Networking Gear Recommendations? (starting from scratch) - eviltoast

Hi, I hope its appropriate to ask this here, considering this is the most active community closest to this topic (Networking). I am moving places shortly and will need to start from scratch will all networking equipment. Including router and wifi-extenders. Am wondering what the general consencus is around networking gear, what brands are good and homelab friendly? I’ve heard great things about Ubiquity, but know nothing about their products. I do wish to buy a mesh system, as I do have 2 floors and concrete walls in the new place. I am looking for something easy to maintain, yet customizable for when I get more comfortable with playing around with networking equipment.

I have some experience with TP-link + decos, but really dont like their app and default settings. Blocks mullvad.net by default for instance…

If it matters, there will only be 2 people connected normally ~ approx 8 devices or so in total.

  • 2 phones,
  • 2 laptops (wired if possible)
  • 1 desktop comupter (wired)
  • server (wired)
  • Nvdia shield (wired)
  • RaspberriPi (wired)

Am also aiming to buy a 1000/1000 Mbps connection :)

Lemmy know what you would recommend in this scenario, and please feel free to ask about further details if I have missed anything, Thanks as always!

  • Andromxda 🇺🇦🇵🇸🇹🇼@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    5
    ·
    5 months ago

    I recommend building your own router. It might sound complicated but it’s not. Just grab any low-power x86 mini PC that has 2 network controllers, put an open-source router/firewall OS like OPNsense or pfSense on it and you’re ready to go. (Check out this video for pfSense and this one for OPNsense) Protectli offers specialized devices that are designed to run OPNsense/pfSense. They also support coreboot, a free and open source BIOS implementation. You can also go with something Linux-based like OpenWrt, but I’m very happy with my BSD-based OPNsense firewall. I use a Star Labs Byte with OPNsense, a fanless mini PC that runs coreboot, designed by a UK-based, Linux-focused company called Star Labs. Before that, I used to use a Fujitsu thin client with OpenWrt, inspired by this video.

    • Sunny' 🌻@slrpnk.netOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      5 months ago

      Thanks for this! I will investigate further. While it is tempting to “build your own setup” like you mention. I’m also very intreeged about the polish of unifi products, their integrations and modularity. Maybe I can find a nice balance between both worlds 😊

      • Andromxda 🇺🇦🇵🇸🇹🇼@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        5 months ago

        It’s not cheap, but this setup doesn’t just serve as a router. It’s also a dedicated hardware firewall solution, with the capacity to handle big and fast networks (I’m speaking hundrets of clients and technically it could even do 40+ Gbps over an SFP fiber-optic connection.) It also lets me monitor my network and filter connections. I use Telegraf, InfluxDB and Grafana to get a nice visual overview of my local network, as well as all the inbound and outbound connections. I can even see the location of the servers I connect to through MaxMind GeoIP in my Grafana dashboard. I also use Sensei (I think it’s called Zenarmor now) for advanced filtering, and I use ClamAV with TLS interception to scan for malware. I could also run a DNS server through Unbound or Pi-Hole, but I prefer to do that on a separate device. OPNsense is a very powerful piece of software, and the StarLabs Byte is a suitable device to run it. For me it’s very important to have a free BIOS firmware implementation like coreboot on a security-critical device like my firewall.