[NTLUG:Discuss] LAN Planning

jeremyb@univista.com jeremyb at univista.com
Fri Aug 23 09:24:56 CDT 2002 

I really think you'd be happier with wireless.  It's a lot easier
...obviously.
All the hardware you're looking at buying for your wiring endeavor will cost
you close to the same as buying a WAP and 2 or three 802.11b NICs.  Of
course 802.11b PC cards will be more costly then PCI but the freedom of
mobility is really nice.

A note on security:  You should definitely study up on securing a WAP and
wireless LANs.
Think of it this way   ....by going wireless you are exposing your LAN to
the wireless equivalent of a nonswitched internet that's accesable from
anywhere the signal can be picked up.  ...forget about having to access some
middleman router to sniff traffic.  The middleman is the nearest parking lot
to your house.  I hope I don't get flamed for mentioning this but this
quarters 2600 has a short informative article on wireless that should get
you started  ..and scare you a little too.

I would keep your servers wired using cat5 and just add a single 802.11b NIC
to a locked down box on the same hub.  That way you save some money and you
reduce the vulnerability of the network as a whole.  Anything that lives in
the server room/closet could stay cat5 and anything that is in site of the
wife and within reach of the baby can be wireless. 
You could use ssh or another method to encrypt data between WAPs.  This will
probably take less time to configure then all that wiring.  

-Jeremy Brooks


-----Original Message-----
From: Kelledin [mailto:kelledin+NTLUG at skarpsey.dyndns.org] 
Sent: Friday, August 23, 2002 6:08 AM
To: discuss at ntlug.org
Subject: Re: [NTLUG:Discuss] LAN Planning


On Friday 23 August 2002 04:52 am, Aaron Goldblatt wrote:
> I need some suggestions for designing a LAN I want to put into my 
> (new, as in still-smell-paint new) house.

Well, now is probably the worst time for you to find this out, 
but it's best to start running cable within your walls before 
the drywall is up (but after the frame is complete).

> Objective:  Most of the computer equipment will be centered in a 
> bedroom, but one computer won't be in that bedroom, and it is 
> necessary to connect that computer to the LAN.

Good; hubs, switches, modems, routers, and most servers need to 
be centralized somewhere.  In a mid-sized home, an equipment 
closet is usually used for this purpose.

>
> CURRENT SETUP:
>
> I have two physically independent networks, one running 10.x.x.x, one
> running live IPs.  The live IP one runs 10BaseT.  The 10.x.x.x
> runs 100BaseT.  The private network is used for things like
> local IMAP, SMTP relay, and NFS.  The public network is used
> to connect to the
> net without the hassle of a proxy.
<snip>
> 1) A single physical network is nice but not strictly required.  The 
> private side network must run 100meg.  The hub on that network is a
> 3Com 100BaseTX hub with a couple of fiber inputs.  It will
> -not- switch down to 10 megabits.

Best way to do this sort of thing is put the private network 
behind a router (a 486 running Coyote, Freesco, LRP, or even a 
full-blown distro is good for this).  Then set up a DMZ for your 
public servers, or just do port-forwarding for all services you 
want to be publicly accessible.

100baseT cards are outrageously cheap these days, even for good 
ones like Intel PRO/100's.

> 2) Easy to wire.  Patch panel optimal.  It can go in a closet.

Best way to keep the cable out of sight is to run it within 
walls.  To do this yourself, you have to get savvy on a few 
safety/electrical codes.  Here's a start:

1) You must use plenum-rated cable in all spaces that might be an 
HVAC return area.  Plenum-rated cable is specially designed not 
to omit opaque smoke/fumes if it catches fire.  It's typically 
used in the "plenum"--the space between the false ceiling and 
the structural ceiling--because this is commonly an HVAC return 
area.

2) Cables running within walls should be solid-wire in order to 
take a punch-down without fraying; cables running from walls to 
network units should be stranded for better flexibility.

3) Cables running within common walls must be run within 
insulating conduits.  Failure to do so is a code violation.

4) You must use riser cabling when running between floors.

A lot of these guidelines can unofficially be bent or even 
broken, primarily because health/electrical inspectors probably 
don't audit your house regularly.  I wouldn't break them though.

> 3) Easy to expand to additional ports.  Big patch panel?  (How many 
> ports would be good?  This is a 4br 2150 sqft house.  I want ports in 
> at least three bedrooms, and possibly the formal living room which 
> we're turning into a library.)

