How to build a working WiFi in an older residential house

Modern WiFi coverage is needed in older residential houses as well. It isn’t always easy to achieve. Here are a couple of design points to consider.

In a smaller, wooden house a single access point may provide good coverage for the entire building. Nice and easy. But if you have a multifloor brick and/or concrete construction, you are in for trouble. Many houses are built like bunkers: reinforced concrete floors and sturdy walls that kill all WiFi signals. You will need multiple access points per floor. For the access points you will need a wired distribution network. Wireless is only for the last hop to the device, the access point needs a wired feed. Unfortunately only 21st century houses tend to have high speed network cabling built in. In older buildings the distribution network is often the main challenge.

Wired Network

Using the power lines for networking is a popular alternative, if you search for solutions. Unfortunately the results are most often not even close to the expectations. This is easy to test. Just plug the powerline adapters to adjacent power sockets and test the throughput. It might be a measly 30 Mbps instead of the hundreds advertised on the box. With more distance the speed will drop even lower. If the sockets are in separate fuse circuits you need an electrician to bridge the circuits. But still you won’t get the throughput you need.

Another widely offered alternative is to use wireless for the distribution network. It is called Mesh WiFi, WiFi repeater or Wireless Distribution System (a.k.a. WDS). The inefficiency will cause problems because there will be so much wireless traffic going back and forth. The net effect is a slow network. In the best mesh access points there are two radios: one for the clients and one for the backhaul, but they tend to be pricey.

Most houses have telephone cables connecting the floors. In the best case the cabling is not used anymore at all. If the telephone cables are installed in tubes inside the walls, you can easily replace them with Ethernet cables. Every access point will need its own feed (cable), but there is not room for many cables in the tube. The professional solution is to put a network switch on every floor and run only one Ethernet cable between the floors. If you only need a couple of access points on a floor, you might get by using twin Ethernet cables. Actually, you can use a single Ethernet cable to transfer two 100 Mbps connections because only from gigabit up are all 8 wires used. With twin cables you can run 4 x 100 Mbps in a single tube. Is it reasonable to install 100 Mbps Ethernet today? In residential use it should be plenty for the next 10 years or so (unless you have fibre connection from the house). Even if the phone cables are installed on the surface, you may still use four wires to get speeds up to 100 Mbps. Either way, you can still use the old phone system to get a neat and inexpensive distribution network. If that is not possible, you need to run cables through ducts, a stairwell or on outer walls, increasing the amount of work to be done.

In every case the cabling job is best left to professionals. They have the tools to install and test the connections. Most electrical, telephone or data service shops do cabling. Ask for a couple of tenders and take your pick. Just make certain that all the cables will be tested and you get the report. A proper tester will cost well over a thousand Euros, so the handyman next door may not have one. All professionals do.

Wireless network

You will need multiple access points per floor to get good coverage through brick walls. Even if you can crank up an access point to cover the whole floor, the cell phone in the last room can’t reach back to the access point. With multiple access points the administration needs to be organized. Manually keeping just five access points in synch regarding all settings and updates is a chore. Ubiquiti has affordable access points and the central controller software is included. The Ruckus brand XClaim would be another alternative, but XClaim doesn’t seem to have a distributor in Finland at the time of writing.

The access points need power to operate. The neatest solution is to feed the power over the Ethernet (a.k.a. PoE). The network switch provides the power, so the switch needs to have a power supply big enough for all the access points. There are two standards for PoE: older 802.3af and later 802.3at (a.k.a. PoE+). Latest 802.11ac access points are power hungry and often require a PoE+ switch. Some vendors have their own, non-standard PoE solutions (often called “passive”). In that case it is best to stick with the same brand for access points and switches to ensure compatibility.

Links

Ubiquiti UniFi WiFi product line

UniFi network devices share common management through UniFi Controller. However, how all the pieces fit together is not obvious at first sight.

In the beginning access points were expensive and a single access point was the norm. When more coverage was needed a second one was added, then a third… Managing and updating the access points one by one turned out to be time consuming. The solution was to manage all the devices from a single point. Ubiquiti UniFi is one of the least expensive such solutions.

You don’t have to replace all your network gear with Ubiquiti brand. You can just get an access point or two and configure them using your existing network. However, there are appealing management benefits, because you can control everything from a single interface. In most cases, you still need an external LTE modem, ADSL modem, WISP CPE or a fiber media converter to get the Internet feed to the Ethernet port on the Ubiquiti Security Gateway.

UniFi Network
UniFi Network

Access Points

Ubiquiti has also older, 802.11n based access points, but this article covers the new 802.11ac hardware. All the new models support the old standard as well on both bands (2.4 GHz and 5 GHz). The indoor access points are designed to be mounted on the ceiling and they look like smoke detectors. The blue led can be turned off, so you can install the AP in a bedroom ceiling without disturbance.

UniFi access points receive their power over the Ethernet cable (PoE). Older Lite and LR access points required non-standard 24 passive power, but all current models use standard 802.3af/at (PoE or PoE+). Single units come with mains power injectors, but multi packs don’t. The most common solution is to provide power from the switch, which must support PoE or PoE+.

