# Networking This covers various networking hardware. Mainly, it's about routers and switches. # Basic Networking Requirements The basic requirements are a router, WiFi and a switch. Cheap SOHO routers like the many Linksys, ASUS and so on routers try to do all of these things at once. However, if you are looking into self hosting, you aren't a typical user and should try for a more sophisticated setup. Honestly, there's a lot of reasons for having a better setup and that includes not having to replace your router every 6 months, which is literally what I used to have to do in the late '90s, when I first started buying cheap Linksys routers. Realistically, the ideal minimum network setup would include a router, a WiFi access point and at least one switch. This will be explained more as I go along. It will not always be possible but the physical layout of a network should, ideally, be as such. A centrally located networking room that contains your modem (if applicable,) router, primary switch, primary WiFi access point and servers. Personally, I have one bedroom acting as a network room and another as my server room because that's just how it worked out for me. So, don't be surprised if your situation is similarly not ideal. # Router The first thing you'll need is a router. Most people will, surprisingly, be fine with a basic cheap plastic piece of crap running proprietary firmware that acts as basically your entire network. Some will want to replace the official firmware with something like [DD-WRT](https://dd-wrt.com/) or [OpenWrt](https://openwrt.org/). Unfortunately, recent WiFi chips don't have open source drivers, meaning this isn't going to be an option for most routers. What I actually recommend is either buying an [OPNSense](https://opnsense.org/) router or buying hardware you can install OPNSense onto. Now, there's a whole discussion to be had on [pfSense](https://www.pfsense.org/) vs OPNSense. Particularly, related to pfSense being closed source and a bit scummy and OPNSense being gimped along with the free version of pfSense all because of the company Netgate but this isn't the place for that discussion. Suffice it to say, if you can install OPNSense on it, you can install pfSense or any other non-proprietary router OS you desire. Unfortunately, I can't recommend specific hardware in this case. The problem is that low cost hardware changes all the time. Advice I give today will likely be meaningless tomorrow. The best I can say is what kind of specs you should look for and roughly what you should expect to pay (as of the time of this writing; 12/5/2024) and even that can be subject to change. Anyways, currently, I'd recommend a minimum of 2x 2.5 Gb Ethernet ports and that's really it. Why am I not recommending built-in WiFi? Well, there's a few reasons. The first is WiFi standards change all the time. So, expect to replace anything with WiFi every few years or so. You really shouldn't be replacing your primary router that frequently. The second reason is that you might not want/need to place your router in the place that is ideal for WiFi coverage. The third is that your primary router should be focused on basically two things, routing and filtering/firewall activities. Making it do the extra work of WiFi is just introducing another point of failure in what is very much the most important piece of networking equipment in your entire network. Why am I not recommending 10 Gb or faster Ethernet? Simply put, it's the price. As a mild secondary concern, heat and electricity are also a factor. Simply put, 10 Gb over Ethernet is really pushing the limit of copper wire. You're basically better off switching to Fiber at that point. Why am I not recommending 10 Gb or faster Fiber? The same reason as the Ethernet version of this question; cost. While fiber cable is certainly cheaper, everything else about it is an entire league more expensive. Take the prices of Ethernet and expect it to be a minimum of 4x the price, if not 40x the price. It's simply not cost effective for anyone not willing to spend "Enterprise" level money, aka around 5 figures minimum. Can you do it for cheaper and on the small scale? Sure. It's just not worth it when you aren't likely to actually utilize it in a useful way. If you're in a position to consider a fully fiber network financially viable, you probably shouldn't be wasting your time reading this in the first place. The price of a device that can serve as a router with only 2x 2.5 Gb Ethernet ports is, currently, somewhere between $80-$200+. Personally, I recommend at least 3 Ethernet ports and at least two of them should be 2.5 Gbit. You need a WAN port, LAN port and, optionally, a WiFi port. The WiFi port is important for network segregation purposes. Sure, you could just connect any WiFi access points to a switch but, unless you are planning to pay extra and spend extra time setting up a layer 2 (aka a "managed") switch, it's better to just manage it on your router. Though, it's worth noting that you can setup a VPN and use it as a substitute for a VLAN. Again, I can't recommend specific hardware because prices and availability change wildly even just day to day, especially this time of year. You'll have to do your own shopping around or, if you're desperate, ask [Reddit](https://www.reddit.com/r/opnsense/) the way [this person did](https://www.reddit.com/r/opnsense/comments/1afjvoo/hardware_recommendation_for_opnsense/). # Switches Unless your router comes with enough Ethernet ports for your whole network, you'll