Small-office Physical Networking
I’ll talk a little about the wiring up and networking infrastructure in the office. I had a lot of old networking equipment lying around my home and decided to work with that instead of buying new ones. However, the future is also important and I have planned for easy upgrades and growth.
The main backbone of the office network is wired. While wireless networking has its place, it is not a replacement for good old copper wiring in terms of security, stability and speed. If you refer to the rendering of the office plan, the main backbone forms an inverted ‘V’ along the top edge of the picture, stretching from the server room to the reception area via the work area.
All computers in the office come with Gigabit Ethernet and although the old networking equipment is only capable of Fast Ethernet, upgrading the network would only involve replacing the switches and routers. The wiring itself uses CAT5E cables and does not need to be replaced. All the work-stations are wired, instead of wireless, to improve speed and reliability.
The office is supplied with a 2Mbit line on a AM300 Linksys modem, which enables the DD-WRT router to control the Internet connection. If the modem dies, it will be replaced with a cheap ADSL modem – TD8616 (RM42) TP-Link modem. This takes away one dependency and modularises the Internet. When fibre comes to the area, this can be replaced without affecting the internal network.
The core of the network uses a low-cost WHR-G125 Buffalo router. Buffalo routers are useful because they can be easily flashed with DD-WRT, which turns a cheap router into an enterprise grade one. If I were to upgrade this, I would get the WR1043ND (RM175) TP-Link router, which is the cheapest Gigabit Wireless-N router in Malaysia and is DD-WRT capable.
All the switches are unmanaged Fast Ethernet switches. There are two old 8-port switches for the work area to cater to each cluster of work-stations – one for the computers at the end of the work area and another for the computers and network printer near the reception side. There are no switches in the server room yet, because the sole server in the room is connected directly to the 4-port switch on the router. In the future, these can be replaced by the SG1008D (RM100) TP-Link switches.
Wireless networking is provided by the core-router and is secured using the highest grade wireless security. There is really very little use for the wireless network and it is mainly provided for the purpose of the lounge area and meeting room. Oh, I use it when I am having some food in the kopitiam down-stairs and would like to check out HN or Reddit while I eat.
There is also an old DD-WRT powered WBR-G54 Buffalo router being used in client-bridge mode. This is used to supply networking to further parts of the office (read: lounge area) where the wired networking does not reach. This is meant only for temporary use and is kept in the store-room.
The core-router is also configured as the main firewall of the network. I have found fwbuilder to be a very useful tool for configuring the firewall. It can be used to generate the necessary rules and facilitates experimentation without actually having to activate the rules on the firewall. Care must be taken when playing with it though.
I had also considered buying some Mikrotik gear but since their local distributor never replied my email query, I decided against it and to stick with DD-WRT powered off-the-shelf equipment instead. I did not consider using a m0n0wall powered PC because that would be unnecessary.
That’s it. A quick run-down on the physical networking infrastructure at the new Aeste office – capable of connecting half a dozen wired work-stations and a dozen wireless devices.