Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Pages: [1] 2 3 ... 10

Author Topic: 10 Gb, Dual-WAN, segmented home / home office Setup  (Read 8325 times)

CarlT

  • Kitizen
  • ****
  • Posts: 1697
  • Software Defined WAN deployment engineer
10 Gb, Dual-WAN, segmented home / home office Setup
« on: January 25, 2020, 12:52:48 AM »

Would you good people be bothered by what I've designed for the new place?

Offering the option as I know the odd person will be interested but not going to through a load of diagrams and junk at you all for no reason.

This was multi-tasking. I was upgrading my lab anyway to work on higher capacity customer networks so this worked well alongside.

There is nothing complicated in here - KISS, always.
Logged
WiFi: Nighthawk® AX12 RAX120
Routing: pfSense VM
Switching: Mikrotik 2* CRS305-1G-4S-IN, 1 * CRS309-1G-8S+; various cheap and cheerful TP-Link/Netgear
Exchange: Wakefield
ISP: BT Full Fibre 900. Zen Full Fibre 900.

burakkucat

  • Global Moderator
  • Senior Kitizen
  • *
  • Posts: 31086
  • Over the Rainbow Bridge
    • The ELRepo Project
Re: 10 Gb, Dual-WAN, segmented home / home office Setup
« Reply #1 on: January 25, 2020, 06:24:47 PM »

Yes, please. (Kittehs are always curious.)
Logged
:cat:  100% Linux and, previously, Unix. Co-founder of the ELRepo Project.

Please consider making a donation to support the running of this site.

CarlT

  • Kitizen
  • ****
  • Posts: 1697
  • Software Defined WAN deployment engineer
Re: 10 Gb, Dual-WAN, segmented home / home office Setup
« Reply #2 on: January 26, 2020, 12:51:15 PM »

Then here you are. Physical diagram only - logical one on request.

https://drive.google.com/open?id=1143N2M-oCpu1Fk89fHxc3_ex9B8OB14S

EDIT: I am aware that there are single points of failure on the left of the diagram. It's the living room and I can always install a wireless bridge in there connecting to the main AP if the kit proves problematic  :)

BTW the secondary router, a Mikrotik hEX, will be running VRRP with the pfSense box LAN interface. In case it loses reachability it will assume the box is down and will gratuitously ARP the LAN gateway alongside running a script to activate PPPoE sessions to the providers.

Once the pfSense takes over via VRRP again it downs its PPPoE sessions.

The VLAN arrangement means that the only time the wireless bridge will be used is in case of failure of one of the right-hand switches. The pfSense box keeling over cuts the WAN to whatever throughput the hEX can muster but there's still 2 Gb to that hEX and the 10G LAN remains.
« Last Edit: January 26, 2020, 01:16:01 PM by CarlT »
Logged
WiFi: Nighthawk® AX12 RAX120
Routing: pfSense VM
Switching: Mikrotik 2* CRS305-1G-4S-IN, 1 * CRS309-1G-8S+; various cheap and cheerful TP-Link/Netgear
Exchange: Wakefield
ISP: BT Full Fibre 900. Zen Full Fibre 900.

burakkucat

  • Global Moderator
  • Senior Kitizen
  • *
  • Posts: 31086
  • Over the Rainbow Bridge
    • The ELRepo Project
Re: 10 Gb, Dual-WAN, segmented home / home office Setup
« Reply #3 on: January 26, 2020, 04:38:33 PM »

Thank you.  :)

Something for me to consider when the brain is cooperating!
Logged
:cat:  100% Linux and, previously, Unix. Co-founder of the ELRepo Project.

Please consider making a donation to support the running of this site.

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 6334
Re: 10 Gb, Dual-WAN, segmented home / home office Setup
« Reply #4 on: January 26, 2020, 04:39:23 PM »

Nice to have this info, am glad you posted it. :)
Logged
AAISP - Billion 8800NL bridge & PFSense BOX running PFSense 2.4 - ECI Cab - LINE STATISTICS CLICK HERE

CarlT

  • Kitizen
  • ****
  • Posts: 1697
  • Software Defined WAN deployment engineer
Re: 10 Gb, Dual-WAN, segmented home / home office Setup
« Reply #5 on: January 26, 2020, 05:27:31 PM »

Logical incoming. Most of this had to be done anyway as part of other things so all good.
Logged
WiFi: Nighthawk® AX12 RAX120
Routing: pfSense VM
Switching: Mikrotik 2* CRS305-1G-4S-IN, 1 * CRS309-1G-8S+; various cheap and cheerful TP-Link/Netgear
Exchange: Wakefield
ISP: BT Full Fibre 900. Zen Full Fibre 900.

