My old Linksys E4200 has served me well for almost a decade… but it’s time to retire the old girl and get something made after 2010. Every vExpert that I’ve talked to and most of my pro services friends & consultants have all said that Ubiquiti is the way to go… so this article is going to be about the process of replacing the Mistwire home network with a shiny new Ubiquiti UniFi Security Gateway (USG) & 2 Long Range Access Points (APs)!
I’ll treat this as a mini-project and go through the architectural process of gathering requirements, risks, assumptions & constraints; then creating the conceptual, logical and physical designs (much like my previous article), then screencap the setup.
Requirements
- Can run a 3 VLAN lab using CIDR blocks other than 192.168.x.x (this was the main issue with my Linksys that I was trying to resolve)
-
Can be portable:
- can be moved to different parts of the house without rewiring
- minimal cabling coming out of the enclosure
-
Must have security/networking features:
- Firewall
- VLAN support
- VPN (for connectivity to my AWS VPC)
Risks
- Wife aggro ?
- I am not a networking guy anymore… my CCNA is 15 years expired! This needs to be not complicated.
Assumptions
- Multiple APs will run on the same SSID
- L2 will stretch across said multiple APs.
- A networking n00b like myself needs to be able to configure it without any help
Constraints
- Budget of $300 for the networking gear
-
The footprint of the networking gear cannot be bigger than the previous modem/router combination
Conceptual design
The conceptual design of the network will remain exactly the same. The cable modem is on the main floor, therefore the router (the UBNT USG) will sit right next to it and the wired AP will sit next to the router. The homelab (the quarter rack in the basement) will have an AP sitting on top of the enclosure, that is connect to the lab switch via a physical wire and connected to the USG via the main floor AP using Ubiquiti wireless uplink. This give me 1 CIDR block (192.168.1.0/24) for the main house network. Subsequent VLANs for the homelab will be carved up on the homelab switch and configured/routed on the USG:
Logical Design
The USG (192.168.1.1) will be the focal point of connectivity between the HomeLab networks and the rest of the world. To maintain mobility, I will us a range extender mounted to the top of the quarter rack, this will connect my 192.168.1.x subnet to the quarter rack without needing CAT6, so the only wire running out of the rack is 1 power cable. From the HomeLab switch I will carve out 3 VLANs: Mgmt, Prod & DR. All 3 VLANs will have full access to each other and the home network. Mgmt will house AD & IPMI (KVM) access to the physical hosts. Prod & DR will each house 1 vCenter and 3 ESXi hosts. For all you TOGAF sticklers out there… I KNOW I’m not supposed to name hardware in the logical design phase, but I’m too excited about my new gear!
Physical Design
Here is the list of materials, since a lot of this was covered in the previous article, I’m only going to go over the bits that have changed & the things they are most directly associated with:
Quarter Rack
UniFi Security Gateway
UniFi AP AC LR (two of them)
HP 1910 16 port 1GB switch
Setup
This was the best part of this entire process. This was the prep work that I did prior to starting my stopwatch to see how fast I could flip over to my new network:
- Installed UniFi software on my laptop
- Unboxed and staged all gear (minus 1 extra cat-6 cable which I had to scramble to find )
- Plug my USG, 1 AP, and my laptop into a staging switch for initial configuration
Once I completed these steps, I unplugged my old linksys, plugged the cable modem into the USG and ran the UniFi config process. This part only took me 20 minutes!! The USG found the cable modem right away, got my WAN IP address and I was back out to the internet in ~5 minutes. Then I “adopted” the AP, upgraded the firmware on BOTH the USG and AP, then unplugged my laptop from the switch! I was up and running wireless with fully upgraded gear in ~20 min including firmware updates!
Once that was completed, I removed the staging switch, plugged the USG directly into my “Main Floor” AP, and put all the gear into a wicker basket to be out of sight:
The basement was even easier. I plugged the “Basement” AP into the homelab switch via the PoE injector, and the UniFi software on my laptop immediately picked it up. I clicked the “adopt” button, ran a firmware update, and it was running in ~5 minutes:
I’m going to save the additional VLAN & routing config for another article, but I was very impressed at how quickly I was able to get this network up. Not only that, but the interface is fantastic. I wish I had taken some screenshots of the initial setup, but honestly, I thought I’d screw it up at least once & would have to re-do it. Until then here are some very cool monitoring and config screenshots:
That’s it for now. Let me know if there’s anything that you’d like to see me dig into about this gear in the future!
Love the setup and the budget . Impressive work.
Thanks MT!