Home network setup

[Ajelvani]

I currently have comcast internet and use my own router and modem. In the future i plan on upgrading the entire home network and adding ethernet jacks to rooms in the house. I also am planning on soon upgrading the router. Heres what i have in mind: instead of having the router do the wireless and firewall stuff, would it be better to buy a separate firewall and to that firewall connect a wireless access point which are also known as extenders to give my house wifi. And then if i have wired devices, would i connect them to the firewalls and still have access to devices on wifi? How would this work?

 

[azazel1024]

Err, sort of. Ideally you'd use something with very robust firewall abilities, like an server running PFsense. However, for a typical home users, a wifi router that is fairly new from a reasonably reputable manufacturer is about as good as you'll get for firewall and routing duties.

For wired and wireless, just make sure they are all connected physically and wireless segregation is not turned on, on the wifi router/access point. Routers generally do firewall duties and all vaguely recent wifi routers that I am aware of have at least modest firewall capabilities outside of simple NAT. If you don't have enough ports on the wifi router, connect a switch to the wifi router and hook up all of the Ethernet ports through the house to the switch then.

How it works is they are all sharing the same network even if the physical method of access is different. In networking parlance, this means different Layer 1 for different devices on the network, but they are sharing the same Layer 4 IP network address range and no routing is required for them to access each other.

 

[dave_the_nerd]

Yeah, the general trend in small business / SOHO is towards all-in-one devices for routing/firewall/VoIP/etc.

They don't have to suck like your typical $50 home router/WAP, but plan on spending a couple hundred bucks for a device that actually does all of the above and does it well.

 

[Ajelvani]

Ok so heres what i have in mind: i would use this for my wireless access point: https://www.amazon.com/dp/B00O4UJHCO/ref=cm_sw_r_awd_liE5vb4559PZ6

Then, that would plug into this router: https://www.amazon.com/dp/B007B60SCG/ref=cm_sw_r_awd_ijE5vbM1EPF75
Does this router also act as a firewall? Or would i need a separate one.
And from what you guys are saying, if i have a device connected into this router, with ethernet, i should still be able to access it from my wireless access point correct?

 

[Ajelvani]

I would also have a switch plugged into the router

 

[dave_the_nerd]

That WAP is an router as well. You wouldn't need both.

Pretty much all routers now act as firewalls as well.

If you have two routers on your network and are connected to one of them, you may have difficulty talking to the other one unless some features of one are disabled. Google "double NAT" for more details.

 

[Ajelvani]

Im confused. I want to have a separate non wireless router and use a wireless acces point for wifi. R u sure the netgear wireless access point is a router? It only has a lan port and thats supposed to connect to a router.

 

[dave_the_nerd]

Im confused. I want to have a separate non wireless router and use a wireless acces point for wifi. R u sure the netgear wireless access point is a router? It only has a lan port and thats supposed to connect to a router.

You're right - I should read the manual instead of the user reviews. Some were misleading.

That would probably work, although there's no real reason to get separate devices like that. For the combined price, a Netgear Nighthawk or an ASUS RT-AC68U is probably an as-good-or-better deal.

 

[Ajelvani]

The reason id rather do it my way is becuase in the future you can hook up another access point and a dedicated router is more flexible

 

[dave_the_nerd]

The reason id rather do it my way is becuase in the future you can hook up another access point and a dedicated router is more flexible

You can always hook up an additional access point, regardless. Using multiple waps is kind of an art form in itself, and can require a wap controller if you want to go really nuts. Ubiquiti makes nice ones.

A normal integrated device isn't any less flexible than that tp-link box. If you really want flexibility in routing configurations, check out dd-wrt.

http://www.dd-wrt.com/site/index

Get one they list as compatible, preferably a high end one with a beefy CPU in it, install the new firmware and go to town.

 

[Ajelvani]

Well also i the future if i needed an upgrade, all that would be upgraded is the wireless access point and for the price of both the access point and router its 170$ while a router with built in wifi that matches the specs of the two devices would cost more than 200$

 

[JackMDS]

Unfortunately Networking is Not "Internal decoration".

Buying few "fancy" Plastic Boxes does not necessarily yields factional Network.

Using Wireless Routers (or Modem/Wireless Router) as a Switch with an Access Point - http://www.ezlan.net/router_AP.html

 

[Ajelvani]

Im confused once again. Im going to upgrade my router. Whats the benefit of buying a router and wap in one rather than buying a wired router and a separate wap?

 

[dave_the_nerd]

Im confused once again. Im going to upgrade my router. Whats the benefit of buying a router and wap in one rather than buying a wired router and a separate wap?

Simplicity, primarily.

There's nothing fundamentally wrong with getting separate devices, and as you mention, you can replace one without replacing the other.

Fliipside is, they'll probably both last a number of years, and you'll find reasons to replace them eventually anyway.

I'd also be suspicious of a router that seems "too inexpensive" or which is from a brand I've had bad experiences with. Like the TP-Link one you linked earlier - not only is $65 "cheap" for a router, but I've had nearly zero luck with TP-Link hardware. (Personal anecdotes - I realize they get decent reviews, and there are probably other reasons that their stuff didn't work for me as well as it should/could have.)