CarlT

  • Kitizen
  • ****
  • Posts: 1697
  • Software Defined WAN deployment engineer
Logged
WiFi: Nighthawk® AX12 RAX120
Routing: pfSense VM
Switching: Mikrotik 2* CRS305-1G-4S-IN, 1 * CRS309-1G-8S+; various cheap and cheerful TP-Link/Netgear
Exchange: Wakefield
ISP: BT Full Fibre 900. Zen Full Fibre 900.

sevenlayermuddle

  • Helpful
  • Addicted Kitizen
  • *
  • Posts: 5257
Re: 10 Gb, Dual-WAN, segmented home / home office Setup
« Reply #7 on: January 26, 2020, 07:39:48 PM »

Have you calculated a likely overall power/energy consumption, or set yourself any particular goals?
Logged

CarlT

  • Kitizen
  • ****
  • Posts: 1697
  • Software Defined WAN deployment engineer
Re: 10 Gb, Dual-WAN, segmented home / home office Setup
« Reply #8 on: January 26, 2020, 08:01:53 PM »

No. Our consumption is fully carbon offset and/or renewable anyway, alongside which I receive a tax credit due to being home based.

Each switch maxes out at 18 watts fully loaded. The server running various things consumes 200 watts. All in I reckon the VM host plus all the network kit will be in the region of 400 watts.
Logged
WiFi: Nighthawk® AX12 RAX120
Routing: pfSense VM
Switching: Mikrotik 2* CRS305-1G-4S-IN, 1 * CRS309-1G-8S+; various cheap and cheerful TP-Link/Netgear
Exchange: Wakefield
ISP: BT Full Fibre 900. Zen Full Fibre 900.

sevenlayermuddle

  • Helpful
  • Addicted Kitizen
  • *
  • Posts: 5257
Re: 10 Gb, Dual-WAN, segmented home / home office Setup
« Reply #9 on: January 26, 2020, 08:47:14 PM »

Worth noting there is, in my experience, substantial variation in consumption between functionally similar kit from different manufacturers.   I think some devices for example will sense idle network ports and shut them down, though - don’t know - there might be a tiny performance impact.

400W sounds a lot.  As a very rough rule of thumb, for apparatus that’s on 24/7, each watt is about Ł1 per year in supply costs, so might be roughly Ł400 per year.   400W may also be enough, in a summer heatwave, to add enough heat to make a room significantly more uncomfortable.

I’ve no particular interest in carbon footprints btw, not much of a believer in all that.  My only interest is that from an engineering perspective, low power & energy usage, imho adds to elegance of design. :)
Logged

CarlT

  • Kitizen
  • ****
  • Posts: 1697
  • Software Defined WAN deployment engineer
Re: 10 Gb, Dual-WAN, segmented home / home office Setup
« Reply #10 on: January 26, 2020, 09:15:17 PM »

All the 10G switches will be using SFP+ for all connectivity besides a single built-in gigabit port so if it's not in use it won't be active.

The 10GBase-T is between 3 different rooms - the ONTs, two of the switches, the backup router and one of the two wireless bridges will be in the cupboard under the stairs, just the two switches in the lounge, 10G and 8 x GE, all the rest in my home office.

I could simplify profoundly by removing all the resiliency but that's not the best idea given how critical connectivity is to the home.

Sorry to hear of your indifference to anthropogenic climate change but to each their own.
Logged
WiFi: Nighthawk® AX12 RAX120
Routing: pfSense VM
Switching: Mikrotik 2* CRS305-1G-4S-IN, 1 * CRS309-1G-8S+; various cheap and cheerful TP-Link/Netgear
Exchange: Wakefield
ISP: BT Full Fibre 900. Zen Full Fibre 900.

sevenlayermuddle

  • Helpful
  • Addicted Kitizen
  • *
  • Posts: 5257
Re: 10 Gb, Dual-WAN, segmented home / home office Setup
« Reply #11 on: January 26, 2020, 09:51:18 PM »

Sorry to hear of your indifference to anthropogenic climate change but to each their own.

That’s not what I said.    I am certainly sceptical about equations based on carbon footprints because I strongly believe that such equations can be, and are, manipulated for political convenience.  I am also sceptical over so-called renewable energy sources too, as I don’t believe they are always as environmentally friendly as they are cracked up to be.   Whereas if we can simply reduce energy consumption in the first place as a reasonable engineering objective, the environment wins as a side-effect, and these become relatively moot points.

