The logical diagram
This logical diagram tells us how the information flows through the network. It starts in the cloud (the Internet) with your Internet Service Provider. Then it is filtered by the Firewall/Security Appliance to weed out the “bad stuff”. Then it goes to the router, the switch and then to the individual devices on the network. The wireless devices go from the security appliance to the WAP (Wireless Access Point) to the individual devices. By using a Network Logical Diagram you can tell we have two networks – wired and wireless.
The first thing that you need to do when sketching out a Logical Diagram of your network is to take a network inventory. Find out all of the devices that are on your network. Sometimes you will find an old computer somewhere that you still have powered on. Seeing that I am redesigning my network I can add and subtract devices to suit myself.
In line with RFC 1918, routers do not forward some IP address ranges onto the Internet. The ranges are as follows:
172.16.0.0/12: — 172.16.0.1 to 172.31.255.254
10.0.0.0/8: — 10.0.0.1 to 10.255.255.254
These address ranges are thus useful for setting up local networks, not internet addresses. The IP addresses specified can be used for LAN hosts.
I am using 172.16.1.x network for Ethernet and home wireless and the 172.16.0.x network for guest wireless. This will help tell me which type of traffic it is when I go through the logs to troubleshoot.
Why the concern over a few computers?
I have created and planned networks for a few businesses and organizations, so I thought I would put that knowledge to work at home. Many of us have a home office – sometimes two offices or more. I am planning on upgrading our network here at home so I thought I’d bring you in on the planning.
The basic planning documents
- The Logical Diagram: Described above.
- The Physical Diagram: This is just a drawing of the house itself, done to scale. Scale is important because you are going to be drawing lines from the wall outlets which have Ethernet to the Punch down panel in the server closet. Measuring the lines will give you about the length you need. Don’t forget you need to add 8-10 feet for going up and down walls, and adding about 5 feet or so on each end for a “service loop”. A service loop is so you can maintain the network and take down the punch down panels if needed.
What is the scope of the home networking project?
- Ethernet. I want every room to have Ethernet access and all of the wires terminated to a punch down panel. Two outlets per room with two Ethernet drops each. I will need a switch that can handle that.
- Physical Diagram A basic floor plan to scale. It also has each wire run on it so you can measure how much wire you need for the job.
- Server closet. Find a central closet to run all of the networking to. Also get a quote on the AC requirements, running a few outlets in the server closet and backup power. This will house all of the networking devices such as the WAP, Router, Switch, and the Security Appliance. It will also house the NAS and server. The UPS requirements should be such that I can use it to gracefully shut everything down in case of a power outage.
- WAP. Wireless Access Point (may be bundled with another device, such as the security appliance). This is for the laptops, TV, mobile phones, and our guest network.
- Security Appliance. I have come to the realization that I need a physical firewall/security appliance. Physical firewalls are much better at stopping intruders than software firewalls. Plus, even though it is my home – I work here, so why not get the same protection that I offer my clients? There are quite a few Linux distributions that will help to protect your network. Look at Distrowatch.com for them if you wish to build your own. I am looking for something that I can buy “off the shelf” so I may go with Cisco. More on that when I do my evaluation. As you can see, there are two networks. One that is Ethernet and one wireless. Both my partner and I both have businesses that we run from home. She does graphics but also has two computers and a laptop along with her phone. I have a hodgepodge of workstations and servers that I use. In addition, the wired and wireless devices on the network need protection.
- Access away from home. We also need to have access to our computers when we are not at home. I am thinking of NextCloud to solve this problem. It is a cloud-based solution that you can configure, it runs on Linux and it is open source. It has many of the features of Dropbox and Google mail and calendars. The nice thing is that you can “open the hood” and see how to fix or change what you want.
- NAS. We also have a Network Attached Storage (NAS) device which holds our work. This is also going to get replaced in the network upgrade. It will still be a Linux server running FreeNAS, but the hardware is going to be updated to handle the larger amount of data.
- Backup Power. We have UPS (Universal Power Supplies) on our individual computers which need to be evaluated seeing that they are fairly old and need upgrading. Backup power for the Security Appliance (Firewall), WAP, Router, and Switches also need to be evaluated.
This is the first article in this series. In future articles, I will show you the good and bad things that I find while I “shop around” for the best solutions to home networking and security if you have a home office.
Go on to my second article to read about the Physical Diagram and Server Closet that I am going to be working on.