22 April 2021 – Network Update!
My first home network consisted of a cable modem and a Netgear Wi-Fi “router.” It was the early 2000’s and it was precisely what I needed at the time. As time went on and my wife and I acquired more and more internet-capable devices, the network necessarily became more and more robust. I added Wi-Fi access points and eventually started adding Unifi gear.
After moving into our latest home, I quickly discovered that radio wave propagation in the house was abysmal. Each room felt like a Faraday cage and reception in some rooms was simply non-existent. The house is not wired for ethernet and, as we’re renting, running cable isn’t an option. Since each room has coax, I settled on installing several MoCA adapters and we now have wireless connectivity that is more limited by the quality of the access points than the bandwidth demand.
I still have a “flat” network, largely because I’ve been on a navy deployment for the past six months. My wife does not share my enthusiasm for IT and I didn’t want to put her in the position of having to restart various machines and check settings when I wasn’t there. The time has been well spent, though, reading documentation and studying how to set up OPNSense and other network tools.
I admit, it is tempting to simply buy every gadget and have a mini-Christmas Morning as the boxes arrive and installing everything in one fell swoop. This would be a horrible mistake, though. Swooping is bad. Sometimes it can’t be avoided, but I intend to upgrade with as little downtime as possible; the family will put up with it for a bit, but extended outages that interfere with work and/or Ru Paul’s Drag Race are unacceptable. I see no reason to not do this in stages, ensuring that each stage is fully functional before moving on to the next one.
Stage One: Install Pi-Hole. I know virtualizing these things is the new hotness, but I honestly prefer discrete hardware for essential functions. It also helps that I have a few Raspberry Pi 3’s lying around my office doing nothing! I’ll start with one and wait until I’m happy with the lists and configuration before copying to another as a secondary. Eventually I may go to four for fail-over purposes, but getting the functionality right the first time is key.
Stage Two: Motorola cable modem and OPNsense. Cox provides their “Panoramic” box but it is an incredible pain and I wish to be rid of it post-haste. Enter the Motorola MB8611. Since the Panoramic box is also the router, I’ll be adding a Protectli box running OPNsense (again, not spinning a VM for this). I have neither the time nor the interest in dealing with the drama between pfSense and OPNsense; I went with the latter because of its support for the Wireguard VPN protocol. While some seem to prefer something beefier than a Protectli box, I’ve also read that it’s well suited to the job. If needed, I’ll shop for a Dell R210 II or maybe build a whitebox 1U or 2U box.
Stage Three: TP-Link Omada. I’ve liked Ubiquiti’s Unifi line for a long time and have a rock-solid 8-port switch and AC-PRO WAP along with a less-than-reliable AC-Lite, cloud controller key, and camera. However, for a number of reasons, I’m dropping Unifi entirely and switching over to TP-Link’s new Omada SDN platform. Starting with the OC-200 controller, I’ll replace my existing WAPs with two EAP-245 WAPs. After getting those up and running, I’ll evaluate the coverage in my RF-absorbing house. Since I also have MoCA, I’ll add a TL-SG2008P to each MoCA adapter.
Stage Four: Juniper EX3300. This will replace my Unifi 8-port switch and help me learn JunOS. I found one on eBay for a reasonable price while deployed. Normally I would’ve passed, what with being on the opposite side of the world and all, but it was a personally-relatable charity auction so I pulled the trigger.
Stage Five: VLANs. Like I said, my current network is flat. My current equipment doesn’t really do VLANs well (if at all) and I haven’t needed them until now. This is a project that deserves its own post, though, since I’ll be learning and posting screenshots of the journey.