Basically, if I were in your shoes, I’d simply be building a target annual energy usage into my requirements, alongside all the performance requirements.   Maybe you’ve already done so, apols for ruffling of feathers. :)
Logged

CarlT

  • Kitizen
  • ****
  • Posts: 1697
  • Software Defined WAN deployment engineer
Re: 10 Gb, Dual-WAN, segmented home / home office Setup
« Reply #12 on: January 26, 2020, 11:56:36 PM »

I would welcome suggestions on how to do it more efficiently without ballooning costs.

That isn't sarcasm. If there's something I've missed I would appreciate it.

Just FYI the 4 core switches will all be running STP so will be a loop free environment despite the multiple paths. The secondary router will be using SVIs rather than physical ports for everything so could bridge the two core switches in the unlikely event their DAC fails.

The only thing lacking resilience will be the living room. This could be trivially accomplished via another wireless bridge.

Power is an 'issue' however I have solutions for that, too.

The diagram is the end result of how the network will end up. Components will be added incrementally.

February - single 330 Mb connection - All Gigabit Ethernet. ONT <> Cupboard switch <> Office and Lounge switches <> Netgear R9000 with GigE uplink to Office switch. Cost - Zero, I have all the kit.
March - 2 of the 10G switches go in place, one replacing the single cupboard switch, another the office. 10GBase-T SFP+ x 3 - not enough ports available on single switch without extra SFP+, may as well get 10G as will need later and can run in GigE for now.
April - Single gigabit broadband connection. Server gets its 2 x SFP+ NIC. 3 x SFP+ DACs, pfSense installation, Netgear to Access Point mode only.
May - Second gigabit broadband connection. Second 10G switch under stairs. 1 x SFP+ DAC to cross-connect.

Whenever, it's not important: Complete resiliency, capacity upgrade to lounge. Install lounge 10G switch. 1 x 10GBase-T SFP+. Install 2 x 1000Base-T SFP+ into cupboard switches. Install hEX backup router. Install wireless bridges.

Install UPS in both office and under stairs - to connect kit under stairs and wireless AP / bridge / switches in office but not the server.

Once all of this is done I'm good for the foreseeable. At some point perhaps a second Ethernet run to each of lounge and office to allow for core switch resilience will be run, retiring the wireless bridge solution, but no rush to attack the walls. Hopefully by then a decent 10G router will be available that isn't a server and that can go under the stairs too - where it should be!
Logged
WiFi: Nighthawk® AX12 RAX120
Routing: pfSense VM
Switching: Mikrotik 2* CRS305-1G-4S-IN, 1 * CRS309-1G-8S+; various cheap and cheerful TP-Link/Netgear
Exchange: Wakefield
ISP: BT Full Fibre 900. Zen Full Fibre 900.

CarlT

  • Kitizen
  • ****
  • Posts: 1697
  • Software Defined WAN deployment engineer
Re: 10 Gb, Dual-WAN, segmented home / home office Setup
« Reply #13 on: January 28, 2020, 12:11:29 PM »

The paragraph at the bottom of my post is still something that's frustrating.

If there were a dedicated 2 port router that could route at line rate or something close to it I'd be content.

Don't need about 16 10Gb ports on the thing - port density is what switches are there to supply.
Logged
WiFi: Nighthawk® AX12 RAX120
Routing: pfSense VM
Switching: Mikrotik 2* CRS305-1G-4S-IN, 1 * CRS309-1G-8S+; various cheap and cheerful TP-Link/Netgear
Exchange: Wakefield
ISP: BT Full Fibre 900. Zen Full Fibre 900.

CarlT

  • Kitizen
  • ****
  • Posts: 1697
  • Software Defined WAN deployment engineer
Re: 10 Gb, Dual-WAN, segmented home / home office Setup
« Reply #14 on: January 29, 2020, 01:52:59 AM »

Excellent. Seems I got it about right. Should go into this stuff for a living: if I can manage a basic branch office HA network across 3 segments with very limited cabling there's hope for me yet.
Logged
WiFi: Nighthawk® AX12 RAX120
Routing: pfSense VM
Switching: Mikrotik 2* CRS305-1G-4S-IN, 1 * CRS309-1G-8S+; various cheap and cheerful TP-Link/Netgear
Exchange: Wakefield
ISP: BT Full Fibre 900. Zen Full Fibre 900.
Pages: [1] 2 3 ... 10