I am looking into overhauling the networking of our house. We have three parties, which currently share the same network, with more and more smart devices with autodiscovery I would like to split the current network into 3 separate once.
Goals:
Separate networks to stop cross party auto discovery
Good wifi reception on the whole property
Roaming capability everywhere
Current setup:
1 main Fritzbox used as router and modem for internet and telephone
3 flats each with a Fritzbox Router as wifi ap
Cat6e cabeling to every flat with only a few wired devices
All devices connected to the one wifi ssid for roaming purposes
Setup plan:
1 main fritzbox stays but only it works as modem for internet and telephone
Some OpenWrt box as router/gateway supplying 3 vlans one for each party
Some managed switch to spread the vlans via tagged/untagged ports to the individual flats
A couple routers as wifi6 aps, getting as much until we like their reception
Each ap provides 3 wifi ssids on both 5ghz and 2.4ghz with each wifi ssid linking to the corresponding vlan
Where needed still running the old fritzboxes for dect telephone coverage with everything else shut down
Hardware ideas:
Cudy X6 as Wifi6 ap, 2 already bought as testing devices. Maybe these 2 are already enough for the four levels in the house. Before I looked at Unifi U6 Lite/LR APs with OpenWrt, but the price seems not worth considering you can get 2 or 4 Cudy X6 for the same price
ZyXEL GS1900-24E or GS1900-24HPv2 (if poe is needed) as managed switch running OpenWrt and doubling as the router/gateway
Is the ZyXEL GS1900-24E powerful enough with only 1 core @ 500mhz to do basic vlan routing? If not what are some devices which could do the router/gateway and managed switch functionality? I still got a Rpi4 with 1G ram laying around if this could be running OpenWrt as an alternative
Is the plan with separate vlans the right way? I was inspired by the guest setup from OneMarcFiftys youtube video
While definetly open to buying new devices I would like to go for a reasonable priced setup for a couple of hundred euros buying in germany
While I am not totally new to networking in general this is my first bigger OpenWrt project
Thanks for your input but I worry it wouldnt work for me.
All flats were just one big one once and therefor all ethernet cables go into the mechanical room and need to be switched there.
I see, unless you're in some kind of cooperative, I'd still separate the three flats,
HW wise. You'd perhaps require three smaller switches, instead of one big, but
each flat/owner would then be in control (and responsible for) of its "own"
infrastructure, router excluded.
"Want to upgrade your flat to 2.5gbit, go ahead, there's no cost for the rest of us,
just replace your switch", kind of thinking.
No, it's not - it's a L2+ switch with (almost) no L3 features being offloaded, its routing performance is abysmal (under 15 MBit/s). It's still a switch, not a router.
How is your DECT situation in more detail? You 3 share one connection and also one phone number? Do you really need an “old fashioned” DECT phone in the forthcoming years or are the mobile phone plans sufficient enough?
I also found that video and ultimately the approach used there didn't work. I ended up with a mix of swconfig and DSA config that wasn't working. Just going for a simple vlan setup with a few bridge devices will probably work out fine.
You could of course add some cheap WiFi access points without bothering with additional vlan hardware. Just separate the physical ports on the openwrt router and put each port / bridge on a separate subnet.
@frollic we are all really really close and I as the only tech savy person have the full responsibility for all technology stuff. They wont upgrade unless I want to.
@D43m0n I personally dont have a landline but the other two flat have 2 separate numbers going into the fritzbox router, which it then spreads to the APs on each floor. And as much as I would like to shut them down, I got a big no when I proposed this.
I understand. So the GS-1900-24E would still need a router box. Is a Rpi4 sufficient for this or do I need extra hardware?
Without knowing the provider; I too have a land line number. My provider allows me to use my own equipment, so I replaced the ISP provided modem/router/AP with my own x86 box running OpenWRT. I've bought a (Siemens) Gigaset N300A-IP which allows me to add several DECT handsets and assign phone numbers to a specific handset. It's not required, but recommended to add a handset that can use this VoIP gateway to it's full capacity. This removes the need for two router/modem devices that might be cumbersome to configure/maintain just for two land line numbers.
In your case the other flat residents could each buy a similar VoIP gateway, I bought a used one for €25,-. I bought a used handset for €20,-. Maybe the other flat residents can even share a single VoIP gateway located in the mechanical room if the distance is not too far. This would make the network setup for Internet easier.
