"Poor man" home network first try

Aoikite

@jknott said in "Poor man" home network first try:

@aoikite said in "Poor man" home network first try:

I'm sorry if i sound like a stupid person but all the terms you have used, as in layer 2 and layer 3 network are completely stranger to me,

If you don't know the difference between the two, you're going to have difficulty understanding what you're doing. Perhaps you need a basic course in networking. Layer 2 refers to Ethernet these days, and layer 3 is IPv4 and IPv6. Layer 2 refers only to how the frames move between adjacent devices networks and layer 3 is about how packets move between networks.

It might pass the tagged VLAN packets through the switch

Why do so many people think unmanaged switches will have problems passing VLAN frames? The only difference between a VLAN tagged frame and any other Ethernet frame is the contents of the Ethertype field, along with 4 more bytes. A switch should pass all valid Ethernet frames, no matter what the Ethertype is, though some ancient gear may choke on frames with more than 1500 byte payload. If you ever run into that problem, just reduce the MTU by 4 bytes to work around it.

However, configure VLANs and separate them, you need a managed switch.

thank you for your explanations, your explanation and the wiki article posted by Steve did help me understand that concept ^^.

To avoid using Vlans at all, i am experimenting with Wireless now , that will make me avoid using vlans, and hopefully it will work if i can establish a PPPOE over wireless.

stephenw10

Because this is not an unmanaged switch. Almost all built in switches in soho routers are VLAN capable and can be configured with internal VLANs to separate ports for a second WAN etc. Except no manufacturer firmware allows you to configure that or even see it.
So if that switch is in port vlan mode then sure I expect it to pass tagged traffic but it might be in dot1Q mode just all on the same VLAN in which case it will not. No way to know.

Steve

Aoikite

Coming back for feedback :

I managed to get it to work, so far so good, not throught Wifi for the second interface, but throught a USB adapter that i used as WAN interface instead, not ideal but hey, at least it's viable for a little project.

the basic setup was like this :

it was sluggish to access the interface of Pfsense for some reason i don't know why but well, i did access it after, but i had no internet on the PC in the beginning, even tho the WAN did establish connection and got an IP.

i did did bridge the WAN and LAN interfaces in Pfsense, and i got internet on the PC after that, but i wonder if it is the best thing to do, i have not touched anything related to NAT or things like that, telling myself maybe Pfsense do it alone ?.

Best regards .

stephenw10

You should not bridge the WAN and LAN in pfSense.

The default setup should give you internet connectivity on LAN clients.

Did you get an IP address on the client via DHCP?

Could you ping external sites by IP? By URL?

Could you ping out from the pfSense webgui in Diag > Ping?

Steve

Aoikite

@stephenw10 said in "Poor man" home network first try:

You should not bridge the WAN and LAN in pfSense.

The default setup should give you internet connectivity on LAN clients.

Did you get an IP address on the client via DHCP?

Could you ping external sites by IP? By URL?

Could you ping out from the pfSense webgui in Diag > Ping?

Steve

you are right actually, i removed the bridge and it's all working fine without it, the client has access to the internet, pinging google, tested every website i use, all i working fine.

Time to explore packages and more guides about PFsense then.

I have one question tho on the lan side. if i get a dumb or smart switch that has gigabyte ports and stick it to the 10/100 ethernet of the laptop, and wanna transfer files between the lan devices, will it be slowed by the 10/100 port as in they need to go through the router first ? or they do go directly from one device to the other only via the ports of the switch.

P.S: i may still use this laptop as the router in the future house, after some research i did find that i can upgrade its P6100 cpu to a mobile i5-5X0m as they all have Aes support, and dual core with hyperthreading should be enough.

i can't get an expresscard 34 for a gigabyte ethernet for now tho, so i'll use a USB ethernet until that happens.

As for a managed switch, it is not available in my area so i may have to order one online in the future.

JKnott

@aoikite said in "Poor man" home network first try:

I have one question tho on the lan side. if i get a dumb or smart switch that has gigabyte ports and stick it to the 10/100 ethernet of the laptop, and wanna transfer files between the lan devices, will it be slowed by the 10/100 port as in they need to go through the router first ? or they do go directly from one device to the other only via the ports of the switch.

Traffic between devices on the same local LAN will not pass through the router. Bandwidth will be limited by the slowest device involved. So, if your laptop was transferring files through a gigabit switch to a gigabit port on another device, then you'll only get 100 Mb. If between two gigabit devices, then you'd get gigabit throughput.

Aoikite

Hello, and Thank you all for your help. now that i made the prototype work, i started working on the real network of our new house and hopefully everything will be okey ^^ and this is how it's gonna look in the end hopefully.

The extra port in the second floor is in case we need mort port to the third floor, and those on the Access point in case we need more in the first floor too.

i'm positive this is gonna work fine, at least i hope and like this i'm gonna have the control i need over the network for bandwidth balancing hopefully.:) .

johnpoz

When you say pfsense with AP activated.. Your not thinking of running AP with some wifi nic in pfsense are you? That is just pain waiting to happen... And slow - even in latest freebsd 11.2 that 2.4.4 uses I do not believer there is any AC support even if your card supports it..

Aoikite

@johnpoz said in "Poor man" home network first try:

When you say pfsense with AP activated.. Your not thinking of running AP with some wifi nic in pfsense are you? That is just pain waiting to happen... And slow - even in latest freebsd 11.2 that 2.4.4 uses I do not believer there is any AC support even if your card supports it..

Thank you for your feedback ^^.

yes that what i was think about doing for since it has an RT3090 Wireless N Card 802.11 B/g/n , and apparently it supports AP mode, but if it does not work or is just not worth the hassle then i will not do it then , the first floor AP is positioned in such a way that it will cover all the House hopefully (needs testing).

johnpoz

@aoikite said in "Poor man" home network first try:

apparently it supports AP mode

Doesn't mean it works in freebsd? You can try it - but it is just so much easier and cleaner to use an actual AP.. Or for that matter some $20 wifi router as just an AP..

Aoikite

@johnpoz said in "Poor man" home network first try:

@aoikite said in "Poor man" home network first try:

apparently it supports AP mode

Doesn't mean it works in freebsd? You can try it - but it is just so much easier and cleaner to use an actual AP.. Or for that matter some $20 wifi router as just an AP..

i will do that then thanks ^^

other than that, the structure of the network is good this time right ? no security problems like last time ?

JKnott

Doesn't mean it works in freebsd? You can try it - but it is just so much easier and cleaner to use an actual AP.. Or for that matter some $20 wifi router as just an AP..

i will do that then thanks ^^

Just avoid TP-Link APs. They don't handle VLANs properly. Same with their cheap managed switches.

stephenw10

@johnpoz
The RT3090 should work and should support hostap mode. But, yeah, it will be slow.

However if you're just experimenting and it's already built in why not enable it and see? The worst that can happen is you find out it's too slow and disable it again.

Personally I have run some crappy cards as AP just as an alternative access method on test boxes. Works fine for that.

Steve

Aoikite

Thank you all for your answer.

I am upgrading everything ( getting an i5-560m for AES support, ) and getting new antennas for the wifi card (because the internal antenna cables were cut (not intended) by its old owner unfortunately.

I will use the Pfsense AP as a backup AP then just in case the main one does not reach (the house is not very big anyway)
tomorrow cabling will be done (CAT6E , yes over overkillcables and they were so cheap for some reason and that's the only cables the guy had anyway)