The primary deficiency of that router seems to be the CPU. Put simply, it's weaksauce. (single-core, 500-600MHz, 64MB of RAM.) Any kind of rapid, chatty network access with a lot of connections will clog the brain. (BitTorrent is very good at this.) For comparison's sake, the ~$200 ASUS RT-AC68U uses a dual core 800MHz CPU with 256MB of RAM, and has better wifi specs to boot.

It's not uncommon - typically, it doesn't cost manufacturers extra to load the fully featured high-end firmware on their low end hardware; they already wrote it. So they can offer a crapton of awesome features on paper, which will slow the router to a halt if they're enabled because of the slow CPUs.

Consider the "routing performance" sections of the smallnetbuilder reviews for the two:

http://www.smallnetbuilder.com/lanw...roadband-vpn-router-reviewed?showall=&start=2

http://www.smallnetbuilder.com/wire...etgear-r7000-a-asus-rt-ac68u?showall=&start=1

What it boils down to is if you want to get that kind of CPU grunt (and therefore "works well" and not just "barely works" support for all the nifty security and firewall features, QoS, etc.) in a standalone router, you can, but it'll cost basically just as much as the ones with wifi built in. If you really want to turn around and build a wifi network to end all wifi networks using Ubiquiti APs or something, you can always disable the wifi on the main router. When you consider all the goodies the high end routers bring to the table, you basically got the wifi for free anyways.

 

[sdifox]

Or use a computer/vm to run pfSense and turn that cheap router into an ap.

 

[dave_the_nerd]

Or use a computer/vm to run pfSense and turn that cheap router into an ap.

Also true.

 

[Ajelvani]

Ive already considered all this. I dont realy want to go through all that hassle and the computers i currently own that are not being used are old and would use too much power. What im thinking of doing is buying a wired router/firewall then using my current router which would be directly connected to that. This would also all be in the basement of my home. Then, after i run cat cables through the walls, on the top floor of my home i would have the wireless ap which would act as an extender. The reason im not using my wireless routers built in router is becuase im going to have a few servers running and this router just cant handle all the load.

 

[JackMDS]

The reason im not using my wireless routers built in router is because im going to have a few servers running and this router just cant handle all the load.

So if it is so important get a Soho Pro Appliance.

http://www.amazon.com/s/?ie=UTF8&ke...vptwo=&hvqmt=b&hvdev=c&ref=pd_sl_311lxympap_b

 

[Ajelvani]

Whats wrong with the tp link router i had linked earlier? Those router/firewalls you linked are out of budget for me.

 

[sdifox]

Ive already considered all this. I dont realy want to go through all that hassle and the computers i currently own that are not being used are old and would use too much power. What im thinking of doing is buying a wired router/firewall then using my current router which would be directly connected to that. This would also all be in the basement of my home. Then, after i run cat cables through the walls, on the top floor of my home i would have the wireless ap which would act as an extender. The reason im not using my wireless routers built in router is becuase im going to have a few servers running and this router just cant handle all the load.

Then definitely run pfsense in a vm on a host like hyperv

 

[sdifox]

Ive already considered all this. I dont realy want to go through all that hassle and the computers i currently own that are not being used are old and would use too much power. What im thinking of doing is buying a wired router/firewall then using my current router which would be directly connected to that. This would also all be in the basement of my home. Then, after i run cat cables through the walls, on the top floor of my home i would have the wireless ap which would act as an extender. The reason im not using my wireless routers built in router is becuase im going to have a few servers running and this router just cant handle all the load.

off lease pro hardware >>>>>>>>>>> consumer hardware.

I picked up a nortel 48 port gigabit poe switch for C$100 two years back.

https://www.cdw.ca/shop/products/Nortel-Ethernet-Routing-Switch-5520-48T-PWR-switch-48-ports/1074751.aspx

 

[Ajelvani]

Can someone tell me what the problem would be if i bought this router: https://www.amazon.com/dp/B007B60SCG/ref=cm_sw_r_awd_ONK5vb8ET3EVS

 

[sdifox]

Can someone tell me what the problem would be if i bought this router: https://www.amazon.com/dp/B007B60SCG/ref=cm_sw_r_awd_ONK5vb8ET3EVS

dave linked the benchmark for the tp link vs others. did you read it?

 

[dave_the_nerd]

Ive already considered all this. I dont realy want to go through all that hassle and the computers i currently own that are not being used are old and would use too much power. What im thinking of doing is buying a wired router/firewall then using my current router which would be directly connected to that. This would also all be in the basement of my home. Then, after i run cat cables through the walls, on the top floor of my home i would have the wireless ap which would act as an extender. The reason im not using my wireless routers built in router is becuase im going to have a few servers running and this router just cant handle all the load.

Google "Double NAT" and read until you understand why that's a terrible idea.

 

[dave_the_nerd]

Can someone tell me what the problem would be if i bought this router: https://www.amazon.com/dp/B007B60SCG/ref=cm_sw_r_awd_ONK5vb8ET3EVS

It will collapse under the weight of its own crappiness if you do bittorrent or try to enable any of the advanced filtering/firewall/QoS features, because they will need a lot more CPU oomph to work well than that router actually has.