Differences
This shows you the differences between two versions of the page.
infrastructure_working_group [2015/09/15 03:18] zimmer62 |
infrastructure_working_group [2017/04/05 00:38] |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ======= Infrastructure Working Group ======= | ||
- | |||
- | ==== Mission: ==== | ||
- | To create a robust, reliable, wireless and wired network at LMN for members, guests and space owned equipment. | ||
- | |||
- | ---- | ||
- | |||
- | === Working Group Members: === | ||
- | * [[user:zimmer62:start|Joe Zimmerman]] | ||
- | * [[user:tim:start|Tim Schmidt]] | ||
- | |||
- | ---- | ||
- | |||
- | === How YOU can help: === | ||
- | == Please feel free to edit this wiki page, or send a message to members@lansingmakersnetwork.org == | ||
- | * Help answer some of the questions below. | ||
- | * Tell us your needs or concerns. | ||
- | * Join this working group! | ||
- | * To do that, edit this wiki page add your name, and send a message to members@lansingmakersnetwork.org. | ||
- | |||
- | ---- | ||
- | |||
- | === Considerations: === | ||
- | * The network must be easy to use | ||
- | * The configuration must be accessible, and understood by more than one member | ||
- | * The guest network must be separated from the members network | ||
- | |||
- | ---- | ||
- | === Current Setup: === | ||
- | * SSID: LansingMakersNetwork | ||
- | * Password: Written on the wall in many places around the space | ||
- | * The old SSID of LansingMakers2 still works, however it's using new hardware, this will be deprecated eventually. | ||
- | There is also a LansingMakersGuest (currently this SSIS is not configured properly, so don't try and use it yet) | ||
- | |||
- | You'll notice there are three access points now, 1 on each floor. | ||
- | 1. The one in the shop is located in the middle of the room. | ||
- | 2. The on the main floor is located to the right of the stage area | ||
- | 3. The one on the 3rd floor is located on the back wall near the electronic storage. | ||
- | |||
- | If you see any of these access points with the light showing anything other than a solid Green, it would be helpful if you can report that here as well. | ||
- | |||
- | Please do not plug in the old Linksys/Cisco access point, it is using the same SSID and will cause problems. | ||
- | ---- | ||
- | === Change Log: === | ||
- | 9/14/2015 upgraded firmware on all three AP's from 3.2.5.2791 to 3.2.12.2920 | ||
- | ---- | ||
- | === Questions that need to be addressed: === | ||
- | (Educated guesses are okay here) | ||
- | |||
- | - How many machines live in the space? | ||
- | * Can any of these machines be hard wired? | ||
- | - How many members will be connecting at one time? | ||
- | - How many guests might be connecting at one time? | ||
- | - How big of a space will each access point cover reliably? | ||
- | - What kind of environmental problems will we be challenged with? | ||
- | * metal stud walls | ||
- | * concrete walls | ||
- | * large metal machines | ||
- | * electrically noisy machines | ||
- | * etc. | ||
- | - What kind of throughput would we like to provide on our network? | ||
- | * With consideration to internet speeds vs internal network speeds | ||
- | * [[https://en.wikipedia.org/wiki/IEEE_802.11ac|802.11AC]] / [[https://en.wikipedia.org/wiki/IEEE_802.11n-2009|802.11N]] / [[https://en.wikipedia.org/wiki/IEEE_802.11g-2003|802.11G]] / [[https://en.wikipedia.org/wiki/IEEE_802.11b-1999|802.11B]] | ||
- | - What is our realistic max budget? | ||
- | - Will we need a smart switch or wired router of some sort with manged firewall? | ||
- | - Can we provide a wireless guest network that is completely firewalled from the wireless and wired network using the same access points. | ||
