Setting up a new network for a home

Ihaveworms

Ukfay Ancerkay
Joined
Jul 25, 2006
Messages
4,616
I am moving to a new home later this year and I plan to setup networking and surveillance in stages after I move in. I am a software developer by profession, but am definitely not well versed in networking. I am looking for something that has a nice easy to use user interface and based upon my research I thought this would be a good setup for what I need. I wanted to see if any of you all had any recommendations or suggestions.

First, some initial statements that influenced my decision on hardware
  • I plan to have cameras mounted outdoors at points at the front of the house and at the back of the house. I want to run one cat5e/6 cable to the front of the house, connect that to a switch and then connect cameras to that switch. The same will be done with a run to the back of the house, and cameras connected to that switch. This will eliminate the need for long runs from each camera to the primary switch in the basement. Switch will also be outdoors so it needs to be able to handle that environment.
  • ISP will be AT&T fiber 1gbps up/1gbps down.
  • Network hardware is located in basement. First and Second floor are around 1500 sqft each. Eventually basement will be finished adding another 1500 sqft. So total ~3000 sqft initial deployment and eventually 4500.
  • Each bedroom has two (2) cat5e RJ45 jacks. Additionally, the kitchen and living room also have a jack each. In total I am looking at 12 wall RJ45 jacks.
  • I’d like the hardware to be quiet. Some of the used ebay switch look like those old datacenter screaming tiny fan monsters.
  • Not really expensive.

Router
My thinking is to get a SFF PC or some other low power device that will run PFSense for routing.

Switches
The PFSense box will connect to a Switch 24 unit. This switch will then connect to the various room wall jacks. This switch will connect to 2 Switch Flex units with a POE injector between. Those flex switches are POE powered and one will be placed at the front of the house and the other at the back of the house. Cameras will then be connected to that switch and can be powered by the POE already going to the Flex units. Lastly, the Switch 24 will be connected to 1 to 3 yet to be determined UI access points with POE injectors in between. I know that will eventually put me at 3-5 POE injectors, but the POE++ capable switch from UI is quite expensive and I wanted to have POE++ to the Switch Flex units to make sure I have sufficient power for the power coming out of the switch. With POE++, there is 46 watts available for 3 cameras which should be enough.

Cameras
I am still researching cameras. I plan to go with POE powered IP cams as you can see from the switch selection and run Blue Iris as a NVR. I looked at the UI cameras, but I didn’t necessarily wanted to be locked into their ecosystem and cameras from other manufacturers seemed cheaper.

Some questions I have:
I have read multiple people suggest putting the IP cameras in a VLAN so that they are isolated and prevented from getting access to the internet. Instead, the NVR can reach the internet so that you can remotely monitor the cameras. Does this switch support VLAN? Also, can it be setup so any new devices I connect to the network are put in a default VLAN with certain rules? I have never worked with VLANs, so this is all new to me.

Does the PFSense box have anything to do with VLANs?

Do the UI Access points all support some sort of meshing so that as a person is walking through the house their device will jump to the best access point?
 
So one thing stands out very quickly as a bad point of failure--the poe switches at the front and back of the house. I know home runs are a pita, but if you're constructing new, nothing beats a nice home run, and it also keeps from having a single point of failure that can take out your security. If this is mainly just for watching and not really important if they get disconnected, then your setup will most definitely work, but those switches will be lucky if they make it 3 years before you have to replace them--gear just doesn't like the outside even when designed for it.

You could use a managed switch with vlans, but another route that's easier is to simply use a poe switch just for those cameras that connects to the nvr on its own physical lan. This way, there's an air gap between the cameras and the Internet. And the nvr can connect to your normal lan for monitoring. This way, you can stick with simple, reliable, and quiet unmanaged switches. Pfsense would be involved with vlans if you choose to go that route, adding to the complexity.

I would run 2x the number of runs you currently have planned as its trivial to do so right now. I'd also make sure you run rg6 quad shielded coax as that will be an easy road to 10Gb once moca standards get to that level. Multiple runs will be great for expansion as well as the inevitable port that dies 10 years down the road for no reason.
 
At this point the house is already fully Sheetrocked so I can't add any ports or additional runs unfortunately.

As for the PoE switches, one would be in a garage so it wouldn't be exposed to the elements. The other would be mounted underneath a covered deck area. So the most it will face is maybe some drops of water, temperature fluctuations, and humidity. It won't be directly exposed to rain or the sun.

I may be able to do dedicated runs for the ones in the back (the ones that would be powered by the switch under the deck).


I know dedicated runs from the cameras to the main switch is ideal, but it would be a lot easier for me to connect off of a already ran line and hook up the switch to that.

Coax is also ran to each room.

Thanks for your input I appreciate it.
 
Gotcha. Oh, so with those locations, the poe switches wouldn't be too bad. Still, the extra dust, humidity, and temperature flucutations, etc gets to them over time, so keep that in mind.

I think your setup will work for what you need then, especially if you let the poe switches provide power to the cameras so that inside all you need is a regular switch.
 
Back
Top