  • UniFi AP AC Lite is the least expensive access point for home or small office use. The device is physically smallest, it has just two radios per band, requires least power and is the most modest capacity wise, of course. The radios and antennas are good, though, so the coverage is still good.
  • UniFi AP AC LR means Long Range. You can turn up the transmit power, but not beyond regulated limits, so this doesn’t give any advantage in Finland. The LR-antennas have little more gain than the standard antennas, so you do get somewhat better range.
  • UniFi AP AC Pro has three radios per band and two gigabit Ethernet ports. It has significantly better capacity than the Lite or LR models.
  • UniFi AP AC HD or High Density has four radios per band and even more computing power. As an 802.11ac Wave 2 device it can serve multiple clients at the same time (MU-MIMO) which gives a big boost in areas with many clients close to each other: meeting rooms, auditoriums, restaurants, stadiums, exhibition halls etc. The HD is larger than the other models and requires 802.3at or PoE+ power.
  • UniFi AP AC SHD is a High Density access point with an extra receiver for spectrum analysis and functions for intrusion detection. The S in the name stands for Security.
  • UniFi AP AC Mesh and Mesh Pro are respectively two and three radio outdoor access points. The Mesh refers to wireless links between access points, but connecting each access point directly to Ethernet will make a far more efficient network.
  • UniFi AP AC In-Wall and In-Wall Pro are designed to replace an in-wall Ethernet outlet. It contains two Ethernet ports and a built-in access point. In-Walls makes it easy to bring access points close to users.
  • UniFi AP AC Edu is a special model for educational use. The access point is mounted inside of a loudspeaker to create a public announcement system.

You can mix and match all kinds of access points as you need: Lites to offices, Pros to lobbies and cafeterias and HDs to auditoriums.

Switches

Switches are basically just Ethernet splitters. You can chain switches, but keep the chains short. There are UniFi switches with and without Power over Ethernet (PoE). Not all PoE models provide passive 24V, which is required for some older UniFi access points. There are models with 8, 16, 24 or 48 ports per switch. Otherwise, the UniFi switches have all the features you expect in a switch: gigabit ports, SFP-cages, VLAN and QoS support and so forth.

Routers

UniFi Security Gateway a.k.a. USG is a router, firewall and DHCP-server. To connect to the Internet, you need a router to pass traffic between your internal network and the outside world. Often your ISP will provide an appliance, but if that is not the case, USG will do the job. The firewall in USG looks inside the packets (Deep Packet Inspection) to classify traffic instead of relying only on IP addresses and ports.

USG has two WAN-ports for connecting to the Internet. The device can use both simultaneously for higher throughput or the other can be a spare. The traffic will fail over to the spare connection if the primary connection is lost. For example you can set up a LTE connection as a spare for high availability.

The smaller USG has three ports without SFP while the bigger is rack-sized, four port, more powerful device. There are many firewall vendors out there with similar devices, but managing the USG with the same interface as the rest of the network is USG’s advantage.

UniFi Controller

UniFi Controller is the program to manage the whole UniFi network. The Controller is Java-based software, so it will run on Windows, macOS or Linux. The Controller will recognize all UniFi devices on your network and then you can adopt them to be managed. The software can be downloaded from Ubiquiti’s web site without any license fees. The Controller will start a local web server on the workstation and you connect to it with a browser. The default address is https://localhost:8443.

You don’t need to run the Controller continuously, only when you need to configure or manage the network. If you can run the Controller continuously (e.g. on a server) it will log network events and statistics and you can connect to the Controller from any workstation. The only function that requires a continuously running Controller is the guest WLAN captive portal web site, if you want one.

UniFi CloudKey

UniFi CloudKey a.k.a. UCK is a miniature computer, with UniFi Controller preinstalled. If you want to have a continuously running Controller then CloudKey is an option. It is an integrated computer that fits on your palm. There is no display or keyboard, only an Ethernet cable that will also supply power to the device. You connect to it using a browser. Ubiquiti recommends that you limit the number of UniFi devices to 30 for CloudKey.

Other products

UniFi VoIP is a phone connected to Ethernet. In Finland cell phones and calls are so inexpensive that VoIP phones are not common.

UniFi Surveillance are videocameras and recorders. They are connected to the Ethernet, which will also provide power. You can monitor the videocams with any mobile device or record it on a recorder for later inspection.

Links

Upgrading to 802.11ac

802.11ac will yield enormous speed and capacity, but what are the points you need to consider?

First of all, 802.11ac is defined only for 5GHz band, 2.4GHz band will continue to use 802.11n. Higher frequences fade more quickly, so you will need more 5GHz access points, because they need to be closer to each other. The 5GHz band was already in use with 802.11n, so this has usually already been taken care of.

The new speeds in AC use wider channels (80MHz and 160MHz) and more precise modulation (256-QAM). High precision modulation requires very good reception, in practice it requires clear line-of-sight to the access point. You won't get AC-speed if the access point is on the other side of a wall. This is another reason you usually will want more access points when upgrading to AC. You also gain more capacity so the network can support the increasing number of users and their requirements. When you add more access points you need to turn down the transmit power so the access points won't interfere with each other, otherwise adding access points will degrade performance instead.

The third challenge is more technical. AC access point require more electric power. If they have their own power supllies this won't be a problem. If the power is fed through the Ethernet cable from the switch, the switch may need to be upgraded. Only the latest 802.3at (aka PoE+) can feed the power hungry AC access points. The older standard was 802.3af (aka PoE without a plus).

You may need to consider the data bandwidths as well. 802.11n of the today already exceeded the capacity of 100Mbps Ethernet. 802.11ac requires at least gigabit Ethernet connection – the more powerful access points have two Ethernet ports, because at least in theory you may exceed the capacity of one. In any case dual cabling will add redundacy, but will require more switch ports. If you have connected multiple access points to the same switch, you may need to upgrade the uplink to network core as well to avoid bottlenecks.