Without knowing the relation between the other flat residents; consider that one day someone may decide to move to another house in time. A new resident moves in and has a different opinion on how to arrange the internet and land line connectivity. Having a set up in place that makes all flats highly independent is something I would recommend.
We are all close relatives and if someone moves we have to anyhow change a lot so it wouldnt be a problem to also change the network. The flats are anyway interconnected is so many ways. Thats one reason why the roaming of wifi is so important.
I heard that OpenWrt has no good telephone support is your Voip setup running stable? The one Voip Gateway would be the current router with all non essential features turned off
The N300A-IP has shown to be very stable the past year. Provided that your VoIP provider is delivering a stable service off course, but I have no complaints about my provider (yet).
It's all up to you and your relatives off course in how you want to set things up, I gather that you all get along just fine so that's great. I know from experience that not all good things last forever in my case, so that's why I'm giving my 2 ct's on future situations. In my experience it's easier to discuss difficult situations that might/will occur in the future beforehand, than discussing "easy" situations that are sure to happen in a few weeks/months time when you don't get along (anymore).
Continuing on VoIP on OpenWRT; I haven't really looked into that since my router at that time (Netgear R7800) doesn't have RJ11 connectors. So either I needed a pure software solution with a VoIP-app on a smartphone or I needed a device that was built for that purpose. I chose the latter, mainly because I could buy the components used for a low price.
I wouldn't bother with DECT or SIP on OpenWRT. The AVM Fritz things are fine. I'd put one Fritz!Box right in the middle of the property and use two Fritz DECT repeaters. There's the Repeater 100 which is a repeater itself, and there's those old 7390 Fritz!Box devices that can be put in DECT repeater mode. Those repeaters don't need any wired connection, they do the DECT-repeater thing just via DECT.
I can tell from my folks' house. I guess you want to keep the "one common phone book for all those many many (2, in letters, two) DECT hand units" feature and run both, Fritz!Box and Fritz!Phone. Stick with it, doesn't get any better.
As for networking: You haven't said anything about bandwidth, have you?
What's your WAN uplink? GBit requires more power than 200MBit.
Do you expect heavy traffic cross vlans? Three separate homes which basically do netflix and the occasional 100GB online shooter update once a month are easily handled with home grade router hardware. Three working environments sharing a common NAS and are expected to upgrade to 10GBit wired links to require more costly router hardware. Please consider: If you split your network, all of your devices need to go "somewhere". Which means: Some devices that can currently just communicate at line speed need to potentially go through your routers CPU.
My bold suggestion would be: If you already have some of those Cudy devices, go by additional ones. One for each "dumb AP" place you have, plus an additional one for your core router. That gives you the opportunity to play around a little.
Best case scenario: Routing power is sufficient. Maybe keep it, or maybe level-up your router just for the fun.
Worst case scenario: Routing power is not sufficient. Upgrade your router.
In case you now have an unused Cudy: Keep it updated with the same OpenWRT version your APs are, reset settings and store it in your technical room. 40€ sound like a good thing to have a spare at hand.
I have a 250MBit/25MBit cable connection. My use case sounds pretty much the same as yours. It's three apartments in one house, all are my family, shared internet connection.
I run 4 Belkin RT3200 for dumb AP around the house because I got them for 50£ from amazon UK to germany.
I run a BananaPi M1 for the main router. Not that I recommend you to buy that hardware, it's from 2014 after all. Just to show you that not much compute power is actually needed if your routing requirements are within reason.
Thanks for the sanity check. That sounds like exactly what I had in mind.
Regarding bandwidth I am not expecting too much cross vlan traffic. We got a 1gig nay running currently and in a perfect world it would be accessible for everyone but as I am currently the only user it won’t be a tragic if I just put it in my vlan.
The rest would be tv/Netflix and downloads over a 100mbit down 40mbit up vdsl connection.
You got any recommendations for a capable 24port switch as I think I will use the rpi4 for the first implementation as router. Or is the Zylex 1900-24E sufficient? I though it’s attractive because it runs openWrt and I could get away with only 1 device in the mechanical room, but if it’s not I am open to other suggestions
I have no personal experience with that device, but should be perfectly fine for a switch. I run a DSG-1100 from D-Link, but as for the switching capabilities, both will be equally fine.
I'd advise against using the switch as router. Although the software should be "at least there" to do some basic routing, the switches CPU just isn't fit for that task. Stick with the RPi for the router.
