Router advice on 10G LAN + fiber Internet w/ static IP

Zinn

2[H]4U
Joined
Jan 31, 2010
Messages
3,421
I'm upgrading to gigabit fiber (from cable) and looking to upgrade my home LAN to 10 gigabit in the process. The ISP told me to choose whatever router I want, but there's one wrinkle: I'm running a web server, and any router I buy would need to support assigning a dedicated IP address to one of the machines.

Would it make sense for me to buy a 1 gigabit router for the ISP service and then connect a 10G capable switch for my internal LAN stuff? Or more sense to buy a 10G capable router and wire everything to it?

Thanks in advance for any advice - I have zero experience with anything above Cat 5 speeds, so I appreciate any ideas!
 
Would it make sense for me to buy a 1 gigabit router for the ISP service and then connect a 10G capable switch for my internal LAN stuff?

This is your solution. There are a great number of routers that can handle routing / firewalling / DHCP with reservation / port forwarding / etc. at 1Gbps. I'll link two from Ubiquiti:

The ER-X-SFP is the cheap one. You'll likely want to uplink to a 10Gbps switch for LAN on one of the switch ports and then run the web server on another so that you can isolate it as much as possible.

The ER-4 is faster and more flexible if you need to run more services like QoS and packet inspection at full speed.

As for 10Gbit, that's another discussion, but these two pieces aren't really related. Mostly, it won't come cheap.
 
As an Amazon Associate, HardForum may earn from qualifying purchases.
  • Like
Reactions: Zinn
like this
Not sure what your budget is, but i'd probably do the following if this were my home setup and If i REALLY wanted 10GB to devices.

==fiber==>ISP's GPON ==1g-ethernet==> Ubiquiti USG or Ubiquiti ERL ==1gb-ethernet==> Unifi 16 XG Using UF-RJ4510G ==10gb-ethernet==> Devices

If you purchased enough gbics for all 12 ports, this setup would roughly cost you $1,500. It comes with 4 x 10GB ethernet ports, so this could be a lot cheaper if you don't need too many uplinks at 10GB ethernet.

I would go with the USG only if you want to manage both the switch and firewall from the same interface. The ERL or ERX does more throughput I believe, but you would manage from CLI or a different URL.
 
  • Like
Reactions: Zinn
like this
==fiber==>ISP's GPON ==1g-ethernet==> Ubiquiti USG or Ubiquiti ERL ==1gb-ethernet==> Unifi 16 XG Using UF-RJ4510G ==10gb-ethernet==> Devices

So... I planned on 1Gbit, but I can only get the asymmetrical stuff with 35Mbit up and decided not to bother for the moment.

Current chain: Modem --> ER-4 --> HP 8-port 10Gbase-T switch (has two shared SFP+) --> gaming desktop and server each on 10Gbase-T using Aquantia NICs
--> 48-port datacenter pull switch with 4x SFP+, linked over a pair of DACs --> everything else including WiFi AP

Don't really ever expect to need 48 ports, but I paid <US$150 shipped for the switch, and it's quiet enough with fans swapped for Noctuas. The dual SFP+ trunk is more because I ordered the DACs custom from Fiberstore, got two for a backup, then wondered if I could get a trunk going- and decided to leave it.
 
This is your solution. There are a great number of routers that can handle routing / firewalling / DHCP with reservation / port forwarding / etc. at 1Gbps. I'll link two from Ubiquiti:

The ER-X-SFP is the cheap one. You'll likely want to uplink to a 10Gbps switch for LAN on one of the switch ports and then run the web server on another so that you can isolate it as much as possible.

The ER-4 is faster and more flexible if you need to run more services like QoS and packet inspection at full speed.

As for 10Gbit, that's another discussion, but these two pieces aren't really related. Mostly, it won't come cheap.

Is the ER-X-SFP an upgraded CPU model from the ER-X? Cause the regular EdgeRouter-X cannot handle gigabit speeds well at all.


