High end consumer aka prosumer, which is only really one brand, ubiquiti. Specifically their unifi stuff.

Or used mid range business stuff, Cisco, Aruba, juniper. The pinch here is that you usually need specialized knowledge to configure this class of device. I’ve also used Cisco, watchguard, Fortinet, Sophos, sonicwall, and probably others for firewalls. I prefer Sonicwall for some very specific reasons about how they structure their configuration, but for anyone who isn’t a certified sonicwall tech, I’d point at Sophos. Their stuff seems to be a fair balance of configurability and user friendliness. If you’re instant on new business stuff and you have the money for it, Sophos for the firewall, Aruba instanton for switching and Wi-Fi.

The benefit to unifi is user friendliness and a unified control console. If you’re not an IT professional or a similar technical job, unifi will provide plenty of what you need and leave out the unnecessary knobs that needs like me want to see.

Be prepared to spend several hundred on the networking if you’re going to do it right, there are some places you can trim some costs, but before you nope it from sticker shock, consider how much you spend per year on Internet service, and then consider how much the router/firewall + switch + access points are in comparison… And those are things you don’t need to buy every year.

Alternative? Sure. Though why?

If ethernet works, you’re just using a more expensive option to go with fiber.

Unless you need something unique about fiber, like distance (which can still be dubious for consumer grade hardware), or a non-electrical based signal (dubious requirement in most cases), then you’re just throwing money at being able to say you use fiber.

Yes. Fiber is great but extremely nuanced. SMF, MMF, UPC, APC, OM3, OM4, OS2… All different parts of just the cabling… Not to mention the connectors, LC, SC… You get the idea.

Everyone I tend to talk to about it seem to think multi-mode is cheaper, and it can be, but in my experience, single mode is usually the better choice and usually not much of a price uplift if you’re buying from a good company. Look at FS.com and do some comparison shopping against them. They make some high quality stuff, and it’s at pretty incredible pricing for what you get, but the equipment can add up fast.

Multi mode can only really carry one connection per fiber and usually needs to be duplexed (two strands per link) while single mode can leverage WDM to carry multiple independent signals on different wavelengths. This can be leveraged for bi-directional single strand links, multiple links that are aggregated into a single connection in hardware (this is how 40Gbit works, it’s actually 4x10G connections on different wavelengths)…

It’s still more costly and requires more specialized equipment and training to work with, compared to copper Ethernet, so it’s pretty uncommon to see in residential or home networks.

YMMV. Good luck.

Awesome. That’s good to hear.

I know not everyone can run Ethernet. Whether it’s because you’re in a rental, or you simply don’t have the budget for it, the reason doesn’t matter all that much. There’s plenty of good reasons not to.

Usually mesh nodes have Ethernet on them as well and it just bridges into the LAN. Using that can actually cut down on wireless traffic overall. Maybe something to look at which could help if you have any troubles.

Good luck friend.

CAT6 is so cheap you might as well get that by default now. 7/8 is where it gets expensive.

But if you can’t find 6 for a good price, 5e will do everything you need it to.

I always recommend Cat6, mainly because it can carry 10G up to 55m, which is basically your entire house, unless you live in a mansion or something.

10G might work on 5e, but it won’t be reliable.

Even if you’re not planning to go for 10G any time soon, do yourself a favor and run Cat6. In 5 or 10 years when you want 10G for any reason, you can just upgrade the equipment on both ends and it will just work.

The cost difference isn’t significant enough for cat5e to make any sense for new installs.

It’s a single frequency for all people, including those that are on the same or adjacent/overlapping channels. If you ever used walkie talkies, they don’t work so well when more than one person is talking.

Same idea.

Wi-Fi 7 is introducing multi link, which could improve the duplex operation, but it’s far from perfect. Even if you use one channel for download and one for upload, you’re still competing with everyone else on the channel - whether they’re connected to your network or not. They can still interfere with you if you’re on the same channel but different networks.

If I’m not mistaken, they still use 2.4 GHz, which is also used by wifi, Bluetooth, ZigBee, a bunch of other stuff… Microwave ovens…

And anything operating on a frequency, regardless of protocol, will interfere with eachother. I think the main benefit for you would be the brief amount of active time, could reduce the airtime being used by the devices.