need at least a primary switch. If you've got a large number of physically networked devices, you might need multiple switches. Ultimately, the number of devices and their locations will determine the size and number of switches you need. Currently, the most cost effective network speed a normal person can reasonably aim for is 2.5 Gb Ethernet. That could very well change in the near future to 10 Gb Ethernet or Fiber. It's unlikely we'll see Ethernet exceed 10 Gb because, at that point, it becomes infinitely more practical to invest in Fiber. However, it's impossible to tell what the future will actually bring. Now, it's generally considered a hard rule of thumb that there should **never** be more than 3x layer 1/unmanaged network switches between **any two devices** on a given network. This means that you should only ever connect a primary switch to a router and you should only ever connect secondary switches to a primary switch. Yes, you can overcome/reset this limit by adding additional routers. Basically, this means your network should always follow this structure: Router -> Primary Switch -> Secondary Switch Devices can be directly connected to any switch but switches should always follow the above rule. Why? You'll end up with funky networking behavior such as dropped packets or weird connection issues if you put too many switches between devices. This shouldn't need to be mentioned, since I don't really think anyone makes them anymore. However, just straight up avoid buying a network hub. They're pretty much antiquated tech at this point and were directly replaced with modern switches. With all of that out of the way, lets break down the decision process into its most simple elements: Speed: 2.5 Gb Size: 24 ports or less Brand: TP-Link These are my recommendations based on current prices, availability and reliability. Usually, a switch made of metal is preferred over plastic, since it dissipates heat more effectively. Finally, the big question of how many switches do I need and how many ports should each switch have? That depends on the number of devices that need connecting and their general location. For the primary switch/es, it should almost always be wherever you keep your router and, preferably, your servers. I get that not all buildings are the same and sometimes you have to do weird stuff but, if you can, having a room as a dedicated location for your primary networking and server equipment is ideal and it should be a centrally (to the rest of your network) located room. The switch/es itself should have at least enough ports to connect all the secondary switches in your house/office/building/whatever. Another way to think of it would be that it should have at least one port for every room in the building and likely some extra. For secondary switches, you should place one in each room that contains more than one device. It should have at least enough ports to accommodate every device in the room. Sometimes, you may have to distribute more than one switch to a room, either because the room is too big to centrally locate all networked devices or because there are simply that many networked devices. It's generally not a bad idea to have a few extra ports, in case your connected devices grow in number. My personal rule of thumb is: 24 port primary switches, 8 port secondary However, I should note a couple of things. I have a 24 port switch in my "server" room because it's not the same room the router is in. Also, I have a tendency to collect a lot of devices with Ethernet ports. You can probably get by with 5 port switches in most locations and 24 ports may well be overkill for most people. Be sure to take your time and think about what devices even really need a wired connection. It used to be that you needed a wired connection to have reliable speed but WiFi has evolved a lot since then. That said, WiFi will never beat a wired connection for security. You should definitely try to keep all of your servers on the wired part of your network. # WiFi As I mentioned in the [Router](https://docs.jbcoder.us/books/hardware-80-complete/page/router) and [Basic Networking Requirements](https://docs.jbcoder.us/books/hardware-80-complete/page/basic-networking-requirements) pages, you should have at least one separate WiFi access point to handle wireless connectivity. If your building is big enough, you may very well need multiple access points. Sadly, I don't actually have any great advice on this because I haven't shopped for one in a good while. I've even resorted to using a router as an access point, due to how annoying it can be to shop for one. Considerations you should have for shopping for one are: WiFi standard - The current one I know of is WiFi 6 but I think a 7th one is already in the works. Features - Mesh networking, for example, can be important, if you have a lot of space or thick walls to deal with. Price - You should be able to find a decent one for less than $200 but you will have to shop around. Enterprise grade equipment tends to start around $400 each. No, I don't recommend Enterprise grade unless you just really need it for some reason. Brand - I don't have any recommendations for this. You'll need to do your own research here. If I ever take the time to shop for WiFi access points, I'll try to update this page with more useful info. # Cabling 101 This is specifically about making Ethernet cables but a lot of this will likely apply to most types of low voltage/data cables. So, there are standard pinouts and such that