As for assigning static LAN IP to a server, thats easy and just about any router can do that. Simply assign a MAC address to always have a specific IP and set it up for your server. EdgeRouters and PFSense and the like will let you get into the more advanced stuff of setting up port forwarding for your server and all that, but again most routers should let you do this. An advantage of these nicer routers though would be that you could put your server on a different subnet or even just a vlan to make sure all traffic to and from the server is completely segregated from the rest of your network.
 
As an Amazon Associate, HardForum may earn from qualifying purchases.
So... I planned on 1Gbit, but I can only get the asymmetrical stuff with 35Mbit up and decided not to bother for the moment.

Current chain: Modem --> ER-4 --> HP 8-port 10Gbase-T switch (has two shared SFP+) --> gaming desktop and server each on 10Gbase-T using Aquantia NICs
--> 48-port datacenter pull switch with 4x SFP+, linked over a pair of DACs --> everything else including WiFi AP

Don't really ever expect to need 48 ports, but I paid <US$150 shipped for the switch, and it's quiet enough with fans swapped for Noctuas. The dual SFP+ trunk is more because I ordered the DACs custom from Fiberstore, got two for a backup, then wondered if I could get a trunk going- and decided to leave it.
That's a pretty cool setup you have going. I'm pretty close to pulling the trigger on the Ubiquiti USG and Unifi 16 XG switch, just debating whether to buy one of those Cloud Key devices or run the management software on one of my VM machines.
 
I understand that 10GB switches are expensive. But what about 2.5/5GB switches. I don’t understand how it’s Impossible to get a decent prices one.
 
That's a pretty cool setup you have going. I'm pretty close to pulling the trigger on the Ubiquiti USG and Unifi 16 XG switch, just debating whether to buy one of those Cloud Key devices or run the management software on one of my VM machines.
Try on a VM first. The controller software doesn't need to be running all the time. Only when you need to make configuration changes or see graphs, etc. The switches, APs, etc work without it. I personally leave mine running all the time.
 
Is the ER-X-SFP an upgraded CPU model from the ER-X?
No.

Cause the regular EdgeRouter-X cannot handle gigabit speeds well at all.
More details, please. I'm not analyzing traffic, but mine seems happy enough.

GbETest.PNG
 
I understand that 10GB switches are expensive. But what about 2.5/5GB switches. I don’t understand how it’s Impossible to get a decent prices one.

Limited marketshare, limited market... the chicken and the egg. Mostly the only products targeting >1Gbps are for SOHO and enthusiasts, not consumers, which matches actual demand, but limits scaling and associated efficiencies.
 
For most people it's more economical to just do 10gb point to point links between 2 hosts like your desktop and a file server. You just need a 10gb nic in each machine, no 10gb switch.
 
For most people it's more economical to just do 10gb point to point links between 2 hosts like your desktop and a file server. You just need a 10gb nic in each machine, no 10gb switch.

If the two machines are connected to a switch for internet and access to other computers in the house. Does windows automatically know when to use the 10GB Nic over the gigabit one connected to the LAN
 
If the two machines are connected to a switch for internet and access to other computers in the house. Does windows automatically know when to use the 10GB Nic over the gigabit one connected to the LAN

The 1gb connected to your switch will still be the default route, access to the other 10gb machine is not automatic by name, but by IP yes. The two point to point connections will be in their own subnet

You can edit your hosts file to direct the name of the other PC to the IP on the dedicated link.

So everything else works normally over your switch/router, if you access the PC on the 10gb link it uses that instead
 
Why are you assigning a public IP to the server itself? You should have the IP bound at the edge device, and forward the specific ports to the server itself. This is all possible with PFsense, since I'm running multiple servers at home, and none of them have a public IP assigned. That is a very bad security practice. You can also configure the DNS forwarder to hand out the private IP of that server to all internal devices trying to look up by host name/URL.
 
Back
Top