PROBLEM:
1) My current setup works, but cannot be upgraded to latest firmware and remain stable (see below).
2) wifi is weaker in the bedrooms on the opposite end of the house, and that may be more significant soon with needs for more PCs in those poor signal rooms (-70+ dbm, and -80+ if obstructed further).
3) I wish to wait to get wifi 6, and WPA 3 for future proofing (10 year life).
4) I really want to place cameras in the front of my house, and possibly in the back, but wiring is a challenge (see below).
5) I want camera storage to be strictly local, with the option to make it available online, but not in the cloud.
My current setup:
Pfsense 2.4.4 p2 (main router/firewall) - for VPN, dns filtering, and firewall rules
ASUS RT-AC3200 (AP from main router) - nice range and speeds, but locked at merlin 384.3 due to stability issues. 2.4ghz devices will randomly disconnect, and a reboot is the quickest way to resolve. Family wants to kill me when I upgrade.
ASUS RT-AC68R (Media bridge for office) - great speeds, but locked on the 380.69 or 70 firmware. The 384.x firmware is not stable at all. It has been over a year since this issue has been occurring without resolution. Merin says its an ASUS problem, so I am done with ASUS products (and most consumer brands).
Range requirements:
It must give 100+ Mbps speeds for internet in all rooms, and 300+ Mbps or better real world iperf3 speeds for internal network per node. Because of that, I think I need a mesh system. The RT-AC3200 does a great job, but there are too many walls and barriers in some areas. My office is a very tricky area. I use the bridge to get better speeds around a solid wall that drops the signal 20 decibels (from 45-55, to 65-75 -dbm or worse).
Camera requirements:
I am looking at buying a Ubiquiti cloudKey 2 plus with a dome, and possibly a few G3 cameras. All of these require PoE. I can get around that PoE issue with the PoE injectors, but I need to wire them. I have put a lot of thought into this, and I have yet to decide which is the best solution.
options:
1) wire everything through the walls and ceilings (pretty much a no-go because it's too hard, and too limiting).
2) buying bridges for each camera (can get pricey, and if I wire too many into the same bridge, I may overload the bandwidth).
3) wire them from the outside. This would be easier, but easier to defeat from the outside. I would also need to make sure the network cables do not expose my internal network if they are tapped. I can do this with pfsense and a dedicated network port. It would be able to talk to the NVR, and some trusted devices only, and wont be able to connect out of the network at all.
4) wifi only, but this is a no-go because of the need to wire power. That defeats the purpose of wifi, and I can't use the software that I want.
My thoughts on hardware:
For the AP replacement, I have been looking at the Unifi nano HD.
For the bridge replacement, I am considering the Amplifi HD router as a bridged mesh point. I considered using some airMax nanostations, but why? That would be nice, but too pricey.
I may go with Amlifi for the whole home mesh as well, though I would prefer to go Unifi if possible for the powerful software.
the 300+ speed requirement is mainly for the possibility of bridging through the mesh for the cameras, but would be nice for future increases in internet speeds. The bridge I currently have can get over 300 in iperf3.
If I wire outside, it would be cheaper, and I would have more options to have wired everywhere, but I need to decide whether to run data only cables and inject power later, or buy a PoE switch, and run a cable for every device. With the switch centralized, I have more options such as having a UPS power the network and cameras, but for how long? I want a UPS for Pfsense because a power flicker is enough to bring it offine. It will not reboot, and requires a manual restart.
I want a setup where my wife doesn't want to murder me for every unplanned outage, so reliability is a must. I cant be clawing through rooms to reset switches/routers to fix outages with the bridges.
Budget:
< $1000, but that is as much as I am willing to spend in 2019. I can upgrade just the cameras, or a bit of both. Priority is cameras. WiFi upgrade is a nice to have unless I need bridging. I'm willing to wait for WiFi 6 (802.11 AX), and wpa3 whenever that happens.
Please don't take my thoughts as final, I am just planning out the best possible setup with the best currently available.
