Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Home network setup - help required

  • 08-01-2017 3:36pm
    #1
    Registered Users, Registered Users 2 Posts: 8


    Hi

    I have a sky router for wifi and internet access and some cheap unmanaged switches for connecting wired devices.

    I also have sky q, and 3 mini boxes which communicate with the main box. I have these wired as they keep losing connection on wifi.

    I also have some devices running kodi (for video streaming from the internet). They are also wired.

    I want:

    1. better wifi
    2. to use QOS for prioritising parents wifi (no QOS on sky router)
    3. to use opendns for parental control of kids devices (cannot change the dns servers on sky router)
    4. a single faster gigabit managed switch, with QOS for internet streaming and the sky boxes, and maybe a VLAN for the sky boxes

    So the setup I think I need is:

    internet
    +-sky router
    +-managed switch
    +-sky boxes
    +-kodi boxes
    +-wifi router
    +-parents ssid
    +-kids ssid

    I would turn off the wifi and dhcp server on the sky box
    The switch would use QOS to prioritise the sky and kodi traffic over wifi traffic, and maybe allow a VLAN for the sky boxes.
    The switch would act as a DHCP server for the wired devices, although I would probably use static addresses.
    The wifi router would use QOS / multiple SSIDs to prioritise parents wifi over kids.
    The wifi router would act as DHCP server and provide opendns DNS server addresses for all wifi devices.

    For the wifi I have selected the Linksys WRT1900ACS, which has all the feature I need, plus you can install openwrt on it if required.
    For the managed switch I have selected the TP-LINK SG1024DE which is simple to use and has QOS and VLAN capabilities.
    I am also replacing all the existing cables with cat 6.

    Am I on the right track here?

    If I connect a wired kids device to the managed switch, what dns server address would it end up with? The SG1024DE does not allow you to specify DNS addresses, only the gateway address (in fact none of the wired switches user guides I read allowed you to specify dns server addresses).

    Also I have a smart teenager to contend with. If he figures out how to change his dns server addresses what can I do?


    Any help would be greatly appreciated. I know a little but not enough.


Comments

  • Registered Users, Registered Users 2 Posts: 134 ✭✭ishotjr2


    Sounds like you are willing to invest some time into making this work.

    Generally I have found QoS implemented on switches not to be all that useful and typically cause more problems then it is worth especially for a home network. They generally do simple queuing/shaping like WRED. With openwrt you would be able to use techniques from advanced traffic shaping https://www.lartc.org but you may need to do module/kernel compiles to get the features you need. Have a look at lartc (wondershaper also).

    For DNS you can block all port 53 (iptables -I PREROUTING 1 -p udp --dport 53 -j DROP) traffic except that using the openwrt as a DNS NAT or proxy (put dnsmasq in there for a little cache) then configure opendns.


  • Registered Users, Registered Users 2 Posts: 8 frankdrebbin


    Thanks for the help.

    I only need very basic qos. Just to stop the kids eating up all the available bandwidth. The sg1024de allows port based qos using WRR scheduling algorithms. Is this ok?


  • Registered Users, Registered Users 2 Posts: 36,170 ✭✭✭✭ED E


    A managed switch is the wrong way to go. And nobody does DNS on a switch. Get a decent router, a cheap 12/24p gig switch if you need the ports.


    You're over engineering this. Unless its possible to completely supplement the SkyHub (Including its IPTV/Multicast features) then its acting as your border router. Thus its got the end say in QoS. It will reserve bandwidth for each STB once you turn them on, they wont compete.

    The only units competing will be the Kodi boxes and wireless clients.
    Also I have a smart teenager to contend with. If he figures out how to change his dns server addresses what can I do?

    Are you prepared to set up a full enterprise firewall (a few grand) in your house? No? Then give up. Either you gimp their connections so they cant do anything like with a captive portal or they'll be able to break out. DNS redirection works until they hit their teens then you just have to teach them responsible net use. Tech can't replace parenting.

    The only real concern here could be bandwidth. Say you've an average VDSL link at 50_10. With 3 STBs and a Kodi box you'll eat a fair chunk but not all. If it becomes an issue lock the kids onto a .11b mode radio and leave the adults on .11AC on the 5GHZ radio. That'll limit the kids to about 15-20Mb at most between all of them.


  • Registered Users, Registered Users 2 Posts: 8 frankdrebbin


    Thanks for the help.

    If I understand, replace the sky router with one that allows multiple ssids. Give them an ssid on .11g and schedule the access time. And buy a cheap 24port switch.

    Sounds fair enough.

    The opendns was more for scheduling time than content, the kids sure do like their YouTube.


  • Registered Users, Registered Users 2 Posts: 134 ✭✭ishotjr2


    You could also look at https://www.pfsense.org/about-pfsense/features.html https://pfsense.org/download/ free if you put it on your own PC. There is a few of these open source firewalls(IPCOP/SmoothWall...) you wont need a Enterprise firewall, but you will need a few days to get your head around it. Seems like pfSense will do bandwidth shaping also has some L7 inspection. This is the route I would take, it will give you lots of features for the things you have not thought of yet, even a captive portal should you want that :)


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 36,170 ✭✭✭✭ED E


    Again thats great, if somebody has documented skys TV process well. With Eir for one the router is a host node so its not just a case of forwarding traffic.


Advertisement