To avoid these ads, REGISTER NOW!

Help with SoHo Network

vtsoundman

Well-known member
Joined
Mar 1, 2016
Messages
69
Location
NorCal
Hi Folks -
The level of intellect/experience on this forum is very impressive and find it filled with professionals ... I could really use some help with my SoHo network. It is a combined home & office network. Looking to increase reliability and simplify...so this is a "how would you do/fix this sort of question"

I run a engineering business out of my house - I live and die by the phone and ability to run WebEx mtgs..and ability to get documents sent to clients. Heavy user of BOX & Dropbox for file sharing with clients & remote employees.

Could use some advice on what to do. I don't have time to play IT guy...The network has been very stable, but when it breaks, it is pretty damn annoying. I am tired of dealing with flakey networking equipment.

Biggest issue is related to Windows 10 laptops that are sometimes connected via ethernet and sometimes via Wifi - they will loose the ability to connect to the INTERNET but not the INTRANET. Solutions seems to be a reboot of main network switch, main router, main internet router or some stupid combination of multiple reboots/power cycles.

Usage Notes


2x Workstations: Video Rendering, CAD, Large Files
1x Server: Media & Files; Primary Backup for laptops & workstations
1x NAS Backup: Backup Server Only
3 x VOIP Lines : 2 voice, 1 voice/fax
2x Laptops : General Office & CAD works

8 x Cameras: 1080p Foscam Garbage...going to be moving to Hikivision PoE next year. All 8 are running on Wifi, split between two SSIDs/Routers. Performance has been fine - issue is visual quality has degraded.

Misc Devices : Smartphones, Tablets, etc

Any entertainment video streaming occurs after business hours. Home users are 2-3 people - usually streaming just 1 or 2 music and 1 or 2 videos.

I am not using any VLANs or different subnets. Everything is on the same subnet wiht the DHCP (with IP reservations) being served by the main TPLink Archer C7. The VLAN concept gave me issues getting the cameras to communicate with the Workstation that runs the recording BlueIris software (it needs to record video as well as talk to the rest of the bus network)

All connections are Cat 5 or Cat 6 with molded factory terminations (hate making my own cables).



Please take a look at the attached drawing.



@Mods - please move to correct forum if this isn't the place.
 

Attachments

  • Network Small.jpg
    Network Small.jpg
    138 KB · Views: 59
Last edited:
To avoid these ads, REGISTER NOW!

grantw

Well-known member
Joined
Nov 10, 2016
Messages
249
Location
Bay Area, CA
You will want VLANs to isolate your cameras and NVR traffic. Those things are VERY VERY noisy on the wireless and wire with the ONVIF traffic and ****. Voice is also very sensitive to jitter and out of order packets. If your NVR has issues with vlans or routing, add a second network adapter for the cameras then.

Look in to a Cisco small business router / firewall, like a SR500 or something similar. Use the router as a central place for your vlan routing and internet gateway. This way you can prioritize your voip traffic to have a reserved bandwidth application over any other data on the network

your offic vlan can have next highest, and give the rest of the house "best effort".

Some home routers just don't have the ability to track >1000 firewall states without falling over.
 
Last edited:

nehog

Well-known member
Joined
Jan 2, 2010
Messages
7,935
Location
Jaffrey, NH
If you want to increase your reliability then run two networks, 100% separate: one for personal/home, one for business. I'd bring in DSL for the second Internet connection, so that you never have a single point of failure.

That is an impressive network...
 

pgray007

Well-known member
Joined
Jul 25, 2007
Messages
573
Location
Charlotte, NC area
I've had some funny problems with my Win 10 desktop being unable to grab an IP address from DHCP that just started recently. I did some google action and ran some command line stuff per the MS forums and it's been fine since.

I would concur on the VLANs, and also add that I've really liked the Unifi line from Ubiquity. It puts all your network stuff on a single management interface since I share your pain on not wanting to play IT guy.


Sent from my iPad using Tapatalk
 

wyliesdiesels

Well-known member
Joined
Aug 14, 2012
Messages
20,031
Location
Modesto, CA
Let me start off by saying I do IT and network infrastructure design integration and support for a living as well as communication cabling/low voltage wiring, CCTV systems and of course electrical.

You have quite the extensive network for a SoHo environment.

Just a professional WAG i would say the laptops are loosing connection to your DNS(main router) since u have intranet access but no internet access.

This will take some investigation to get to the bottom of it.

When this happens did u switch from wired to wireless or vice versa just before?

Does it occur at different times same time of the day?

I assume other devices still have internet access when the laptops dont.

If no internet via wireless have u tried connecting another device to the same AP when the laptops go down?
 
