP610s due to fast roaming actually, thought it was included. For now I do not think I will need another one in the house.