Fleshing out my home network
-
Hi there all,
So as of late, the current monstrosity of airport extremes has been running into some issues.
Currently, we are paying for 50/10 via a cable modem, which acts as a straight pass through device. No DHCP, NAT, nothing.
My current network looks something akin to this:
Cable modem
=
Airport extreme 2nd gen (DHCP, NAT)
=
=
=Wireless bridge (airport extreme to airport extreme)
==
Upstairs bedroom airport extreme (end of the bridge)
=
Managed switch ====> Managed switch =====> ESXI host, VOIP host, bunch of pogoplugs for dev work
=
Alternate airport extreme to run another network for 5ghzSo, thats the monstrosity. What I would like to do is run a power line adapter from the cable modem to the upstairs bedroom, through a ESXI server running a PfSense VM, and then to a DMZ and a few other things. From there, to the managed switch, and then to the airport extremes in bridge mode to provide downstairs wifi.
Is this fesable? Should I run another powerline adapter to the downstairs on the LAN side of the PfSense box?
Thanks
-
If it were me, I'd run some real networking cable. You can get relatively inexpensive outdoor jacketed cable at either the orange or blue home improvements retailer. If you want shielded cable, you can get Toughcable from a ubiquiti reseller such as netgate.
Nothing beats running CAT6 for speed and reliability. (Edit- Except fiber, which is overkill in your situation)
I had a wireless bridge going for the kids PCs. I could DOS them by warming up something in the microwave. When they got tired of me warming stuff up to kick them off "World of Time Wasting", they helped run a CAT6 drop.
-
Thanks for the response! However, running cable is out of the question. Both because its my parents house, and also because its a old house with no way of running without ripping up a wall.
-
So this house has no attic or basement or crawlspace that you can run cables? Why people insist there is no way to run cables is nuts. There is always a way to run cable.
But yeah I would think powerline adapters would be better than wireless bridge. There is some that get good reviews and have gig interfaces that from benchmarks show over 200mbit throughput
-
I am leery of those powerline adapters. Not quite tinfoil hat leery, but I wouldn't use one.
You need a whole house surge suppressor to keep your packets from leaking out onto the power grid and into your neighbor's house.
They will only connect on the same power leg, which means you have a 50% chance of it not working where you want, unless you install some sort of bridging between legs. -
So they leak out to the power grid, yet if they are not on the same power leg they wont work? Which is it? Who by the way is sniffing packets off their outlet? How the traffic going to get past the fuse box and the power meter out to public? Now if you were in a apt building or something.. then ok.
Also you can encrypt the traffic between them if your tin foil hat is a bit tight.
-
It's both.
2 out of the three 3 legs or phases of power come to both you and your neighbor. Usually it will be the same two.
That means that half of your house and half for your neighbor's house are bridged together, at least from the standpoint of one of these powerline adapters.Who would sniff packets off their outlet?
Good question. Not me. I was too busy microwaving stuff to knock the kids of WoTW.
EDIT:
This guy did: https://www.bentasker.co.uk/documentation/security/282-infiltrating-a-network-via-powerline-homeplugav-adapters -
good read thanks - but again this is inside a home, not from the house down the street or across town, etc. So while if your in say a apt building this might be of a concern.. I don't think the guy next door would be able to do this. The electric company meter would be the block..
-
An electric meter is not designed to be a filter, and will not stop the data leaking from your house to your neighbors house. Security is only as strong as it's weakest link, and these powerline network adapters are a very weak link.
I'm taking my tinfoil hat off now.
-
MoCA. Screw the powerline stuff.
http://www.amazon.com/Actiontec-Ethernet-Adapter-without-Routers/dp/B008EQ4BQG
And a high-pass filter for your entry point:
http://www.amazon.com/Filter-MoCA-Cable-Coaxial-Networking/dp/B00DC8IEE6