Home Network

Keywords: #network #raspberry pi #pfSense

A rambling description of the home network setup of a controlling nerd.

Products that I’m using are linked at the bottom of the article.

A Little History

Long ago I ran the venerable WRT54G with custom firmware. It really was a solid device. But Wifi evolved, broadband speeds increased, and life moved on.

Then I moved on to hacking new consumer gear. Another Linksys model that I ended up having to build a custom OpenWRT kernel for and struggled to maintain. A Netgear router, some TP-Link gear. But all had the same problems: the advertised “gigabit” NICs were never able to perform since so much was packed in a driver driven by weak SoCs. Radios faded over time. Built in or custom software was flakey at best and needed to be turned off and on again more frequently over time. And the things struggled as the number of wireless devices kept growing. Smart TVs, kids increasing devices, home automation gear, etc.

I take it a little personally every time my family complains it’s not working. I work on systems too much at work to even want to mess with it much at home unless it’s something creative.

I’d Had Enough

It was 2017. I gave up on the frustrating consumer experience. I didn’t want a totally DIY firmware. I wanted something solid, and stable, and with probably excess horsepower to not have to deal with it. But I don’t have the money to go full “enterprise” grade on everything. So this is what I originally landed on:

  1. An Arris SB6183 Cable Modem
  2. A small fanless Celeron machine with real Intel NICs running pfSense
  3. A managed midgrade Netgear 8 port Switch
  4. An Ubiquiti Unifi AP-AC-Pro.
  5. A Raspberry Pi 2B running the stupid Unifi controller software

This ran very well until last year when:

  1. The Unifi AP decided to go incommunicado. It ran, but couldn’t be managed by their management console or SSH.
  2. The Chinese PC bit the dust

The first problem wasn’t the worst. It just kept me from doing firmware upgrades, but eventually the frequencies it was running at got crowded as neighbors changed their gear and came and went and noise became an issue.

Take 3

So looking at the market again, it was actually less expensive for me to get a real NetGate SG-2100. No hackiness, no Chinese BIOS, and I have a thing for non-Intel CPUs. The ARM Cortex-A53 is pretty nifty. Exposed to the internet, it makes me feel a little better to have that FreeBSD/non-x86 combo. If there is a buffer-overflow type 0-day, it would not be an immediate target with Linux/Intel coming much sooner.

Looking at APs, unfortunately there isn’t something more appealing to me than going back to the UniFi. I wanted something without a “Cloud” Controller, but alas. All competitors have the same feature set and frankly are clones. Yeah, Ubiquiti has a pretty terrible security track record. I’d never run their routers or “security gateways” or whatever and expose them to the internet.

I did the tftpd/reflash dance with the original AP-AC-Pro and added the second. It’ll cover the house better having 2, reduce the number of devices per AP, and give me some redundancy if one goes nuts.

I tacked on a old SATA SSD to the Raspberry Pi and started running InfluxDB and Grafana for monitoring. The NetGate appliance feeds it metrics, and I’ve added the rest of my Pis to it as well (A 1B, Zero, and 3).

Cabling Insanity.

My Cable modem is in one room where the coax originally first dropped into the house. But my office moved into a spare bedroom with COVID, so my router, switch, laptop, and little Pis live there. So Cat5e running all over my attic between the rooms and my APs.

I rarely actually plug anything into the switch anymore.

It’s time to move it into the Attic

So I bought a nice new 10" 12-port patch panel and a 10" rack to house everything.

The bad news. Just got the rack and it’s more like 11" than 10". The patch panel will not mount as-is.

I’ll be breaking out the 3D printer to make a lot of brackets and widgets to make this work like I would like it to.

I’ll also link here my budget 3D printer that I really like. I am definitely not a 3D printing expert, though.

It does get hot here, but my attic is very tall. Like >10 ft in the center. So I think I can keep everything under 70°C (158°F), which is the ceiling for the gear. We get a few days up over 100°F a year but I am a little paranoid about high ambient temps plus heat within the box.

I picked up an Si7021 Temperature and Humidity sensor put together by Adafruit. I’m planning on hooking that up to one of the Pis and pushing metrics from it to InfluxDB. I’m thinking I’ll try to write that in Go vs my normal Python for these things. I’ve really been enjoying Go a lot more lately. I’ll try to share the code on my GitHub if I remember to get around to it.

Final State

My final planned state is to have a nice, stable, well-monitored setup that isn’t a rats nest of wires. It’s the way a like it. A little hacky, a little overengineered, and something I don’t have to mess with until it falls apart.

Product links are done through the Amazon Affiliate Program: I’m not making bank here, just trying to get a little. I’m not compensated to recommend anything in particular, but will reference the products I’m using good, and adequate.