This is an old revision of the document!
Infrastructure Working Group
Mission:
To create a robust, reliable, wireless and wired network at LMN for members, guests and space owned equipment.
Working Group Members:
How YOU can help:
Please feel free to edit this wiki page, or send a message to members@lansingmakersnetwork.org
- Help answer some of the questions below.
- Tell us your needs or concerns.
- Join this working group!
- To do that, edit this wiki page add your name, and send a message to members@lansingmakersnetwork.org.
Considerations:
- The network must be easy to use
- The configuration must be accessible, and understood by more than one member
- The guest network must be separated from the members network
Questions that need to be addressed:
(Educated guesses are okay here)
- How many machines live in the space?
- Can any of these machines be hard wired?
- How many members will be connecting at one time?
- How many guests might be connecting at one time?
- How big of a space will each access point cover reliably?
- What kind of environmental problems will we be challenged with?
- metal stud walls
- concrete walls
- large metal machines
- electrically noisy machines
- etc.
- What kind of throughput would we like to provide on our network?
- With consideration to internet speeds vs internal network speeds
- What is our realistic max budget?
- Will we need a smart switch or wired router of some sort with manged firewall?
- Can we provide a wireless guest network that is completely firewalled from the wireless and wired network using the same access points.
- Can we prevent guest users from plugging in a machine into a wired connecting and being on the private network?
- Can we allow them to be on the guest network until providing the mac address or something to an authorized private network list?
- Can / Should this authenticate with LDAP and give each LMN member an account in a central location that can be used for various services?
- Can the guest network be dumped to an Intro to LMN page and have free roam on the LMN wiki without any extra authentication?
- How will we allow for VPN connections from outside the building into the member only network?
- How will we allow for members to run servers using static or dynamic IPs?
Items to recommend:
- Ubiquiti Networks UniFi AP Enterprise WiFi System UAP-3 (Pack of 3)
- Pros:
- Under $200 for 3 pack, but only supports 2.4ghz
- These come with power injectors.
- Cons:
- only supports 2.4ghz
- Info:
- NOT 802.1af (48v) compatible – from amazon review. need more info if that matters or what it means?
- Additional Equipment needed:
- We will need a cheap switch, or switch with POE injeciton
- Cat6 wire to install
- Cat6 termination ends
- Ubiquiti TS-8-PRO ToughSwitch 8 Port Advanced Power Ethernet Controllers
- Pros:
- 24V/48V Passive PoE
- 8 Ports
- Info:
OR
- Ubiquiti TS-5-POE TOUGHSwitch 5 Port Advanced Power Ethernet Controllers
- Pros:
- Price
- Cons:
- 24V Passive PoE Only
- Only 5 Ports
- Info:
Items to research:
-
- What can PacketFence do?
- BYOD - Let people bring their own devices
- Provide guest access
- Role-based access control
- Perform compliance checks
- Eliminate malware
- Simplify network management
- WiFi offload / hotspot
- Tim Schmidt has stated he has set it up at home before
- A friend of Joe Zimmerman's uses this at a small community college (he says “It's Awesome”)
- A LiveCD called ZEN (Zero Effort NAC) is availble and we would like to test it out.
-
- Suggested by a network admin of a small community college
- Cost is around $700 for a 3 pack of routers
- Shielded vs Unshielded Cat6
TODO: add links and research
- POE switch for access points
- What is 802.1af
- Ubiquiti TS-8-PRO ToughSwitch 8 Port Advanced Power Ethernet Controllers
- Ubiquiti TS-5-POE TOUGHSwitch 5 Port Advanced Power Ethernet Controllers