you can learn from Wikipedia and other places. I'm not going to bore you too much with the details of the various standards. Instead, I'm just going to make a few important points and give general advice on how to do it. The first thing to know about Ethernet cable is that there are two types (note, I said types not standards) and they are Solid and Stranded. Solid cables are used for permanent installs. They are designed to last a long time in a situation where they are stationary for several years. You run them in your walls, ceiling and floors. Solid cable should only ever be terminated with a keystone jack, punchdown block or patch panel. A keystone jack is the actual connector part of an Ethernet wall outlet. A punchdown block is an organizational tool that can be used to neat tricks for splicing cables that is typically mounted to the wall near your networking equipment. A patch panel is another organizational tool that is typically mounted to a wall or inside a network rack as a convenient location to run patch cables to your networking equipment. For example, you might have a cable run that terminates at a keystone jack on one end in a random room and the other end on a punchdown block in your networking room. From there, you might connect the cable to another cable that terminates the other end in a patch panel in your network rack. From there, you would have a patch cable connecting the patch panel to a switch or router. That's pretty much the most complicated type of run you'll see. You are almost never going to see a punchdown block used in a residential setting. Most often, it is used to connect phone lines in an office building, hotel or other business. Rarely, you might see it used for networking cable but there isn't much practical use for it these days. Why are phones special? You only ever connect one computer to one other computer with a single network cable. However, you can have a single phone line connecting to every phone in your house. How? That's what makes a punchdown block special. You can have a single phone line on one side spliced to a dozen lines on the other. So, when a call comes in over that one line, it rings every phone over that other side. **IMPORTANT**: Do **not** place a patch panel in your network rack, if you plan to move your network rack around or if you will need to frequently change the location of where the cables are terminated. It's much better to just mount it to the wall and run your patch cables from there to your network rack. Stranded cables are also called patch cables. They are designed to be flexible enough that you can disconnect/reconnect and move them around frequently. Patch cables should almost always be terminated with a mod (modular) plug on both ends. These are the cables that used pretty much everywhere that isn't inside a wall, ceiling or floor. When it comes to standards, the only one that is going to really matter these days in a residential situation is Cat 5e. It can handle everything up to 10 Gb at lengths that you are unlikely to exceed in your typical home. If you truly need a run that exceeds the limits of Cat 5e, you are better off running fiber in most cases, though you could probably get by with any variation of Cat 6 cable up to 10 Gb speeds. The problem with copper wire (Ethernet) is that it starts to hit a hard limit in its capacity around 10 Gb. Even using it for 10 Gb (regardless of the spec) is going to push its limits and cause it to get hot. I'd only really recommend Ethernet runs for 1 Gb, 2.5 Gb and 5 Gb. Since only 1 Gb and 2.5 Gb are really affordable for residential use, it's likely that fiber will be the better option by the time you would consider 10 Gb or faster speeds. When it comes to the actual construction of Ethernet cables, it's fairly simple. To start with, you'll measure and/or run the cable and likely add a little extra to it. Then, you cut it and strip the insulation off the end. While you can use a knife and strippers for that, a nice pair of electrical scissors is going to be more efficient and effective, with a little practice. To strip the insulation, you merely need to score the outer insulation enough that you can yank it off. You'll then need to trim any inner insulation. Once you've done all that, it's time to line up the wires and insert them into either the mod plug or the punchdown device. For solid cables, you're going to be using a punchdown tool to punch the wires down into position and there's usually color coded guides for where to place them. For stranded cables, you'll be using a crimper to crimp mod plugs and lock the wires in position. Optionally, you may need to trim the wires either before or after inserting them into the mod plug. Some mod plugs have an opening to slide the wires out the other end and some don't. Punchdown tools automatically trim the excess wire when punching down. For bonus knowledge, check out the difference between a crossover cable and a straight through cable. You only need a crossover cable when connecting two computers directly to each other, without a switch or router in-between. Note: Be sure to link wiki resources and pin out guides later. # Enterprise Equipment Unless you plan to get certified with Cisco and need something to practice on, you'll almost always be better off either rolling your own or buying something more affordable. Enterprise equipment is stupidly expensive and cares nothing about how loud or hot they run. They also tend to consume more electricity that lower spec hardware.