Sunday, May 3, 2015

a Home Network Revival Story

Our home network was basically planned and created shortly after we purchased our current home in the Summer of 1995.  It was essentially a transplanted version of the network we had in the rental townhouse we lived in for a number of years before we bit the bullet and opted to make the transition from renter to home owner.

If you had seen our network in the old place you might have been rather well-impressed largely due to the number and diversity of servers that were piled around the basement of the townhouse.  Back then I was still able-bodied and working, and so I needed those servers to perform various tasks.

Today I couldn't justify the electricity bill from running a dozen high-powered servers, and even if I did need them, modern hardware pretty much shrinks those 11 physical servers down to two (2) boxes thanks to server visualization.

The important thing for you to take away from this story is that our network was planned and built around 1995/1997.  Naturally that means that its infrastructure dated to that era. 

Home Network 1.0
When we first built the home network in 1995 it was an industry-standard 10bT network.

The backbone was a pair of dumb 10bT Hubs connected together to serve the upstairs and downstairs as zones.  Hanging off of the hubs were the client systems - a collection of desktop PCs and a few odd ducks like our NeXT Station, a few Sun Sparc workstations upstairs, and eleven servers with a few Linux-based workstations downstairs.

The servers were pretty basic for the most part...  A primary DNS server (our secondary DNS was served from a mate's network, with us serving as THEIR secondary DNS.  We also ran a Mail Server with SMTP and POP, a Log Sever, and a web server.  

That accounts for four of the eleven.  The remaining seven systems were high-end, high-powered and were basically hooked together to form a crude homemade cluster for running a program called "Crack" that we used to decrypt password files.  That was part of the services that we offered as Cape & Islands NetSecurity Engineering, the consulting company we ran until I was crippled in an industrial accident.

So yeah, no joke, our basement looked like the bridge of the Starship Enterprise back in the day...  But today?  Not so much...

Home Network 2.0
I lost the ability to walk in 2001, and as a result our consulting company went away around then as you cannot function in the NetSec industry without a pair of fully functioning legs.

A consequence of this was our network slowly aging out, with its many bits and pieces eventually breaking and being replaced.

At some point around 2004 the physical network - the hubs - turned flaky and so decisions had to be made.  In the end, the turtle-slow speeds of 10bT were the proverbial straw that broke the camel's back...  Sure we could have simply bought a used 10bT hub and replaced the failing one with it, but the writing was on the wall - so we went in a different direction.

The two hubs were replaced with 100bT managed switches from 3Com that were picked up used at the MIT Flea, and the entire cable forest was torn out and thrown away, since it was pretty much all what would be considered low-grade CAT5 cable anyway.

Yvonne went out and bought me 1,000 feet of CAT5E cable in a box, a large bag of cable ends, and the tools required for making cable, and I proceeded to custom make all of the cables we required, being sure that they were fully compatible with 100bT spec.

It was around then that we retired our old (original) Internet connection as well.  That previously was a matched pair of ISDN lines that both plugged into a special router that combined the two lines into a single connection that delivered a massive 512K connection to the 'net!

No...  Seriously.  And let me tell you that 512K connection was way faster than anything our friends had at the time!

In place of the pair of ISDN lines we obtained a single DSL connection - which offered us a much faster (and easier to manage) that delivered an upload speed of around 768Kbit/ps and a download speed of very near 3Mbit/ps.

That was when we shut down the server cluster as well as the base services since we (a) no longer needed to provide our own DNS/Mail and Web, and (b) did not want to pay for the 16 IP address block via the Small Business Services because it was wicked expensive and it is one thing when you know, you have a business that can pay for it and then you don't.

From mid-2004 until last month that was the network we had, and with the exception of a few minor issues that required hardware replacement, that was the network environment we used.

History repeated itself, as the hardware that made up our network slowly aged out. 

When you reach the point where the WiFi router/switch you "added" tp your network in order to support wireless devices could overwhelm your entire network and its available bandwidth, you gotta know some things needed fixing!

Just the Facts, Ma'am!
Before we get to the gritty details about the new network - or what we logically think of as Home Network 3.0 - there are a few issues that we really want to address first.  

Mostly because we happen to know that more than a few of our regular readers are in the process of thinking through their own network improvements.  One thing we do not want to end up doing is causing you - any of you - to make a bad decision in planning out your network.

So with that in mind, please take notes as we describe for you the BARE MINIMUM resources and kit that should go in to ANY Home Network you are contemplating.

Bear in mind that what we are about to share with you is not just the bare minimum network kit and structure for YOU, it also happens to be the one we held ourselves to...

IF you are contemplating the creation of a Home Network - or even a Small Business Network - it should include the following kit and capabilities - in the form of a logical shopping list (with notes) that again, represents the bare minimum.  More - and better - is better!

