[Solved] Topology/wiring recommended for my home network

I come to you to see if you can advise me on the best way to connect the ISP router and openwrt router (which provides wireless access, DHCP, basic local DNS and in the future VPN) in my house establishing a reliable and robust network, with the minimum number of necessary equipment

Topologia Red actual.png1500×1000 53.5 KB

As shown, the house has:

• An entrance (Hall) where there is a small "communications cabinet" (to call it in some way because it is a kind of large electrical panel).
  All the cables arrive from the rooms, both the 1Gb ethernet network and the analogue telephone network.
  The fiber is connected to the ONT and this to the wan ethernet port of the ISP gateway, which also has analogue telephony output and built-in WIFI access point.

• The dining room (Main Saloon) where I have installed the NAS server.

• The master bedroom with ethernet connection.
  These two dependencies are near the entrance and they get the WIFI signal from the provider's gateway.

In the other part of the house there are three other rooms, all with 1 Gb ethernet connection running to the communications cabinet.
In room 1 I have another openWRT router installed with built-in switch and WIFI access point to cover that area of ​​the house.
That's where I have more equipment, two PCs, a printer ...
This room has a second 1 Gb ethernet socket connected to the communications cabinet.

The problem I have is that, on the one hand, the Wi-Fi signal from the provider's gateway that is inside the communications cabinet does not have great signal, as it is inside the cabinet.
Also I can not see or easily access the equipment, and every time the operator asks me to indicate the state of some light or restart it I have to open the lid and it is very uncomfortable.

Finally, to the cabinet also arrive and distribute the TV cable to the rest of the house, so it a real mess of cables very difficult to maintain in conditions.
Let's see what you advise me.

I am not very sure what your question exactly is.

I mean as for the minimum number of equipment, it doesn't look like there is much to play with, as obviously you need to keep the ISP gateway for the phone support, and you say that you need additional WiFi coverage, which you are trying to achieve with the OpenWrt router. In the absence of info about the house plan, only you can be the judge of the best place to install such router.

As for the info that ISP requires when you call them to diagnose problems, that will have to be via their device, I imagine.

So, again, what is your question? And why don't you just take the ISP gateway or if the cabinet?

It's best not to use those carrier provided all in one units, though you may have to here if you're using their phone service through it. At least turn off the wifi (which isn't doing much good from inside a metal box anyway) and use your own APs.

If you were to put a managed switch inside the hallway box you can run VLANs on the cables to a room and have multiple functions, such as WAN going out (to your router in a more convenient location) and LAN going back for distribution to other rooms.

It is not a metal box, it is plastic (it is just an electrical connection box that happens to receive the comm wire too).

Your comments are very reasonable.
But here in Spain you cannot almost talk with tech people at the carrier. They are all commercials.
Only when you have an incident and the first level is not able to solve it the put you in contact with the tech people.

It is almost imposible to know in advance what the carrier is going to install (you just know it is going to be FFTH and its speed, and have telephony).
Many of them don't give you access to the gateway, except for the most basic tasks as port forwarding wifi config and dhcp config.
My current carrier is one of them. That is why I need another router with openwrt in order to have more freedom. It does not provide you with the ONT ID or the VoIP parameters in order to be able to change the router.

I have tried to make a L2TP tunnel using my NAS (which supports it) in order to access my home network from outside. I have PPTP working but it is not all that secure.
I needed to forward TCP 1701 port for L2TP and UDP 4500 and UDP 500 for IPSEC.

I could not. My ISP is using UDP 500 for its own purposes (I suppose that they are using IPSEC to access the router in the wan interface to manage it, they have not took the time to change the port for a not used one).
So I am migrating the ISP.

It seems the ISPs I am looking let you much more freedom, and people even changes the router.

But most of ISPs are now integrating the ONT in the router too with a fibre modem.
It is more compact which is great when you have the router over a desk.

I have thought of a managed switch in the cabinet.

But I think I have another functional ethernet wire in the room 1, so I could stablished a connection with the ONT.

It would make the comm cabinet less crowded and let me get physical access to the ISP gateway.