1) My current setup works, but cannot be upgraded to latest firmware and remain stable (see below).
2) wifi is weaker in the bedrooms on the opposite end of the house, and that may be more significant soon with needs for more PCs in those poor signal rooms (-70+ dbm, and -80+ if obstructed further).
3) I wish to wait to get wifi 6, and WPA 3 for future proofing (10 year life).
4) I really want to place cameras in the front of my house, and possibly in the back, but wiring is a challenge (see below).
5) I want camera storage to be strictly local, with the option to make it available online, but not in the cloud.
My current setup:
Pfsense 2.4.4 p2 (main router/firewall) - for VPN, dns filtering, and firewall rules
ASUS RT-AC3200 (AP from main router) - nice range and speeds, but locked at merlin 384.3 due to stability issues. 2.4ghz devices will randomly disconnect, and a reboot is the quickest way to resolve. Family wants to kill me when I upgrade.
ASUS RT-AC68R (Media bridge for office) - great speeds, but locked on the 380.69 or 70 firmware. The 384.x firmware is not stable at all. It has been over a year since this issue has been occurring without resolution. Merin says its an ASUS problem, so I am done with ASUS products (and most consumer brands).
Range requirements:
It must give 100+ Mbps speeds for internet in all rooms, and 300+ Mbps or better real world iperf3 speeds for internal network per node. Because of that, I think I need a mesh system. The RT-AC3200 does a great job, but there are too many walls and barriers in some areas. My office is a very tricky area. I use the bridge to get better speeds around a solid wall that drops the signal 20 decibels (from 45-55, to 65-75 -dbm or worse).
Camera requirements:
I am looking at buying a Ubiquiti cloudKey 2 plus with a dome, and possibly a few G3 cameras. All of these require PoE. I can get around that PoE issue with the PoE injectors, but I need to wire them. I have put a lot of thought into this, and I have yet to decide which is the best solution.
options:
1) wire everything through the walls and ceilings (pretty much a no-go because it's too hard, and too limiting).
2) buying bridges for each camera (can get pricey, and if I wire too many into the same bridge, I may overload the bandwidth).
3) wire them from the outside. This would be easier, but easier to defeat from the outside. I would also need to make sure the network cables do not expose my internal network if they are tapped. I can do this with pfsense and a dedicated network port. It would be able to talk to the NVR, and some trusted devices only, and wont be able to connect out of the network at all.
4) wifi only, but this is a no-go because of the need to wire power. That defeats the purpose of wifi, and I can't use the software that I want.
My thoughts on hardware:
For the AP replacement, I have been looking at the Unifi nano HD.
For the bridge replacement, I am considering the Amplifi HD router as a bridged mesh point. I considered using some airMax nanostations, but why? That would be nice, but too pricey.
I may go with Amlifi for the whole home mesh as well, though I would prefer to go Unifi if possible for the powerful software.
the 300+ speed requirement is mainly for the possibility of bridging through the mesh for the cameras, but would be nice for future increases in internet speeds. The bridge I currently have can get over 300 in iperf3.
If I wire outside, it would be cheaper, and I would have more options to have wired everywhere, but I need to decide whether to run data only cables and inject power later, or buy a PoE switch, and run a cable for every device. With the switch centralized, I have more options such as having a UPS power the network and cameras, but for how long? I want a UPS for Pfsense because a power flicker is enough to bring it offine. It will not reboot, and requires a manual restart.
I want a setup where my wife doesn't want to murder me for every unplanned outage, so reliability is a must. I cant be clawing through rooms to reset switches/routers to fix outages with the bridges.
Budget:
< $1000, but that is as much as I am willing to spend in 2019. I can upgrade just the cameras, or a bit of both. Priority is cameras. WiFi upgrade is a nice to have unless I need bridging. I'm willing to wait for WiFi 6 (802.11 AX), and wpa3 whenever that happens.
Please don't take my thoughts as final, I am just planning out the best possible setup with the best currently available.