OP
V

vtsoundman

Well-known member
Joined
Mar 1, 2016
Messages
69
Location
NorCal
First of all...thx for the responses. Can tell when people have real world practical experience.

RE: Dual Connections
We have been discussing expansion options (either having engineers at the house or remotely) - and either way was thinking on adding a 2nd internet connection. My neighbor runs video editing business out of his house and routinely saturates his COMPRAP connection - and I can see the upload hit when he uploads to the rendering farms in India. The COMCRAP connection is pretty laggy at times for websites...

Any suggestions for the dual WAN / Router combo? Been thinking about a load balancing box like this: TP-Link-Gigabit-Ethernet-Multi-WAN-TL-ER6120

RE: VLAN
I got a really good deal on the Quad GB ethernet cards - I can peel off one of the ports for NVR VLAN on one of the workstations. Both workstations run run a SSD RAID 01 array with TB RAID as well.

Since the TPLINK 24port managed switch can handle VLAN, should I create the segments there? My VLAN vs diff subnet understanding isn't very good.

If I have my VOIP on say VLAN 1 and I need to get into the VOIP box, do I need to have my laptop also on that VLAN?

RE: VPN
Haven't really thought about this yet...not sure I really need it. Can sync files via dropbox if necessary.

RE: Traffic with with Dropbox/offsite services
I have been really careful to only sync Dropbox once (not to everyone's machine)...Only critical files and docs are backed via the web.

RE: Overbuilt Network
Routinely would saturate the network with multiple workstations doing heavy IO into the servers...(we are down to one). Some of these files are 2-4GB each...Cheaper to add hardware than pay for people to be sitting around waiting for files to move around. The workstations have both SSD RAIDs and conventional RAIDS.

I realized I left two workstations off the diagram. Those are running single GB connections back to the switch...and are network limited.

The server is a RAID 60 12TB arrangement running a MEGARAID card (also a good deal at the time). The NAS is a RAID 10 8TB 4 drive QNAP box. We've been hit hard with drive failures in the past - may have gone a little overboard, but I swore never again.

RE: DNS/Loss of internet for Laptop issues
The windows 10 laptops will lose intErnet connection - intrAnet remains fine. All other devices, like phones, tablets, etc remain connected.

I've flushed DNS & release/renew IP address (reserved via C7) and manually cleared ARP cache on the laptops. I wonder if the C7 is getting staurated. Seems to happen during heavy IO from the laptop to internet (Dropbox upload or 4k video streaming). Everything else is fine. This started happening at the end of Nov prior to MS releasing an F'd up hotfix...
Connecting via wired vs wireless, enabling/disabling WIFI or ethernet has no effect. It is only when I find the right combination of resetting all the main archer C7, the main internet modem, and the TP Link Managed switch that will fix it.


...More later...got to play wiht kiddo for a bit.
 

wyliesdiesels

Well-known member
Joined
Aug 14, 2012
Messages
20,031
Location
Modesto, CA
Could be saturation but if other devices still have access i doubt thats the DNS Issue.

Though u may very well have saturation what with the amount of data youre passing around on the network.

Any idea what the throughput rating is on the TP-Link switches and routers?

You may need to upgrade hardware. I recently installed a TP-Link 48-port switch for a client that has 96Gbps switching throughput.

Have u tried static IP/gateway/DNS to see if it still happens?

Ive seen this happen with some clients computers. I spent some time trying to track it down but was never able to put my finger on it.

I suspect its yet another Microsoft screw up.

BTW where in NorCal are u located?
 
Last edited:
To avoid these ads, REGISTER NOW!

ToddW

Well-known member
Joined
Sep 18, 2009
Messages
229
Location
In the snow
Do not go with that TP-LINK and get a mini pfsense appliance. Your network is large enough that most home (aka cheap) routers will likely not work for you.

If you don't want to configure it yourself hire a consultant, if you still don't want to go that route then go with something higher end but it's going to cost $300+.
 

wyliesdiesels

Well-known member
Joined
Aug 14, 2012
Messages
20,031
Location
Modesto, CA
Do not go with that TP-LINK and get a mini pfsense appliance. Your network is large enough that most home (aka cheap) routers will likely not work for you.

If you don't want to configure it yourself hire a consultant, if you still don't want to go that route then go with something higher end but it's going to cost $300+.

I was thinking along the same lines.

He is way beyond the limits of SoHo equipment. Needs to step it up.
 
OP
V

vtsoundman

Well-known member
Joined
Mar 1, 2016
Messages
69
Location
NorCal
Could be saturation but if other devices still have access i doubt thats the DNS Issue.

Though u may very well have saturation what with the amount of data youre passing around on the network.