The Basic Shopping List

The following kit should be on your shopping list - should be part of your network design - and really REALLY should be implemented on your network if, you know, you are planning on the deployment of a new network (or refurbishing an old one).
  1. Broadband Modem / Switch (provided by your Internet Service Provider aka ISP)
  2. Firewall Router (it can double as a WiFi Router -- See 'Note A' below)
  3. Managed Gigabyte Ethernet Switch (Actually two - See 'Note B' below)
  4. Network Accessible Storage Device -- NAS (See 'Note C' below)
  5. A Network Connectible Printer
Note A: A firewall router can actually serve several functions on your network if you like, but we prefer it NOT to.  The more jobs you give it, the more likely it will end up in a misconfiguration or outright compromised.

The model(s) we recommend differ based on your technical needs...  Here are some examples though to get you started and get you thinking...

If you need a VPN connection: Netgear ProSAFE 8 port Gigabit VPN Firewall
If you want WiFi combined with your firewall: AC1750 Smart WiFi Router
If you want NAS combined with your firewall: Netgear Centria WNDR4700

Remember the old saying: Just because you CAN does not mean you SHOULD.  Just saying...

Note B: You can easily and cheaply pick up last gen managed or partly managed switches for cheap on eBay these days.  

Ideally what you want to do is have two switches, one for each end of the network.  Meaning one wherever your Internet Connection comes into the house, and then the second that you connect to the first with just one cable to serve the part of the house with the most devices near at hand.

The following are common - and good - choices:
  • Dell PowerConnect 2324 Gigabit 24-Port Fast Ethernet Switch
  • Linkskey 9-port 10/100/1000 Mbps Gigabit Ethernet 
  • Netgear ProSafe 24 Port 1000Mbps Gigabit Ethernet Switch
Note C: NAS devices are a great idea and alternative to re purposing an old PC as there is a lot less to go wrong with them, a lot less hassle, and they are easier to maintain and upgrade.  That said, the following are pretty good choices for a home network environment:
  • D-Link DNS-213 Network / USB NAS device
  • Seagate STCR4000101 Personal Cloud 4TB NAS
 Those are two suggestions - in the world of NAS and/or USB based network storage there is literally a sea of different devices - which you choose will more likely be down to how much you have to spend than any other factor.


Conclusions
In an ideal world you choose a firewall router that JUST serves as your firewall router.  You put that between your broadband modem/router and your network.  You pick a WiFi Router that is just a WiFi Router, an NAS that is just an NAS and so on.  You do that because it is a lot safer to do it that way.

But you also do that because you can AFFORD to do that!  If you cannot afford to build a home network without some devices doubling - or even tripling - their duty, then so be it.

Of course you don't have to buy and build the whole enchilada in one go mates.  You could just do the minimum and then budget in the extras over time.  That is what we did...  But YMMV.

Home Network 3.0
Originally the upgrades that made up Home Network 2.0 consisted of a firewall router, two 100bT Ethernet Switches, and the various client systems and utility based devices that we needed on our network.

That worked fine for a very long time - then one of the switches up and died on us.  So we ended up concentrating ALL of the networked devices onto the single still functional switch - but that was our wake-up call that we needed to either update or replace the network. 

Considering how cheap you can get used Gigabyte (1000bT) switches these days - even name brand fully managed ones with very slick web interfaces - the obvious solution was to build a brand new home network using the best hardware we could find and afford over time.

If we had been forced to immediately seek out kit to replace our current network this would be a very different narrative.  Fortunately we paid attention to the signs and began to accumulate the bits and pieces that we needed - taking care to keep an eye out for sales.

So instead of a forced march as it were, we were able to take a measured stroll on our terms.

The first part of the build for Network 3.0 consists of a robust 1000bT Firewall Router, a pair of fully managed 1000bT Switches, a new CAT6 Panel, and CAT6 Keystones -- most of which is installed in a 19" equipment rack moved upstairs for that purpose.

We also have a list of other things we want to add...  A new KVM console that will be paired with our existing KVM Switch.  Some new rack-mount cases for the two servers we want on the net - a Virtual Server to handle basic network services and a second server to handle web and wiki services.

Ultimately when all is said and done we will have obtained all of the services we wanted and all of the service quality we wanted not because we could spend the money now, but because we realized what would be needed and began to accumulate the kit before it was actually needed...

For the first time in a long time we planned out a project that was not in critical path.

The big question is can we find an economical way to incorporate VOIP into this setup?


1 comment:

Blogger said...

YoBit allows you to claim FREE COINS from over 100 unique crypto-currencies, you complete a captcha once and claim as many as coins you need from the available offers.

After you make about 20-30 claims, you complete the captcha and resume claiming.

You can click CLAIM as many times as 30 times per one captcha.

The coins will stored in your account, and you can convert them to Bitcoins or any other currency you want.