network map attached, is anything out of whack?

[superjet]

I'm trying to decide if its time to upgrade my main router (n66u). I don't have any complaints right now, but im not a pro at networking. Here is a network map of my wired connections and a list of wireless devices and where they connect primarily:

General layout:

Downstairs:
Arris 722 Modem with cat 6 connection (2ft) to N66u
Lan port 1: Workstation/Server gigabit connected
Lan Port 2: Gaming desktop gigabit conected
Lan Port 3: Runs upstairs to 2014 Apple Time Capsule WAN port
Lan Port 4: Runs to D-Link managed switch

D-Link Managed Switch (cat 6 20ft cable run from N66u):
Port 1: extra cat 6 cable
Port 2: extra cat 6 cable
Port 3: extra cat 6 cable
Port 4: Hp printer connected at 10/100
Port 5: Tivo Mini connected at 10/100
Port 6: 60ft Cat 6 run to unmanaged switch
Port 7: cat 6 run back to N66U
Port 8: empty

Unmanaged switch (60ft cable run from managed switch Cat 6 1Gb full duplex)
Port 1: PS3 gigabit
Port 2: Tivo Mini (10/100)
Port 3: Apple Airport Express (10/100 wireless off, just used for airplaying music)
Port 4: connection back to managed switch Cat 6 1Gb full duplex
Port 5: Smart TV (10/100)

Upstairs:

Apple 2014 Time Capsule
WAN port: 1Gb Cat5E shielded 100ft cable run from downstairs full duplex
LAN port 1: Tivo Roamio Pro (cat 6 full duplex 1Gb connection)
Lan port 2: 150ft cat 5e shielded cable run to garage for Airport Express (wireless enabled for backyard wifi and airplay streaming)
Lan Port 3: 5ft cat6 cable run to Linksys smart switch



Linksys 8 Port Smart Switch
Port 1: cat 6 connection from Time Capsule 1GB full duplex
Port 2: Smart TV
Port 3: Blu-Ray Player
Port 4: Apple TV
Port 5: Yamaha Receiver






Outside in the detached garage there is an apple Airport Express used as a wireless access point and to airplay to a garage stereo from anywhere on the network:

Connected wireless downstairs:
iPhone 5 (n66u N)
iPhone 5s (n66u N)
iphone 6 (n66u N)
iPad 1 (n66u G)
iPad Air 2 (n66u N)
macbook (n66u N)

Connected wireless or wired downstairs:
Hp laptop 1 (Gb to managed switch or wireless N to n66u)
Hp laptop 2 (Gb to managed switch or wireless N to n66u)
Acer laptop (Gb to managed switch or wireless G to n66u)
Dell Laptop (Gb to managed switch or wireless N to n66u) primarily vpn connected 24/7
Additional Hp printer (10/100 to managed switch or G to n66u)

Connected wireless upstairs:
Macbook (G to Time Capsule)
Macbook pro (AC to Time Capsule)
iPad Air (N to Time Capslue)
iPhone 5s (N to Time Capsule)


What im thinking of changing:

Instead of connecting the workstation/server directly to the n66u, I was going to connect it wired to the managed switch and instead have the managed switch using the last wired port on the n66u. That would serve to take 1 hop out of the network.

Switching the second airport express from one of the LAN ports on the time capsule router to the smart switch and running the home theater receiver from the airport express.

Also thinking about upgrading the n66u to something more recent, if the better processor and hardware NAT may help with anything I do. I have my eye on the netgear 6 antenna 8000 or 9000 whichever it is.

I do a lot of large file transfers between computers all over the network, play a lot of online games, frequently VPN back to the n66u router for access to my home network, and use Acronis True Image to perform network backups to various locations or other computers across the network.

2 of the 3 TVs are usually running at the same time using connections to the Tivo Roamio via wired connections. The Tivo also backs up certain shows across the network to the server.

 

[superjet]

Things I've done to try to keep my equipment running smoothly:

1. The n66u and arris cable modem are cooled by a fan blowing across the top of north devices. Neither is ever even warm to the touch.

2. Every device has a dhcp reservation in the routers configuration page.

3. Every electronic device in my house is hooked into a voltage regulating UPS.

4. I've done my best to isolate network cables away from other electricity sources to minimize interference and always use shielded cables for every network cable.

 

[System Error Message]

How fast is your internet? Those new dual core ARM routers arent exactly fast at VPN. If you want VPN performance get a PPC CPU based router because they are quite fast at VPN and encryption. For your setup i would use a mikrotik router with sufficient speed for use of VPN and because i get to name every device using the DNS service on the router so i can just type their names in the browser (wont work for chrome). It requires more skill just to configure them http://demo.mt.lv/ live routerOS demo. Buying them requires some skill too. So for mikrotik get a PPC based routerboard or Tile based.

