Networking Gear Recommendations? (starting from scratch) - eviltoast

Hi, I hope its appropriate to ask this here, considering this is the most active community closest to this topic (Networking). I am moving places shortly and will need to start from scratch will all networking equipment. Including router and wifi-extenders. Am wondering what the general consencus is around networking gear, what brands are good and homelab friendly? I’ve heard great things about Ubiquity, but know nothing about their products. I do wish to buy a mesh system, as I do have 2 floors and concrete walls in the new place. I am looking for something easy to maintain, yet customizable for when I get more comfortable with playing around with networking equipment.

I have some experience with TP-link + decos, but really dont like their app and default settings. Blocks mullvad.net by default for instance…

If it matters, there will only be 2 people connected normally ~ approx 8 devices or so in total.

  • 2 phones,
  • 2 laptops (wired if possible)
  • 1 desktop comupter (wired)
  • server (wired)
  • Nvdia shield (wired)
  • RaspberriPi (wired)

Am also aiming to buy a 1000/1000 Mbps connection :)

Lemmy know what you would recommend in this scenario, and please feel free to ask about further details if I have missed anything, Thanks as always!

  • Andromxda 🇺🇦🇵🇸🇹🇼@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    5 months ago

    It’s not cheap, but this setup doesn’t just serve as a router. It’s also a dedicated hardware firewall solution, with the capacity to handle big and fast networks (I’m speaking hundrets of clients and technically it could even do 40+ Gbps over an SFP fiber-optic connection.) It also lets me monitor my network and filter connections. I use Telegraf, InfluxDB and Grafana to get a nice visual overview of my local network, as well as all the inbound and outbound connections. I can even see the location of the servers I connect to through MaxMind GeoIP in my Grafana dashboard. I also use Sensei (I think it’s called Zenarmor now) for advanced filtering, and I use ClamAV with TLS interception to scan for malware. I could also run a DNS server through Unbound or Pi-Hole, but I prefer to do that on a separate device. OPNsense is a very powerful piece of software, and the StarLabs Byte is a suitable device to run it. For me it’s very important to have a free BIOS firmware implementation like coreboot on a security-critical device like my firewall.