So I’m working on network shit little by little, chipping away, and as some other things convene I’m finding that I have a bit of a predicament. It can be solved, but its either stupid or theres better options I could do.
Currently, the line off the pole comes into what some might consider an addition to the house. From the sun room, the main router can only reach so far. It can hit in my bedroom above it, a little in the living room behind the inside wall that the whole rack is against, and really the only people getting good wifi signal from my router is the neighbors.
I have a 15m line run to the other side of the house connected to another router, though I can’t find the AP settings to just… exted a wifi point. So its literally a router in front of another router.
That collision and self ddos incoming, mmm mm mm. Tastey.
But as I keep chipping away, I’ve found myself at the point that I need to do firewall(s) stuff next. Before I do that though, I want to make sure there isn’t a way I could have this better set up.
so its
LINE => Netgear AC1900 R2600 +switch+ => TP-Link Archer wireless n something
…+switch+ => my shit
ATM I have a cable run out a window and under the siding into my window and room, so 2 switches. Bleh.
For wifi, would the netgear be better to have as an AP in front of the archer? At that, if they were to change places so that the R2600 was at the end of the line (I know where the AP settings are too), would I benefit at all from just having the 5GHz on the router in the center of the house and the 2.4 at the switch, vice versa, or should I leave it as it is and see if I can get into the AP settings in the Archer?
LINE => TP (2.4 only, can reach needed areas) +switch+ => R2600 (5GHz only, but in the middle of the house)
The TP link would hit where it needs to, main kitchen area + immediate parking area outside, I’m just wondering really if centering 5GHz in the house would help at all? Since its a shorter band IDK if it’d help at all. Maybe better to run multiple 5GHz routers?
Ugh sounds like a mess ATM.
Or turn the TP off entirely and just have it as as WAN router, with the R2600 acting as the AP, but its behind some walls and the placement I have is more prime to cover the yard and garage so I’m not sure about having just 1 router’s worth of coverage.
Then, past that, when I get to firewall(s) stuff, I’m not sure I’ll have a good enough machine to handle traffic, and split it up hardware wise. So I thought maybe have 1 firewall on the switch on the first floor and one on the other one? ATM all my ethernet cards are PCI, and the machine that I have loose with PCI is kind of a nice dell that I slotted some nicer bits in to use as a workstation for Amiga BS… I’d rather not cannabilize it for this. I DO however have some spare macs with built in ports.
And again, raises another question, do people run PFSense in a VM? Is that even a good idea? My Mac Pro 3,1 is coming back up to my desk (was in rack, didn’t work well), and will be running void linux and OSX 10.12 (possible openbsd instead though, unsure ATT). In OSX at least I know how to set up VM’s pretty well. In linux I have never really even played with… well any VM shit. I should learn though.
Point is I can set up pfsense in parallels or whatever and route it all correctly but… Again is it a good idea?
Again, going back to the line graph at what this might look like
LINE => R2600 => firewall +switch+ => AP
…[firewall in VM, also my desktop] +switch+ => my shit
But again, the only reason I ask this is I don’t have a good enough machine, or at least any PCIe ethernet cards, to have one big firewall, but I could have 2 that would do a modest job. And ATM money is going to some bills to catch up, and car repairs xd
Then I guess last question would be could I just take a mac pro I’m not going to use and make it the router? I’m half scared to plug anything more expensive than the used 20 dollar router into the modem knowing the frequency of the line and comcast’s reputation. I’m not familiar with any of this shit, so I’m just kinda blind firing.
I’m still brainstorming at how to do this the best and I’m about to give up and buy MOCA adapters, I’d just rather not spend that much when I can do just as well the way I’m doing it now and run a cable later.
But again, any suggestions are welcome.
ATM the slotted firewalls are between a powermac G5, a mac pro 1,1, some prebuild P4 I have, and a xeon I have spare thats doing nothing and trying to be sold. G5 and 1,1 are probably my best targets as they at least have gigabit, though I’d have to add a PCI card to the G5. And then figure out an os for it but thats besides the point.
Thanks, awaiting feedback as I tear my desk apart.