If you dont think you have the skill for one you can go with one of those dual core ARM routers. All the dual core ARM routers use the same CPU regardless of frequency since you can get an asus ac68u and overclock it to 1.4 Ghz from 800mhz. Your choice for these routers should mainly be stability and reliability and having the features you want. Asus has merlin firmware as a good alternative to stock. You can also perform the same DNS naming of your devices with these routers but it requires changes using SSH and command line.

For your network you should consider connecting the workstations to the smart switch. Make the smart/managed switch the core switch of your network but make sure it has the full non blocking bandwidth or you could run into issues. You can find this out from your switch specs. The reason why is because you can configure their STP/RSTP. Each branch limits the bandwidth available for file transfers. I suggest you connect your linksys to the dlink switch and time capsule to dlink if possible. Smart switches can communicate with each other for some things such as knowing if a switch is connected and mac address tables and some even for network mapping.

If you decide to get mikrotik you can still use your N66U as a wireless AP and mini server for some services. You dont need to upgrade if your N66U is giving you VPN speeds at your internet speeds and coping with what you're using it for. Theres no reason to get wireless AC if the devices you have dont support it. The only reason to upgrade is for speed and features that you need but dont have. Aside from wireless the only difference between the N66U and newer routers is just CPU speed.

 

[azazel1024]

I think the first place to start is, do you have any complaints about anything?

Lets address those. In general if you feel the itch to upgrade your network, my suggestion is, since you have an upstairs and a downstairs, consider adding an access point upstairs so you have one on each floor. Bonus points if they are vaguely seperated in the horizontal axis as well. Then place the upstairs and downstairs on different channels so they don't overlap.

That'll likely provide much better wireless performance than simply upgrading your router since you have a large number of wireless clients.

Next, or maybe first, would be the wire up any fixed machine you possible can. You NEVER want to do wireless when a wire is possible.

If you needed a better actual ROUTER and not simply better wireless performance, I'd look at a newer ac router, like the AC68 or TP-Link C8/9 or Netgear R7000.

 

[superjet]

I think the first place to start is, do you have any complaints about anything?

The only issue I really get frustrated with is sometimes LAN transfer speeds between wired devices. I need to set up ramdisks on each device and try to find the bottleneck, but I suspect its on the computer side not the network side.

Something that has not been a problem so far but I havent really stress tested it extensively and I anticipate causing issues is having the Tivo Roamio pro sending a live tv channel to each of the tivo minis while 2 devices are watching live channels wirelessly via the tivo app and somebody is online gaming and windows updates or large downloads are happening across the network.

I'm just not sure how much overhead the Tivo creates streaming TV or recorded shows across the network. Tivo support is largely worthless in this regard.

Lets address those. In general if you feel the itch to upgrade your network, my suggestion is, since you have an upstairs and a downstairs, consider adding an access point upstairs so you have one on each floor. Bonus points if they are vaguely seperated in the horizontal axis as well. Then place the upstairs and downstairs on different channels so they don't overlap.

That'll likely provide much better wireless performance than simply upgrading your router since you have a large number of wireless clients.

The Apple Time Capsule is upstairs, sorry that I didn't label everything clearly. It's an AP with supposed wireless AC band capability. The GFs macbook pro is up there connected to the 5ghz band most of the time, assuming it's on AC I've never checked though.

I've stumbled every visible and invisible network I can reach from several devices from the corners and common areas of my whole house and adjusted channels accordingly. Luckily for me, there's not a lot of 5ghz activity in the area surrounding my house so those bands have remained relatively interference free, but some of my neighbors have their 2.4ghz on non-standard partially overlapping channels. I suspect I'll just have to live with that.

Next, or maybe first, would be the wire up any fixed machine you possible can. You NEVER want to do wireless when a wire is possible.

Completely agree, I've got everything wired that I can, and 3 extra cat6 cables coming out of one switch for when I need to update/work on something out of the pile of laptops I've accumulated.

If you needed a better actual ROUTER and not simply better wireless performance, I'd look at a newer ac router, like the AC68 or TP-Link C8/9 or Netgear R7000.

Does the hardware NAT feature of some newer routers make a big difference if you have a lot of connections? My WAN speed is 100Mb downstream and 10Mb upstream. Speedtest usually gives 115Mb down and 12-15Mb up.

Pingtest from wired connection is usually 10ms with 0-2ms jitter.

I'm definitely more focused on getting a better router (not super worried about wireless performance) if it will increase performance at all with the wired devices (around 20 most of the time). I'm intrigued by the idea of a hardware based NAT, but dont know enough about the implementation in different devices.

 

[superjet]

How fast is your internet?

100Mb/10Mb

Those new dual core ARM routers arent exactly fast at VPN. If you want VPN performance get a PPC CPU based router because they are quite fast at VPN and encryption. For your setup i would use a mikrotik router with sufficient speed for use of VPN and because i get to name every device using the DNS service on the router so i can just type their names in the browser (wont work for chrome). It requires more skill just to configure them http://demo.mt.lv/ live routerOS demo. Buying them requires some skill too. So for mikrotik get a PPC based routerboard or Tile based.