Here is the shcema:

Topologia Red Propuesta 1.png1500×1000 54.5 KB

In the cabinet there would be the ONT and a small unmanaged Gigabit switch that I already have, that consumes little, occupies little and does not heat up.
The ONT would connect it to the WAN port of the internet provider's gateway that would be moved to room 1, and one of the LAN ports would connect it to the (unmanaged) switch in the communications cabinet.

The openWRT router in that room would move it to the living room to give wifi coverage to the area in front of the house and provide other services.

I see two problems:

• Currently some operators like O2 no longer use the ONT, but they incorporate it directly into the router to which the fiber is connected in the WAN port.
  Obviously this in my case this would not work. The solutions I see are:

1. wiring the fiber to room 1 ( I don't like it, I do not know if it will be easy)

2. putting another ethernet converter to fiber in the room which converts the ethernet signal from the ONT back to fiber (it seems a bit odd but I suppose it would work).

• On the other hand, I do not know if connecting the phone output of the router to the phone jack of room 1 will work in order to have phone signal in all rooms.
  But I imagine that that will be easy to modify, since after all all the telephone wires are joined together.

It seems that the best solution would be to lay fiber wire from the cabinet to room 1, thus I can install the ISP router there, if it incorporates the fiber modem.

I have asked network installer for the price.

The option of installing a managed switch and make 2 vlans in the same ethernet wire would be an alternative, but I have to buy the managed switch and if the ISP does not provide a ONT it won´t be possible.
At the end it would be at least the same cost than laying fibre, I will see how much does it cost.

Topologia Red Propuesta 2.png1500×1000 59.3 KB

IMHO, the two alternatives that you propose create more problems than they solve... from your first post, the issues with the original configuration are:

1. The problem I have is that, on the one hand, the Wi-Fi signal from the provider's gateway that is inside the communications cabinet does not have great signal, as it is inside the cabinet.
2. Also I can not see or easily access the equipment, and every time the operator asks me to indicate the state of some light or restart it I have to open the lid and it is very uncomfortable.
3. Finally, to the cabinet also arrive and distribute the TV cable to the rest of the house, so it a real mess of cables very difficult to maintain in conditions.

My two cents:

1. In general, I would advice against using the ISP's router except for the most basic tasks; if possible, I would (in fact, I did) even replace it with your own router. You can search for one with detachable antennas and place them outside the cabinet, or you can place a dumb AP just somewhere else.

2. If you need to check the lights that often (and more than once a year is too much, in my experience), you should consider moving to a different ISP.

3. Yes, a rat's nest is ugly, but how often do your really need to access the cabinet, again? And changing a router with a managed switch is not going to save much space inside the cabinet...

I would try to improve the current topology, not try to change it radically.

Probably I have note explained well what the cabinet is.
It is just a small electrical connection box embedded in the wall, made of plastic with an opaque cover.
It has small depth, and if the router has 3 antennas it does simply not fit in there.
In vodafone you cannot change the router they provide, as they do not provide connection settings,you cannot detach the antenna and if you want to chain it to your own router there is no room for another gadget in there.

My ISP router cannot be rebooted via web interface (well the router probably yes, but the user interface that the ISP provides does not). So any time I need to reset it, I have to unscrew the cover, push the on/off buttom and then fight with all the cable to be able to close the cover again.

If I take the fibre to the room 1 were I have computers, printers, etc, there would be much more room.
It will let me use the ISP router or connect it to another router if I want briging it through the wan port.
But if it works well enough I will prefer to keep it and use another router with openwrt in the dinning and tv room, and have a better wifi access in all the house.

The switch in the cabinet is not going to be a managed one, but unmanaged, It is quite small with 5 ports, and it has no antenna.

When I had ADLS I have it installed like this las option, as I have a phone cord in the room 1.

Finally I have opted for the 3 option.
I have wired fibre to the room 1, put there the ISP router, and the openWRT router at saloon, with a 5 port 1 Gbit/s unmanaged switch in the "comm cabinet".

Everything works OK now, and the com cabinet is less clogged.
I can see the ISP router lights and reset it easily.

It cost me like 85€ but it pays the much mor versatile config.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.