edging into prosumer needs. i will see my self out.
Ubiquiti Unifi, Pfsense or OpenWrt are good places to start. I’d recommend staying away from Ubiquiti Edgerouters or Mikrotik because of the steeper learning curve.
Unifi ecosystem can cover all your needs with a conveniently centralized control interface. Honestly, I think I like their surveillance offering more than the network, although the network is fine for most people.
2 Likes
I have been attempting to study surveillance equipment and Ubiquiti has been mentioned a couple of times. I’m also waiting to see what Wendell is using for cameras and storage.
I wanted to go with B&W sensors cameras for better low light conditions.
I really need to hurry-up with the surveillance system. Just don’t want to waste what little money I have.
Any decent cameras will automatically switch to IR in low light.
But they are never very good quality and anyone with cheap NV can see the IR.
IR is definitely not as good as normal, but afaik, it’s the only option at night unless you’re relying on artificial light of some sort.
Main issue I’ve had with surveillance is having to tune the motion detection so that random status LEDs or the sun coming up, etc don’t set them off constantly.
Motion detection would be impossible for me. There might litterly be 75-100 Guineafowl, kids playing kickball or the random thief around my house! I will have to use access point’s for detection.
The birds work pretty good as alarm system if your home to hear them! which the birds coup in a tree every night so I could use motion detection then. (Coyotes run thru at night as well, it will defiantly be fun!! I see lots of storage drives in the future.)
Get a pfSense / OPNSense box, it doesn’t have to be expensive, I use an off-the-shelf AsRock J3455M motherboard with 4 gb of ram and a 4x Gigabit Ethernet PCI-E expansion card (completely overkill). Due to lack of budget, I’m also testing an Intel NUC with a USB 3.0 Gigabit Ethernet adapter (would not recommend the later though).
You only need 2 ports, 1 for WAN, 1 for LAN. You can also get away with 1 port if you don’t do a lot of traffic between LANs and you have a managed switch, which is basically a must if you will have any IoT devices, like security cameras.
My personal recommendation would be any Celeron / AMD equivalent (usually AMD embedded something) small box with 2 Gigabit Ethernet ports, like a MintBox Mini 2, 2 or 3 Ubiquiti AC Pro APs, any 24 port POE switch from Ubiquiti (POE for the cameras and APs) and add to that whatever other switches you need (just don’t be overkill with the switches near your end devices, too many and you could bottleneck the single Ethernet port coming from the main switch). If you are able to, you should rather do some patch panels and separate cable runs, rather than remote switches, but that’s just my opinion.
For the cameras, I’m completely out of the field. Wendell did some interesting hackaroos voodoo doodads to get very cheap “bricked” HIKVision cameras from eBay to work (it’s not that hard). Unbricking Hikvision IP Cameras (Repair, Reflash and TFTP Guide)
1 Like
It would probably be best to have a patch panel once you start adding up all the runs. But, that’s in the future. (I’ve been studying all the different types of cabling really liking the Cat 7 & 8 having the shielding. The tombstones are trick!!)
Thank you all, have given me a lot to think about!
1 Like
Yeah, ideally you have cameras dedicated to the external doors so those can be set to motion detection and the rest can record constantly or on a schedule or whatever you like.
You can get shielded variety of any cat cable. Cat6A is what you want for 10GbE or 10GbE future-proofness.
This could have changed but cat7/8 has historically been marketing gimmick. Not sure if the actual Cat7 standard ever got finalized. In any case, 10GbE is the fastest RJ45 option that is widely used and remotely affordable, so no need to go beyond Cat6A.
Shielded cable is usually for outdoor or high interference environments and requires a grounded patch panel. It’s kind of a headache. I’d avoid it unless you need it.
Just figured with 100’+ runs shielded would be worth it if it was in budget. Especially with cameras.
It wouldn’t be that hard to run a grounding rod thru my slab.
Car6A is rated for 10GbE up to 100m so I wouldn’t worry about that. If the cameras are outside though, shielding might be a good idea. I’ve honestly never run anything outdoors so I don’t know what the best practices are with utp vs stp in that case.
Probably overkill. Usually the stp grounds to the patch panel which grounds to the rack which grounds to whatever is readily available. If you have full sized racks full of $5/6 figures of equipment, then yeah make sure there’s a dedicated ground, but otherwise spend your money elsewhere.
I use one of these to ground the coax that comes into my apartment through a normal outlet.
Unifi access points are good.
Unifi switches are good.
Unifi routers are simple to setup, but the configuration options in the control panel interface are quite limited. And anything you do via the command line is at risk of getting wiped out the next time Ubiquiti issues a software update. So I would not recommend the Dream Machine, or any other Unifi routers
I would suggest Unifi switches and access points, and pfSense as your router. pfSense has a multitude of settings, and on top of that there’s a built in capability to download and automatically install a variety of add on packages. You definitely won’t outgrow it.
This is a fairly common combination so you can find YouTube videos for things like setting up VLANS.
You can install the pfSense software on your own hardware. Or you can buy a router from Netgate Systems with pfSense already installed. Netgate are the maintainers of pfSense.
pfSense runs on pretty much any Intel or AMD hardware made in the last decade. So you can test it out if you’ve got a pc available and can lay your hands on an extra Ethernet NIC.
It is a bit picky about having good Ethernet ports, which means Intel, and not Realtek. You can check the compatibility list.
As others have mentioned, there is also OPNsense, which is a fork of pfSense. I’d suggest going with pfSense to start because I think you’ll find a lot more tutorials online for it.
1 Like
One further thing to mention if buying Unifi access points.
A lot of people buy the Unifi AC Pro model thinking that will give them better wifi performance. The benefit of that model is that it can do a better job of handling a lot of users at one time. Like in a very crowed office, a shopping mall, or a sports arena.
For a lot of people the Unifi AC/LR can be a better choice. LR stands for long range. It’s antennas are designed to work at a longer distance for both sending and receiving.
The AC Lite, AC/LR, and the AC Pro are all rated for 250+ users.
Here’s the Unifi comparison chart:
I’m pretty sure I’m going with pfSense router after doing a little more reading.
I have some older boxes that might be good candidates but they have issues making a new NetGate box look like the least painful!
WAP; I think it would be beneficial to go with a AX. It is kinda like the PCIe Gen 3 vs 4 PC build. I went Gen 4 because I felt it was a safe bet the industry would start supporting Gen 4
The only reason I am looking to spend money on WAP is for our phones. We must use Wifi calling or else phone conversations don’t last very long due to dropped calls.
if hes going OpenWRT the Netgear X4S R7800 is way better than the linksys. Just thought I should add this note.
1 Like
If learning, … Maybe get a NanoPi R4S with Debian as a router… or even R2S … (they have hardware crypto support unlike rpi making them good candidates for VPN). As long as you don’t have a faster than 1Gbps internet connection they’ll be good. With 4GB ram on it, it may even be able to run some containerized services… e.g. a sync thing server, a something cloud, or just a plain old target for rclone backups, or it might run a unifi controller for your VLAN switch and WiFi
I don’t know for sure, but maybe an amlogic s922x based odroid n2+ with a usb dongle for a second nic would be a good choice too, the cpu is slightly more modern than rk3399 found in R4S.
If you want to learn I would get anything that Merlin/AsusWrt supports.
https://www.asuswrt-merlin.net/