So I am looking for some extra brains to think about this project I am working on. I am tasked with bidding all the network gear and installation/configuration for a 109 unit retirement home that is already in the process of being built. Right now, there are 500 total drops counting both floors that will be terminated in two separate closets. There will be guest and resident Wi-Fi provided throughout the building (isolated) but all of the data drops in the units will be run back to the same closets. Now obviously we can’t have everyone accessing the same network… so I figured we can make a VLAN for every single unit, and if that resident would like their own private Wi-Fi network we could put their own firewall in their room (a service I would provide). That would cover a scenario where they have a laptop and a wired printer. I’m just wondering if that is the best way to do this, as I don’t think the people I’m doing this work for have even considered that.
Also, in the dozen or so somewhat large scale networks I’ve deployed I’ve gone with Ubiquiti switches, but being that this place is gonna have 10 48 port switches (5 in each closet) I’m thinking stackable switches from Cisco may be a good idea. I haven’t researched the cost difference yet and I’m not super proficient with Cisco gear but I can handle configuring them. Any thoughts? To me the stackable thing sounds like it would save me a few gray hairs but I don’t want to over-bid.
This may sound crazy since it is a retirement home but I’m under the impression that a lot of these residents are still quite active with a freaking sports bar, golf sim, and all sorts of crazy stuff being put into this 20 mil complex… Don’t want to give them an estimate with too many limitations either.
No less than gigabit. It is fiber optic, and right next door to the local municipal ISP HQ. They actually want to meet with us this week about the project. I may actually be competing with them, not sure at this point. I don’t have much information yet
i would probably not worry about the individual vlan idea for each room. I would just use vlans to seperate the managment side and the residents side. What router platform and hardware you going to use?
Just seems a little iffy to me, even considering we aren’t talking about adept users here. That’s also another question I would have, not being familiar with Cisco products. I am going to quote them for either brand, right now looking at the Cisco SG350X-48P’s for switching. Trying to teach myself about Cisco routers right now.
well i think when they see the price for cisco ten you will be able to convince them of the unifi line. Also someone correct em if I am wrong but cisco does not support there equipment with updates as long as unifi does without some heft yearly license.
HIgh end intel box with 10gb nic should handle the traffic just fine also
Running something like pfSense? Never used it before but I’d believe that it works. Looking at that model of switch I mentioned above from Cisco the price difference is almost 5 grand.
Ubiquiti has 16-port 10GbE aggregation switches (either Unifi or Edge depending on what you prefer), which should be adequate. 12 ports are SFP+ which you’d use to plug in the 48-port switches (and to run fiber between the 2 closets assuming you want surge isolation), and 4 are 10Gbaset which you can use to trunk the 10GbE switches together.
If you want to go Ubiquiti for the router, then Ubiquiti has a 10GbE router which I believe is available now (maybe only the Edge model). I recommend using it over any of their lower-powered ones, even if you only have 1GbE from the ISP. You’ll need the processing power if you want to do things like QOS and DPI at gigabit.
Idk, you at least want to break up the broadcast domains. In a retirement home especially, the malware could spread like wildfire on a flat network… I also usually give surveillance it’s own vlan.
This is the kind of setup I was looking at minus the 10GbE router which I will now recommend. My boss was just freaking out about the idea of having to manage them as 10 different physical devices.
So if there were 5 switches in each room, and the aggregation switch in one, how would I trunk these switches together? I’d trunk all 5 together with fiber then to the other room over one fiber cable? Seems like that would be fine to me
Make sure these are in stock somewhere. I’ve had availability issues with Ubiquiti before. Don’t want to win the bid and then not be able to source the hardware.
2 rooms right? Are they close together or far apart?
How big is this complex? Instead of getting a bunch of stacking switches, have you looked at getting a couple of big blade switches?
It really boils down to what kind of ISP connection you get. What kind of network uplink do you get. Fiber could be ethernet, it could be FDDI (not likely) it could be an OC192. Do you have a large pool of Public IPs, or limited to a handful?
If you are limited to only a couple public IPs, having one centralized firewall that segments out every unit isn’t a bad idea (or having two, one for each closet)
If you have a LOT of public IPs, then handing off a public IP address to the tenants is likely a bad idea.
An Apartment I one occupied, had gigabit to every unit. It handed off a Ethernet connection, that just needed a simple SoHo/consumer router. This eliminated the need for building WiFi.
I don’t really know the size, but I can look at the building plans later. I had honestly never heard of blade switches, and I have never done a network with this many connections. Not sure about what FDDI or OC192 are but all the fiber service I have seen from this ISP has had Ethernet ports on it. Not sure about IPs yet either, guess I’ll find out when I meet them to talk about this deal/tour their facility. Cabling is already run for 33 APs, so I guess we are going to go ahead with the building Wi-Fi. They pretty much built this placed and got IT consulting later… as with everything around here lol. But yeah I don’t think every resident needs gigabit, I am in the South where people aren’t used to crazy internet speeds nor do old people really use a ton of data. I think a gig connection or maybe 2 would be good for this place.
As far as GPON, I’m doing some Googling but can you expand on that? What would this take the place of in our current setup? We already have copper to all the rooms.
Thanks for chiming in guys. I’m having a lot of fun with this and I’ve got my fingers crossed I actually get to do this job.
So another factor that may be important is that this company also builds hospitals, I’m worried that they might think I’m recommending them crap if the price is too low lol.
I basically agree with your OP, separate VLANs for every single unit’s ethernet drop and isolated wifi on each floor/wing. Most of the residents will probably just use their floor’s wifi, but if they want a wired connection they can do that.