Any idea what the throughput rating is on the TP-Link switches and routers?

You may need to upgrade hardware. I recently installed a TP-Link 48-port switch for a client that has 96Gbps switching throughput.

Have u tried static IP/gateway/DNS to see if it still happens?

Ive seen this happen with some clients computers. I spent some time trying to track it down but was never able to put my finger on it.

I suspect its yet another Microsoft screw up.

BTW where in NorCal are u located?

Static Links - have not tried that yet. Next time this happens, I will give it a whirl.

Perhaps I am not using the correct term for saturation. I am BW limited between the workstations and the server...

Throughout on the TPLINk 24 port switch:
PERFORMANCE
Bandwidth/Backplane 32Gbps
Packet Forwarding Rate 23.8Mpps
MAC Address Table 8k
Jumbo Frame 10240 Bytes

I have a fairly slow connection into the house....so I doubt I am saturating the router. 100Mpbs down/25 up according to Speedtest.net

The Archer C7
tplink_archerc7_v2_benchmark_summary.jpg


So next question:
1. Do I dump the Archer C7s and get something form AP / UBiquiti instead?
- the wireless load will drop once I swap over to PoE cameras.
- I will still need more than one AP for coverage.
2. What should I get for a main router/firewall?
3. Is this thing a CF and should I start over?
 

Git

Well-known member
Joined
May 18, 2008
Messages
6,894
Location
S Cal
So your assigning IP's with the router?

Have you tried to manually set the IP at the device?

One of the things that is happening when you go from ethernet to wifi is your device is switching to a different network adapter which means a different mac address is now connecting to your network. Maybe your router thinks the ip address you have assigned for that device is already in use or something is getting hung up?

As a test, I would remove any ip address reservation for one of your laptops (just let it pull one from the router) and see how that works.
 

pgray007

Well-known member
Joined
Jul 25, 2007
Messages
573
Location
Charlotte, NC area
Static Links - have not tried that yet. Next time this happens, I will give it a whirl.



Perhaps I am not using the correct term for saturation. I am BW limited between the workstations and the server...



Throughout on the TPLINk 24 port switch:

PERFORMANCE

Bandwidth/Backplane32Gbps

Packet Forwarding Rate23.8Mpps

MAC Address Table8k

Jumbo Frame10240 Bytes



I have a fairly slow connection into the house....so I doubt I am saturating the router. 100Mpbs down/25 up according to Speedtest.net



The Archer C7

tplink_archerc7_v2_benchmark_summary.jpg




So next question:

1. Do I dump the Archer C7s and get something form AP / UBiquiti instead?

- the wireless load will drop once I swap over to PoE cameras.

- I will still need more than one AP for coverage.

2. What should I get for a main router/firewall?

3. Is this thing a CF and should I start over?



A few thoughts:

- I don't know anything about the TP Link models you have, I've only seen their consumer devices. They may be fine, but I just haven't seen TP link in any corporate or SMB environment.

- I'd say your probably ready for "real" gear. The challenge you'll have is if you go with something like Cisco you really need to pay someone to do the setup as the learning curve is just too complex unless you want to become a "network guy" in your spare time. This is someone from someone that ran a business out of their home and used Cisco. It's awesome once configured and "just works," but every change is a 10 hour exercise in frustration unless you pay someone to confit and maintain.

There is a much better selection of SMB grade gear these days, including "Cisco Lite" stuff that's easier to configure and not the rebadged linksys junk of the past. Just be sure you know what you're buying. Also consider that the "true" enterprise stuff expects to be in a data center, so it will have screaming fans that may drive you nuts in a home environment.

- VLANS basically let you segregate your network and prioritize traffic. In your case you'd probably want 4 vlans for video, voip, LAN, and guest/home. In limited cases (your NVR) a single device will be able to access both vlans. In your head, just think of a vlan tag mapping to a physical interface. On your nvr workstation, without vlans you'd need 2 network cards, but with vlan you just tag the network port and NIC to both networks. Read some of the primers on vlan.

I also. Notice you're running a bunch of separate SSIDs for your WLAN. I'd merge to something like a guest network and LAN. You need not use different SSIDs on each access point, especially once you get higher end gear up that will load balance and aid handoff between the APs through a controller.



Sent from my iPad using Tapatalk
 

79firebird

Well-known member
Joined
Aug 19, 2008
Messages
385
Location
Victoria bc
First off i would get ride of the tp swith there dirt cheap we were using one at work and kept bogging it down inside the office with 10 users. Went and got a cisco router and have 16 users and havent had any probs. Mind you the tp was cheap like 100 new good for home network but not busness
 
To avoid these ads, REGISTER NOW!
Top Bottom