Two ports in each room is generally more than enough for a home 
setup.  The central area (the equipment closet/room) will need a 
lot more ports, simply because this will be where all electronic 
roads lead. ;)  For your floor plan, it looks like a 16-port 
wall-mounted patch panel would be enough for the equipment 
closet.  A 24-port would give you a lot of room to grow, but 
that would probably be more expensive.

> 4) The Internet connectivity will be coming through some sort of 
> 10BaseT port, either an Ascend Pipeline 50 or 85, or some kind of xDSL 
> modem/router thing.  This means that a proxy is necessary unless we go 
> with two physical LANs.

A proxy is not always necessary; a router usually is, however.

> 5) Money is an object, but plenum cable is absolutely required. Please 
> tell me where it can be found at the price-performance sweet spot.  :)

Good that you recognize that. ;)

Greybar Electric, Grainger, and Home Depot all provide pretty 
reasonably-priced cable (though I don't know if Home Depot will 
provide plenum-rated); I've taken to getting bulk cable cut off 
the spool in specified lengths.

> 6) In that same line of thought, does somebody have a punchdown tool I 
> can borrow, or know where can I get one for not-a-lot?  Will also need 
> wall plates, wall plate pop-ins, male RJ45 ends, and a crimper.

Wall plate pop-ins are commonly known as keystone jacks, btw.  I 
have a few of those left, but not enough to satisfy your needs.  
Leviton keystone jacks and faceplates can be had at Home Depot; 
they're of reasonably good quality.  The best keystone jacks are 
manufactured by Panduit, but they're rather difficult to come by 
locally.

However, I have gobs of male RJ45 ends, as well as a decent RJ45 
crimper and a 110/66-style punch-down tool.  I'd probably never 
use the RJ45 ends, except doing just this--crimping cable for 
someone else's installation. ;)  I used to have a nice little 
Cat5 jacket stripper, but that's currently missing.

> 7) If we locate a wiring closet in one of the bedroom closets, what 
> can be done to make the hole in the ceiling pretty?  Just leaving an 
> empty hole isn't a good idea.  Would piss off the wife major bad.

I'll have to look that up.  IIRC there's actually some 
fireproofing you're supposed to do with that sort of thing 
(along with using riser cable).

> 8) Is there a standard color pattern for wiring in a house?
> When I've built cables, I've done it like this (hook facing
> away):

> LEFT
> Orange-White
> Orange
> Green-White
> Blue
> Blue-White
> Green
> Brown-White
> Brown
> RIGHT

What you've listed there is 568B, the standard color-pattern for 
wiring Ethernet.  There's a somewhat older standard (568A) 
that's essentially the same as 568B, except the green and orange 
pair are swapped.  You shouldn't have to worry about 568A unless 
you want to make a crossover cable (unlikely).

> 9)  There is a lack of telephone jacks in this house (only one in the 
> kitchen and another in the master bedroom).  I know it's certainly 
> possible to run landlines on the unused CAT5 pairs; is it wise? Should 
> I simply drop new line?

Drop new line.  Running lines on the unused CAT5 pairs is 
technically possible, but it will make the network incompatible 
with standards like copper Gigabit (if you ever plan to 
upgrade).  Copper Gigabit uses all four pairs.

> 10) For each faceplate I was planning two RJ45 ports, each with it's 
> own 4 pair lead.  Should I simply consolidate them and go for using 
> all four pairs, forgetting for the moment the landline issue?

See above.

> 11) Wiring closet in the bedroom closet, or in the garage?
> Garage is not AC'd (obviously), which is my only major concern 
> about putting it there.

If the wiring closet contains cable only, it may be OK for the 
garage (I personally would prefer bedroom closet).  If it 
contains sensitive electronic equipment, you need 
climate-control that a garage usually doesn't offer.  In either 
case, DO NOT run cable on open ground; just keep it indoors or 
in the garage.  Running cat5 outside is a whole other can of 
worms.

> IN THE ALTERNATIVE, should I simply forget wiring the walls and go for 
> the 802.11x solution for the one computer not in the bedroom? If I do, 
> I'll have a number of walls to go through, all sheetrock.

802.11x is definitely easier.  However, Cat5 is a lot faster and 
a lot more reliable (and once you get past running cable in the 
walls, the hardware's a lot cheaper).  The kind of wiring you're 
doing might set you back enough to offset the cost savings of 
hard lines, though.

-- 
Kelledin
"If a server crashes in a server farm and no one pings it, does 
it still cost four figures to fix?"

_______________________________________________
http://www.ntlug.org/mailman/listinfo/discuss

More information about the Discuss mailing list