- | - Can we prevent guest users from plugging in a machine into a wired connecting and being on the private network? | ||
- | - Can we allow them to be on the guest network until providing the mac address or something to an authorized private network list? | ||
- | - Can / Should this authenticate with LDAP and give each LMN member an account in a central location that can be used for various services? | ||
- | - Can the guest network be dumped to an Intro to LMN page and have free roam on the LMN wiki without any extra authentication? | ||
- | - How will we allow for VPN connections from outside the building into the member only network? | ||
- | - How will we allow for members to run servers using static or dynamic IPs? | ||
- | |||
- | ---- | ||
- | |||
- | === Items to recommend: === | ||
- | |||
- | * Ubiquiti Networks UniFi AP Enterprise WiFi System UAP-3 (Pack of 3) | ||
- | * Pros: | ||
- | * Under $200 for 3 pack, but only supports 2.4ghz | ||
- | * These come with power injectors. | ||
- | * Cons: | ||
- | * only supports 2.4ghz | ||
- | * Info: | ||
- | * [[https://www.ubnt.com/unifi/unifi-ap/|Manufacturer Link]] | ||
- | * [[http://www.amazon.com/Ubiquiti-Networks-UniFi-Enterprise-System/dp/B005EORRBW/ref=sr_1_1?ie=UTF8&qid=1438804839&sr=8-1&keywords=UAP-3|Amazon $192.76]] | ||
- | * NOT 802.1af (48v) compatible -- from amazon review. need more info if that matters or what it means? | ||
- | * Additional Equipment needed: | ||
- | * We will need a cheap switch, or switch with POE injeciton | ||
- | * Cat6 wire to install | ||
- | * Cat6 termination ends | ||
- | |||
- | ---- | ||
- | |||
- | * Ubiquiti TS-8-PRO ToughSwitch 8 Port Advanced Power Ethernet Controllers | ||
- | * Pros: | ||
- | * 24V/48V Passive PoE | ||
- | * 8 Ports | ||
- | * Info: | ||
- | * [[http://www.amazon.com/Ubiquiti-TS-8-PRO-ToughSwitch-Advanced-Controllers/dp/B00CXU1NHY/ref=pd_sim_147_5?ie=UTF8& | ||
- | refRID=1WEN598N7N6TPV4Y7C3W|Amazon $178.90]] | ||
- | |||
- | OR | ||
- | |||
- | * Ubiquiti TS-5-POE TOUGHSwitch 5 Port Advanced Power Ethernet Controllers | ||
- | * Pros: | ||
- | * Price | ||
- | * Cons: | ||
- | * 24V Passive PoE Only | ||
- | * Only 5 Ports | ||
- | * Info: | ||
- | * [[http://www.amazon.com/Ubiquiti-TS-5-POE-TOUGHSwitch-Advanced-Controllers/dp/B00CXTK90W/ref=pd_sim_147_1?ie=UTF8&refRID=1WEN598N7N6TPV4Y7C3W|Amazon $82.59]] | ||
- | |||
- | ---- | ||
- | |||
- | === Items to research: === | ||
- | * [[http://www.packetfence.org/|PacketFence]] | ||
- | * What can PacketFence do? | ||
- | * BYOD - Let people bring their own devices | ||
- | * Provide guest access | ||
- | * Role-based access control | ||
- | * Perform compliance checks | ||
- | * Eliminate malware | ||
- | * Simplify network management | ||
- | * WiFi offload / hotspot | ||
- | * Tim Schmidt has stated he has set it up at home before | ||
- | * A friend of Joe Zimmerman's uses this at a small community college (he says "It's Awesome") | ||
- | * A [[http://www.packetfence.org/download/zen.html|LiveCD called ZEN (Zero Effort NAC)]] is availble and we would like to test it out. | ||
- | |||
- | * [[https://www.ubnt.com/unifi/unifi-ap-ac/|Ubiquiti Network UniFi-AC]] | ||
- | * Suggested by a network admin of a small community college | ||
- | * Cost is around $700 for a 3 pack of routers | ||
- | |||
- | * Shielded vs Unshielded Cat6 | ||
- | |||
- | TODO: add links and research | ||
- | |||
- | * POE switch for access points | ||
- | * What is 802.1af | ||
- | * Ubiquiti TS-8-PRO ToughSwitch 8 Port Advanced Power Ethernet Controllers | ||
- | * Ubiquiti TS-5-POE TOUGHSwitch 5 Port Advanced Power Ethernet Controllers | ||