I saw a post of yours last night while browsing the forums regarding the mikrotik and have been reading about them. Had never heard of that make before.

If you dont think you have the skill for one you can go with one of those dual core ARM routers. All the dual core ARM routers use the same CPU regardless of frequency since you can get an asus ac68u and overclock it to 1.4 Ghz from 800mhz. Your choice for these routers should mainly be stability and reliability and having the features you want. Asus has merlin firmware as a good alternative to stock. You can also perform the same DNS naming of your devices with these routers but it requires changes using SSH and command line.

I'd be willing to give it a try to get that up and running. I toyed with the idea of just getting a separate VPN device and using that to connect back to home if that would be easier to get a decent VPN connection from, disabling the n66u or main routers VPN server.

My n66u is on Merlin right now. I'm not certain I make use of the better features adequately as I dont know a ton about them.

For your network you should consider connecting the workstations to the smart switch. Make the smart/managed switch the core switch of your network but make sure it has the full non blocking bandwidth or you could run into issues. You can find this out from your switch specs. The reason why is because you can configure their STP/RSTP. Each branch limits the bandwidth available for file transfers. I suggest you connect your linksys to the dlink switch and time capsule to dlink if possible. Smart switches can communicate with each other for some things such as knowing if a switch is connected and mac address tables and some even for network mapping.

I will research the switch models I have on the network and get back to you about their features. I'm a few hundred miles away from the house working right now.

Would there be any benefit in linking the upstairs and downstairs switches via link aggregation and getting 2Gb/s full duplex? It would require running a second wire upstairs but I could do that in an afternoon if it would help at all with the current hardware I have. I'm not sure the smart switch supports link aggregation I'll look for that information too.

If you decide to get mikrotik you can still use your N66U as a wireless AP and mini server for some services. You dont need to upgrade if your N66U is giving you VPN speeds at your internet speeds and coping with what you're using it for. Theres no reason to get wireless AC if the devices you have dont support it. The only reason to upgrade is for speed and features that you need but dont have. Aside from wireless the only difference between the N66U and newer routers is just CPU speed.

I have 3 devices that support wireless AC right now, but dont use them intensively for data transfer across the network save for the MacBook using time machine backup continuously.

I didn't realize that the AC68 was able to be overclocked. A higher processor speed was something I thought might be beneficial or a hardware NAT, or both.

 

[azazel1024]

Doesn't really matter a whole lot if you are only running 100/10 connection. Most halfway decent 11n routers can do 110Mbps concurrent WAN and I'd guess just about all 11ac routers can.

Hardware NAT is really only going to help if you are pushing a LOT of data, and then generally if you are only doing standard NAT without much in the way of features toggled (in most cases doing things like bandwidth limiting, traffic monitoring, etc causes hardware NAT to be disabled).

As an example of its impact, the Archer C8 with hardware NAT can push something like 700Mbps one way or I think close to 1000Mbps bi-directional. With hardware NAT disabled it drops to 300-350Mbps range...which is still overkill for your current connection.

As for limitations on wired LAN transfers, probably a machine based limitation, at a guess an issue with the NICs depending on what you are running.

I've just generally encountered scads of problems with anything not Intel. The atheros on-board adapter on my motherboard just chokes with jumbo frames, and even without it gives poor performance (80-100MB/sec range). Realtek NICs occasionally okay (the one in my server also gives poor performance though not as bad as the Atheros in my desktop, but the one in my laptop, WHEN it works, is pretty decent at 114MB/sec). My Intel adapters I've never had issues with and give a nice steady 117.5MB/sec with 9k jumbo frames enabled. They also work perfectly with SMB Multichannel under Windows 8/8.1. This would be the reason why I am running with the onboard NICs disabled and a pair of Intel Gigabit CT adapters in both my server and desktop.

Link aggregation only improves maximum multiclient bandwidth. It does not improve single client bandwidth. So even if you have LAG on your switches and relevant clients/servers, you are limited to only 1Gbps between one end point and another. However, you could get 2Gbps aggregate when connected two different end points to a third end point.

Between switches it also is a boone, because you are much more likely to have a lot of traffic between switches.

I have SMB Multichannel giving me 2Gbps of actually bandwidth between my desktop and my server through the two Intel Gigabit CT adapters and Windows 8 on my server and 8.1 on my desktop. That DOES allow effective adapter bonding, which LAG does not do. Prior to 8, I did have LAG enabled on my server as it allowed me to do 2Gbps to/from the server in total between my desktop and my laptop (and other devices), its just that I was limited to only 1Gbps from desktop to server and laptop to server, etc.

I also have my core 16-port semi-managed switch uplinked to my secondary 16-port switch through a 2 port LAG to increase the uplink width between them (granted I think I only currently have 3 100Mbps devices hung off that 2nd 16-port switch, but that'll change in the near future once I tackle a renovation that'll add 3-4 LAN drops that'll likely have a machine or two with gigabit ports hung off them...at least occasionally).