0
I have the crazy plan to rewire my home network. Well currently it is a rather simple set up I guess, that I'd like to complicate :-) to get rid of my (not very stable) powerline adapters and to provide network connected wall-mounted RJ45 ports to 4 rooms of my house.
I am a software engineer with some knowledge about networks. I know stuff about IP addresses, MAC address, switches, routers the OSI layer model but some parts not very deep.
My current setup is as followed:
- 3 story house
- In the basement there is the incoming coax/TV line from my provider, there the coax line is split to 4 (coax) cables which go into 4 rooms
- My Cable modem is in the attic (in my "office"), it is used in bridge mode, one of the coax lines goes into this modem
- I have a new and fancy Synology RT2600ac router, lets call it "master rooter", the modem is connected to this masterrouter to the WAN port
- On the master root there is stuff running like "threat prevention", DHCP, WLAN mesh start, Safe Access (devices can be assigned to profiles, which can be configured, what is allowed for each profile), port forward rules etc. etc. - the router is pretty new, I like it and I want to keep it, also it provides a great WiFi signal
- In the office there are some devices (like my PC or a NAS) directly connected to the master router's other (LAN) ports (internal switch of router) by RJ45
- One of the LAN ports of the router goes to a powerline adapter, adapter "PLA"
- One other powerline adapter "PLB" is in on the ground-floor
- On PLB is directly connected a TV and a WLAN access point (meshed with the router in the attic)
- All devices are in the same network and use the master router as gateway for internet connections
- One telephone is directly connected to the cable modem (RJ11)
As I said, I want to get rid of powerline (PLA/PLB) so the connection is more stable and maybe to also have easy access to LAN port in some rooms.
So the plan is to install RJ45 wall sockets into the 4 rooms, from those sockets 1-2 network (probably Cat. 7) will go down into the basement, where they are all connected to a patch panel.
Also I would like to install more than 1 telephone in the house, using a cable (not DECT), so I want the network sockets will most likely also have a (keystone) module for RJ11.
So the I guess the future setup will be:
- Some kind of housing/rack in the basement for the network installation
- cable modem placed directly in the basement inside the housing, coax from provider connect to cable modem
- Cable modem no longer configured as "bridge" but in router mode, lets call it "cable modem router"
- The master router shall not be placed in the housing/basement because of the concrete walls it would not provide a WLAN signal that can be reached even at ground floor, master router stays at its current location in the attic (this is essential)
- In the housing (in the basement) is a switch connected to the cable modem router
- From this switch the patch panel is served to connect to rooms with the switch
- Telephone line from modem (RJ11) is also patched to some RJ11 ports (well I guess those things exist, but it is not very important for this scenario)
- Master router is in attic (one of the patched rooms) and is connected to a RJ45 wall socket with the patch panel, connecting this device to the patch panel and the switch, so it is connected with the other devices in the network
- Device in the office (computer, NAS) are connected either directly to the switch ports of the master router or a wall socket (RJ45) (I don't think it matters that much, where they are connected to the network)
- Devices use their former static IP address or still get their IP address by DHCP from the master router
- Master router still makes port forwarding, threat prevention, DHCP, safe access etc. etc. as before
- Master routers gateway is the cable modem router
- Cable modem router passes all traffic directly to the master router, without applying any filtering/rules etc.
Those this sound about right or is there a problem with this setup? Is this a good approach to solve the issue (fancy WLAN master router should not be in the basement)?
What do you gain from changing the modem to 'router' mode? If it does nothing else except act as the gateway for the Synology router, the reconfiguration seems useless and it'd be easier to just keep it in 'bridge' mode. – user1686 – 2019-02-27T10:59:04.510
@grawity I want prevent, that the other devices in the network are directly in the internet. If I leave modem in bridge mode and connect the switch to it (from where the other devices are patched), wouldn't they be somehow "in the internet". Well I'm not so sure anymore. Maybe as the devices get an IP/Gateway from the DHCP they are safe? But I think there would be some DHCP conflict as surely the bridged cable modem/router would assign some internal IPs and also the master router. Or not? – Shihan – 2019-02-27T11:07:20.400
1Then don't connect a switch to it, connect the switch to your attic router instead. 1) With the modem in router mode, devices connected directly to the modem will have 'private' addresses issued by the modem, so you could say they're not really exposed... but they will completely bypass your attic router and all the security features you wanted. 2) Those devices will not get addresses from your attic router, because the Ethernet link from modem (with a switch or without) needs to go into the attic router's "WAN" interface, which does not serve DHCP – it only does so on the "LAN" interface. – user1686 – 2019-02-27T11:19:42.277
And yes, if you need a LAN switch in the basement, then what I'm saying is "basement modem → ethernet → 'WAN' port on attic router → 'LAN' port on attic router → ethernet → back to the basement → basement switch". (If you can only have one ethernet cable, you can make this work using two VLANs.) – user1686 – 2019-02-27T11:26:26.823
@grawity thanks for the ellaboration. I believe I need a LAN switch in the basement, because with that component the devices (coming from the patch panel) will get interconnected.The device chain you supplied looks logical to me and also includes this basement LAN switch so the devices are connected to each other. basement modem to WAN on attic router would be directly patched (without using the switch) - this also looks to me, that modem can stay in bridge mode. Modem is only connected to the attic router directly (over the patch panel). Why don't you post it as an answer? – Shihan – 2019-02-27T12:10:25.110