New 881 in place

Discussions about Internet service providers (ISPs), the Meetinghouse Firewall, wired and wireless networking, usage, management, and support of Meetinghouse Internet
Post Reply
aclawson
Senior Member
Posts: 760
Joined: Fri Jan 19, 2007 6:28 pm

New 881 in place

#1

Post by aclawson »

Comcast installed the new circuit today. The 881 did the firewall registration and the wireless was noted to be up and running within 15 minutes. I am consistently getting 15-20Mb down and 1.5-1.8 up so our eventual implementation of webcasting should be successful. At the moment I am noting that the connection speed is 1/10 down (but 100% of up) in the FHC and one of the clerk machines is fluctuating wildly on the download speed but I'm guessing that will be cleaned up when I get the new cables pulled. (Right now, just to make it work at all in the FHC the connection goes like this:

Cable modem --> firewall --> switch --> hub --> router --> hub --> FHC machines.

And this kludge is still faster and seems to be more reliable than the DSL line that is about to be decommissioned.
jdlessley
Community Moderators
Posts: 9858
Joined: Mon Mar 17, 2008 12:30 am
Location: USA, TX

#2

Post by jdlessley »

aclawson wrote:Cable modem --> firewall --> switch --> hub --> router --> hub --> FHC machines.
Hubs dramatically reduce network speeds. Each device connected through a hub multiplies the speed reduction. If possible, replace the hubs with switches. You will notice faster speeds and a lot less network problems. Having one switch or router rather than daisy-chaining network devices will improve network performance also.

I would recommend putting a router after the firewall and then a switch if necessary. The router will create the subnets and the switch to increase the number of ports available, if necessary.
JD Lessley
Have you tried finding your answer on the ChurchofJesusChrist.org Help Center or Tech Wiki?
russellhltn
Community Administrator
Posts: 34417
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

#3

Post by russellhltn »

jdlessley wrote:Hubs dramatically reduce network speeds.

Yup. Even if only two things are connected. I learned that one the hard way. Hubs force everything into half-duplex. Switches allows for Full. That makes a difference, even if copying a file in one direction.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.

So we can better help you, please edit your Profile to include your general location.
jdlessley
Community Moderators
Posts: 9858
Joined: Mon Mar 17, 2008 12:30 am
Location: USA, TX

#4

Post by jdlessley »

RussellHltn wrote:Yup. Even if only two things are connected. I learned that one the hard way. Hubs force everything into half-duplex. Switches allows for Full. That makes a difference, even if copying a file in one direction.
And with a hub on one side of the router and one on the the other I am not surprised the download speeds at the FHC computers are 1/10th the speed at the modem.
JD Lessley
Have you tried finding your answer on the ChurchofJesusChrist.org Help Center or Tech Wiki?
aclawson
Senior Member
Posts: 760
Joined: Fri Jan 19, 2007 6:28 pm

#5

Post by aclawson »

This is all just a temporary patch hacked into place - for those interested in tales of improvised solutions....

The building dates back to c.1940s and is filled with lovely reinforced cinder block walls and lots of rebar. I have heard that it was a California blueprint and designed in the "let's use raw mass to protect against earthquakes" philosophy. The building is about 350' long and 150ish' wide with an open central courtyard. The building appears to have been U-shaped originally with an extra back hallway added on to completely enclose the courtyard which means that there is an exterior wall (brick and everything!) running slab to ceiling (no basement except for under the kitchen) blocking off the 24" plenum. The hallway ceilings are drywall suspended by angle brackets and in one hallway there are no studs, joists, tresses or anything more significant than tape and mud to crawl on.

Originally built with baseboard heat there was a major retrofit in the 80s and the entire building was converted to GFA. With the building on slab and interior walls often being more of the lovely cinder and rebar construction the ductwork all went up into the 24" of plenum. In some areas the ducts are so tight to the walls that you can't even see light pass from one end to another - the only possible way to run cable through the plenum would be to drill holes in the ducts (not gonna happen!) which still leaves you with 18" of masonry to drill.