I hope it works out for you and your wifi works excellently. Just be aware that it could still interfere. Use 5ghz when possible.

Is this a kink?

The first six hexadecimal digits of the Mac address are referred to as the oui, or organizationally unique identifier. They are supposed to all be registered, but with modern systems, mac address randomization is common, so the Mac address in use can be little better than nonsense.

I have a theory that some of the more budget oriented manufacturers (think Ali express), just don’t bother using a registered mac address at all.

This all makes my job harder as a network admin, I usually need to look up what a device is by mac address to help identify what it is and what it’s doing. I need to make sure everything is on the right network, and I can’t do that if I don’t know what anything is.

The last six hexadecimal digits of the Mac are simply to uniquely identify the interface that the Mac is burned into. This also means that any systems with multiple network ports, have different mac address on each port. Some things are exempt, like network switches, but for the most part, every interface has, or is supposed to have, a unique mac address.

Also, the mac isn’t hex, it’s binary. Hex is just how we’ve decided to present it to users. The switches, routers, and interfaces don’t work with the hex, only the binary. Same for IP addresses, which normal are shown in “dotted decimal notation”, but are just binary. But you didn’t ask about IP.

Did you need me to whisper ouis into your ear and you can guess what company is registered to that oui?

Sorry this took me a bit to get to. Hello!

I’m hoping that not all of that is running on a single pi. I mean, it can, but you might hit limitations when everything is engaged with doing things. I just feel like, that’s a lot for one raspberry Pi…

Anyways, iptables are good to have a general grasp of, but they’re generally GNU/Linux specific. There’s other routing implementations that run on Linux, and hardware appliances generally have their own bespoke, vendor specific stuff. One project I’m aware of is free range routing. There’s a lot more, but this is one that I know of. Using FRR, vs iptables, they’re very different beasts. But you shouldn’t need FRR, it’s a monster in terms of memory use and designed to operate in ISP class networks. You don’t need it. I’m just using it as an example of what is out there.

The best advice I can give about this is that learning the concepts behind routing is more valuable than any specific product. Knowing the difference between an RIB and FIB, and how to structure routes, priorities, costs, etc… All very important. Can you learn that with iptables? Sure, and probably more, since iptables can also function as a low end firewall.

The important thing is that you learn the meaning behind what you’re doing in whatever routing platform you are working with.

I’ve worked with so many different ways of handling routing and firewall work that I get annoyed when vendors come up with dumb marketing terms that leak into the device user interface, for a very common routing, firewall, or VPN technology. I don’t care whether I’m on a router or firewall that’s custom and running open WRT, ddwrt, opnsense, or one from Cisco, Sonic wall, watchguard, Fortinet, Palo Alto, or any of the dozens of other vendors. A VPN is a VPN. IKE and IPsec don’t change because it’s vendor x or y. Don’t start calling the IKE identifier something else.

… Sorry, rant.

Anyways, I don’t really see the vendor’s interface as anything more than a code I have to convert into the industry standard protocol information that everyone uses. It’s a filter by which that vendor portrays the same options that everything else has. Some have quirks. Some are more straight forward. But they all have the same options in the end. Allow the traffic or don’t, do it by port and protocol or by IP. Apply content filters or don’t, use Ethernet, DHCP, pppoe, or something else like ATM or ipx/SPX for signaling. Who cares.

If you understand the concepts, the skills are transferable, no matter what platform you end up using, you’ll know what needs to be done, you’ll just be stuck figuring out how you do it on this platform.

Thanks. I’ve been on hiatus for a bit. I’m around.

I still won’t go back to that place either way

I suppose, but I usually don’t check my messages on Lemmy very often, I look at my comment replies, but not my messages. I should have Matrix connected, if you use that… I have no idea if I set up Matrix right, or if I linked it correctly… I haven’t looked at it since I did the setup.

I’m curious why you would want to DM rather than discuss it publicly where the information might help others?

You don’t need to justify yourself to me. That question is intended for you to answer it for yourself, and if that doesn’t change that you would rather do the discussion over DM, then I won’t hold that against you.

Be well.