# Home Networking - Building The Road



## Dale Rasco (Apr 11, 2009)

First let me preface this with saying that there is more than one way to accomplish what I am about to describe. I do not subscribe theories that are predicated on the notion that there is only one way to accomplish a given task. I was a CCIE (Cisco Certified Internetworking Expert) Plus Security until 2008 when I took over as the Sr. Manager of my group and let my vertification lapse. The purpose of this thread is to help educate 99% of the non-IT people out there that want to setup a home network in a language they understand while helping them creat a network that is robust, secure, efficient and simple, or at least as simple as I/we can make it. This thread will be a work in progress as I go through replacing and reconfiguring hardware on my home network. Each piece will basically be broken into sub-sections/chapters. I welcome all input and suggestions because I know that there are plenty of network people out there that know more than I do however, it is important for everyone to remember that our target audience is the 99% non-IT crowd that doesn't know what EIGRP or OSPF is so please keep it simple. I will be happy to have an in depth technical discussion on routing protocols, access-lists, algorithms, etc. but, this thread is not the place for that discussion. So without any further ado’, let’s get started!

*Definitions and Terminology:* I think the best way to get this thing started is with some very basic understanding of what we are trying to accomplish. The definitions listed are not the actual definitions put out by the IEEE but definitions that I came up with in order to explain things a little more simply.

*Bandwidth:* In the simplest of terms, bandwidth can be thought of as a road. Non-IT people get confused when they hear 10BaseT, 100BaseT, 1000BaseT or 10Mb per second, 100Mb per second, Etc. because they automatically make a connection in their mind that this means speed when in fact it means size. The easiest way for me to describe it is to compare it to a highway. If you have a two lane highway then traffic has a tendency to be slower with the more vehicles you put on it than if you had a four or six lane highway however, that doesn’t mean that there is necessarily a different speed limit, only that the road is limited in how many cars can travel on it at a given time. Similarly network bandwidth can only carry what it is sized to carry but the actual speed at which the electric pulses travel is the same. Additionally, two lane roads have a tendency to get traffic going quicker than large expressways because the vehicles don’t have to be narrowed down from four lanes to one but from two to one and two is much easier to manage than four. The same can be said for network traffic.

*Packets/Devices: *If bandwidth = the road then packets and devices = vehicles that travel on the road, I will refer to devices as vehicles as well since they are the objects creating the packets in the first place, and just like real vehicles, there are different types of packets that may use network bandwidth. In this thread we will focus on video, audio and data packets. Data packets are the most common and the most forgiving in that if they do not get a response they will keep trying until they can get through. Audio and video packets are much less forgiving because their streaming nature. The smallest impact on video and/or audio packets can cause stuttering and freezing to occur until the network issues get resolved. Some would argue that simply throwing more bandwidth at a network congestion problem, i.e. add more lanes for traffic to travel on, will resolve network latency issues when in fact it will only mask the issue until there is enough traffic on network/road to cause it to rear its ugly head again. The preferred way to resolve the issue is to prioritize the traffic. Much like the emergency lanes and carpool lanes on a highway can let emergency and high occupancy vehicles pass when there is an accident or rush hour traffic; your network can be separated to reserve an emergency lane for video and audio traffic to continue passing without interruption while other traffic waits for the accident to be cleared.

*Collisions, Latency and Congestion:* These are industry terms that are used to describe the “accidents and rush hour” on a network.

*VLAN’s:* This is the most commonly used method for creating emergency and carpool lanes. 

There are many other definitions that we will go over as the need presents itself but for this part of the discussion we will be using these. So to recap:
*
Bandwidth = road
Packets/Devices = vehicles
Collisions/Latency/Congestion = accidents and/or rush hour
VLAN’s = emergency and carpool lanes
*
*Part 1: Designing the road*
There are different types of roads that can be built so the first two questions that one should answer are; “What types of vehicles will be traveling on the road?” and “Where do I need the road to go”. I put together a small spreadsheet that should answer those questions. 











As you can see by the spreadsheet, I need to provide the following connections:​

[*]There are 32 total devices that I need to provide connectivity to. I.E. 32 vehicles that will travel on the road.
[*]17 wired connections that need to have internet access, 12 of which also need access to local network resources. 
[*]14 wireless connections that need to have access to the internet, 4 of which also need access to local network resources. I also want to provide a guest hotspot in order to provide access to friends that come by without risking exposure to my home network.​
​Of the 32 devices, I have deemed that 22 of them need to be secured from potentially malicious attacks. I came to that conclusion using three questions; if my answer to any of them were yes then I decided it needed some form of security. 

*Is there financial information on the device? *​
[*]This includes bank accounts, credit card numbers, on-line account information, etc.​*Is there personal data on the device that I don’t want everyone to see?*
[*]Information about my family, me, my company, etc.​*Could I be at risk to lose valuable data if the device were compromised?*
[*]Corrupted libraries, data files, etc.​*Additionally, I know that I want to provide some sort of web filtering on the network level to prevent children from getting to inappropriate and potentially malicious sites.*

This all may seem a little excessive but a little time and cost up front securing the network could potentially save you thousands of dollars if your network is compromised. Almost all ISP’s provide some sort of gateway hardware with a built in firewall with your home setup however, I personally do not feel that they are secure enough and none of them, that I know of, provide the extra security services I like to have such as web filtering for malicious malware sites, pornography, hate sites, etc. as well as a hardware SPAM filter that is built in. There are several manufacturers of these devices, all of which are effective however, they are a bit more than most people want to spend up front and the do require an annual maintenance fee to keep the protection up to date.

I have uploaded a copy of the blank spread sheet here that can be downloaded and used to obtain the information discussed above. Just right click on the image and "save image as" and save the file to your hard drive. I will update this thread within a couple of days for the next part which we will discuss sizing the network, different types of hardware and manufacturers and finding a balance between what you need, what you want, and what is within budget.

Until next time campers, have a good day and in case I don't see ya later, a good afternoon, a good evening, and a good night! :wave:


----------