There is so much mass and metal and interference that wireless just wasn't happening, either. 2W EIRP gets you 30' at best in some directions.

The final solution is to run exterior conduit (painted to match the brick) and punch holes in the five rooms where it needs to go. But that is a week or three away, and in the meantime we want to get off of the unreliable DSL line asap, especially since we have a nice new connection that is available.

Many many years ago a single cat5 was run from the FHC to the stake clerk's office. All of the computers and desks were pulled away from the wall and the cable was artfully concealed by peeling back the rubber base trim and gluing the cable back inside. When the cable reached the exterior grade interior wall a hole was drilled a couple of inches above the floor, cable passed through then up the wall to the ceiling, through the back hallway and down into the SCO. It worked well enough, the FHC had their cluster of machines that they maintained and the SCO could send/receive MLS at about 800 instead of 36-40. The FHC had DSL modem --> PIX --> router (don't know why, didn't ask) and a hub somewhere under the desks to get all of the machines hooked up. The line to the SCO came off of the router which was serving up 192.168s to everybody.

Flash forward to today.

I installed the rack with patch panel, gigabit switch, power supply and all of the other good stuff. It goes into the room that holds the satellite equipment, the water main and sprinkler controls - and is on the hallway side of the monster wall with a proper drop ceiling that made things as easy as they should be to run the drops to where they should be in that hallway. The SCO has a cat6 drop from the patch panel so that machine gets hooked up there. Until my new conduit arrives though the only way to get the Comcast connection to talk with the FHC is to run the signal back along the older line so instead of the SCO tapping into the FHC the FHC is tapping into the SCO. This means that there is a switch (netgear 5 port) temporarily wedged into place so a line runs from the rack to the two port box on the desk into the switch which then connects the SC admin machine and plugs back into the older run which then disappears into the nest in the FHC 80' feet away.

Once the conduit comes along I'll be able to run a proper drop from the patch panel to the FHC which eliminates the switch in the SCO. Once I have this accomplished I will trace out the lines in there and see what can be improved. I'll have plenty of cat6 left on my spools so I'll even be able to upgrade the connections - a 6 port keystone surface box will nicely do the job of a patch panel and make future maintenance easier.
harddrive
Senior Member
Posts: 501
Joined: Thu Jan 03, 2008 7:52 pm

#6

Post by harddrive »

aclawson wrote:This is all just a temporary patch hacked into place - for those interested in tales of improvised solutions....

Wow, it sounds like you got your work cut out for you. One of the things that I would do it to completely remove all unnecessary switches/routes/hubs and so forth. this does two things, (1) speed up the connection because there is nothing to have to handle the packets until it gets to the router. (2) makes troubleshooting much easier, because there isn't all these other devices in play that can cause issues.

If you have to use switches, I would recommend running one cable from the 881W or a switch connected to it, to another switch and then branch off.

the only advantage that i can see with the extra router is that it cuts down on the broadcast domain and it can isolate the FHC if you want, other than that, my recommendation is get ride of it, because it would show the same address range as if you were connected directly to comcast. That would confuse me and make me concern that you weren't going through the firewall.

Just my two cents worth.
aclawson
Senior Member
Posts: 760
Joined: Fri Jan 19, 2007 6:28 pm

#7

Post by aclawson »

I think the extra router was originally used mainly to serve up IPs because the PIX wasn't providing enough for everybody, but that's just a guess because it was in place long before there was a stake technology specialist. Because the FHC is used by non-members and has a steady stream of patrons I'm planning to put up a new N-standard wireless router. Not only will there be enough IPs for everybody but I'll be able to segment the network away from the loop with the admin machines. A device that will meet all needs costs about $20, $14 when it goes on sale every few months. This will be hooked up as modem --> 881 --> switch --> FHC wireless. The 881 probably won't reach down there anyway, and I'll set the power low enough that it won't radiate much further than the FHC itself.
Post Reply

Return to “Meetinghouse Internet”