A New Home

In July 2020 my partner and I moved from Hamburg (in the very north of Germany) to Augsburg (pretty far in the south). After having thought and spoken about a potential move out of Hamburg for a while, we took the decision to do so during an extended stay at my family’s place in Augsburg. We used the opportunity of being there to look around and explore the local housing market. The third place we visited turned out to be a perfect match for us, we immediately applied for it, and soon got the great news that we were accepted by our new landlord.

Because both of us work remotely, getting a proper Internet connection soon was on top of our minds. After overcoming the first hurdle of finding the right ISP1 I realized that I had to become slightly more creative about the local network setup than previously. Until then, I always lived in places where a single Wi-Fi router and a repeater were sufficient to cover all rooms. In this new place however, the cable is located in the basement, walls are thick, and we wanted all three floors (including the basement) to be covered by Wi-Fi.

Cables everywhere!

Picture of network cables, Unifi switch, and Unifi security gateway

Our 'server rack'

When moving in I was really excited to learn that our landlord had made sure that all rooms have network outlets that connect them to the ‘technical room’ in the basement where the telephone cable is located. With this in mind I started my research and spent some time watching videos on YouTube and reading blog posts before eventually reaching out to an old friend who generously agreed to help me with deciding what to buy and also with setting everything up.

I felt like things escalated a bit when we compiled my network hardware shopping list, but I also really enjoyed the process because there were just so many different options to choose from! This is what I ended up buying:

After a long afternoon spent setting up the new gear together with before-mentioned friend, we were optimistic that once the ISP’s technician showed up everything should just work. To my surprise (did I mention that I work on cloud infrastructure?) this was actually the case! With the UniFi controller software running on my laptop I was able to set up the WAN connection, internal networks, a guest network, and equip a few devices with static IP addresses, hooray!

More control

Of course running the UniFi controller on my laptop wasn’t a long-term solution. To understand this, you need to know that the controller software fulfills two major roles in a UniFi network:

  • it configures the UniFi devices and
  • it collects and visualizes runtime data from them.
Screenshot of the UniFi controller interface

The UniFi Controller's web interface

Collecting and storing runtime metrics in a continuous stream of time series data requires the controller to be up and running at all times. With the controller running on my laptop, I could see in the controller’s web interface at what times of the day my laptop was closed as these were shown as gaps in the recorded data. Because I didn’t want my laptop running all the time (and also didn’t want to spend more money on hardware), I opted for running the controller software on my Raspberry Pi.3

Setting up the UniFi controller on the Raspberry Pi wasn’t very hard. Once it had an Ethernet connection and I had figured out its IP address, I just installed the software with apt-get.4 After importing the settings I had previously exported on my laptop the new controller also picked up collecting statistics from the other devices. I don’t remember exactly which instructions I followed in this process, but I did assign a static IP address to the Raspberry Pi so that I could access the controller interface under a deterministic URL with my browser. With this, I was happy for the time being and I enjoyed playing around in the UniFi controller user interface.

One last step I did in these early days of our new network was to equip the Raspberry Pi with a PoE HAT that eliminates the need for a power adapter. Because the Pi is directly connected to the UniFi PoE switch, it already received PoE but just didn’t make any use of it yet. My Pi lives in a simple aluminum case which fortunately provides enough room for the PoE HAT as well, so that this step was an easy one.

From Network Controller to Ad Blocker

A few days after finishing this initial setup, I wanted to start leveraging my Raspberry Pi for more than just the UniFi controller. One pain point I felt with every new device was the amount of ads on the Internet before installing a local ad blocker. I had heard about Pi-hole which can solve this problem in a central place, so I decided to give it a try and installed it on my Pi.

Screenshot of the Pi-hole interface

The Pi-hole web interface

Pi-hole is a software tool that manages a local DNS server and allows you to filter out DNS queries based on configurable block lists. It comes with a web interface for configuration and statistics which is exposed on the Pi’s network interface. The default block lists contain all kinds of ad and tracking related domains and by using the Pi-hole as DNS server for my local network devices, these are now (almost) free of ads without any browser plug-ins.5

At this point our network setup now provides us with Wi-Fi coverage in all rooms, a lot of insight into our network and Internet utilization, ad-free browsing, and a whole lot of functionality that we don’t yet use. I am super happy that I don’t need to worry about package loss and Wi-Fi signal strength anymore (which was a problem for me in previous apartments) and also to know that there still is a variety of features to discover.

In one of my next posts I will describe how I added some more observability and monitoring tooling for our network. This aspect and the automation / codification of provisioning the Raspberry Pi is something I would like to iterate on in the future.

  1. The waiting times for getting a technician from one of these companies to come to your place and set everything up (or actually just test whether the cable is connected and then enable your account) are really long in Germany - six weeks are considered normal. The first provider we had chosen missed to communicate the right street number to the technician who then reported that we couldn’t be found under the provided address and also didn’t bother calling us. When this company told us we would have to get another appointment weeks later, we decided to cancel the order and to go with a different one. This time we chose Germany’s biggest ISP which successfully connected us to the Internet within days by sending us a temporary LTE/Wi-Fi router before having a technician come over four weeks later for the long-term solution. ↩︎

  2. I know that this one is probably a bit over-sized for the current use case, but I wanted to have PoE (Power over Ethernet) for the access points and also wanted to be able to add more devices to the network in the future. ↩︎

  3. I had bought one of these small miraculous computers when the Raspberry Pi 4 model B was released - imagining how I could run all kinds of fun side-projects on it. It turned out however that without an actual use case at hand Iso far hadn’t found the required motivation to actually make use of it. ↩︎

  4. Right now the Raspberry Pi is still provisioned manually which is something I’d like to change in the near future. I’m no expert in automating the provisioning of local computers but I do have quite a bit of experience automating virtual machines in the cloud (e.g. within AWS EC2 or Azure). I realize that I’m again at a point where my motivation needs some boost to tackle this, but because I can see the small computer’s SD card being close to its capacity now, this motivation boost might be close. ↩︎

  5. There are two caveats to this: some apps stop working properly when DNS queries to their ad providers are blocked and some apps seem to have more sophisticated ways to circumvent ad-blockers of this type. Because of these limitations, I ended up not using the Pi-hole as the default DNS server provided to all network clients through DHCP, but rather only configured it to be used on my laptop, phone, and tablet while other devices like for example the TV continue to use a different DNS server. ↩︎

1522 Words

2021-01-28 14:53 +0000