Clean Up Network Rack Help

Scott28 · 2-12-2019 04:36:06

Guys,

I need your assistance, I have just changed out the networking equipment in my rack to a full Ubiquiti system.

USG Pro 4
Cloud Key Gen #2 (with rack mount accessory)
US 24 port 150W POE switch.

I thought I would be really clever and purchase a cable managment finger mount & a keystone patch panel all connected using 25cm patch cables.

The outcome has not been good or anywhere near what I was expecting it to look like.

can anyone advise how they would orientate this rack, any accessory and cabling that would help me as I want it to look neat and tidy.

I was thinking about possibly changing out the 24port keystone panel for x2 12 port panels (1 above and one below) but I don’t think that will look particularly good either.

any ideas / options would be greatly appreciated.

Thank you.

mickevh · 2-12-2019 04:36:06

Looks pretty good to me; I've seen much worse than that.

Just spitballing;

Maybe you could add another cable manager below the patch panel, but you don't seem to have much space to spare.

Perhaps get hold of some cable ties so you can run the cables "just so" and then lash them into place. I prefer the "velcro"type ties as the are re-usable (and required for cat6 and higher) over the single use plastic zip-lock ones. Velcro ties are available either as individual ties, or as a roll you can cut off to whatever length you like. (I prefer the latter.)

Maybe Google something like "data cable management" for some images of what the professionals do for inspiration - some of their work is verging on (ahem) beautiful. Companies that sell cable management products probably have lots if pretty pictures.

If you wanted to be uber professional, you'd also write yourself a "patching schedule" (what port goes to where) and/or label the cables each end.

Markr123 · 2-12-2019 04:36:07

I’d largely agree with the above as @mickevh has said. In my experience, I have always found you have to compromise between “quick and easy to service” and “pretty”. Based on your images (really nice setup btw), I maybe tempted with a 2u cable manager bar to give you more space to route the cable neatly. I also agree with the Velcro ties. Perhaps the odd additional blank plate?

I too am wiring my cabinet and suffer a bit of OCD on pretty cabs. I still have nearly 30 cables to patch. Once done, >95% will remain static and won’t need changes. I’m therefore electing to take the cables neatly through a brush bar and Velcro tied into groups round the back and back through a brush bar lower down. Yes, a pain in the wotsit if I want to change but have made a patch sheet in excel mapping port to port.

Here is an interim photo of one of my cabs during setting up of the latest iteration. Most kit in the cabinet is now wired up although still not properly routed as I’d like. Just the lobes to the rest of the house going to the patch panels yet to finish. Obviously I’ve not got much of the patch cables finished but hope it remains fairly clean when the all go through the brush bars.

Scott28 · 2-12-2019 04:36:08

Wow ! Nice Rack!
I have a real rack envy, don’t tell my wife lol.
That honestly looks amazing.

Mine is still very early development and still working out optimum places for everything.
Talking of tech OCD, mine flares up over the discolouration of the blue light on the Cloud key rack, it’s blue, just not the same Blue as the other 2 components.
Thanks for your input.

Markr123 · 2-12-2019 04:36:09

Thank you @Scott28. It’s been a labour of love (and expense). It’s been through several changes. Don’t be surprised if you find yourself pulling everything out and putting it back over a weekend (whilst trying to maintain uptime for the WiFi to keep the household happy LOL).

I did notice the difference in power led colour of the Ubiquiti kit and managed to refrain from mentioning. That would drive me slightly crazy. My “tech OCD” has even got me tempted to a £60 powder coating of my cabinet to black! Got it at such a good price on eBay I had to compromise for the lighter colour. Still, helps the RGB LED look better.

I just run a gen 1 cloud key in my other cabinet. What are your thoughts on the USG PRO 4? Worth it? I was tempted but my draytek is just rock solid and have used them for years.
.

I’d be tempted to get your hue hub out of the cabinet if you can.

Scott28 · 2-12-2019 04:36:10

@Markr123  There is a lot of items in there that are unneeded, the Hue Hub being one of them. I haven’t been able to find any mention of the discolouration of the light online, but it’s located in a cupboard out of view so I begrudgingly put up with it.

From top to Bottom
1. Denon AV Receiver
2. USG Pro 4
3. Cloud Key Gen 2 with rack mount
4. US 24 150W POE
5. 1u Cable management Finger
6. Keystone Patch Panel
7. Sky Q
8. PS4
9. CCTV DVR - 4 external cameras
10. Virgin Media Hub / Hue Bridge / Synology DS918  (x3 12TB ironwolf HDD)
11. Harmony Hub / Apple TV 4 / Nvidia Shield
12. USB hub / tools / cables and misc intems.

I really should have went for a rack mounted NAS like you however I bought the DS918  before the rack.

I moved from a Netgear Nighthawk to x2 NanoHD AP on each level of the house and it’s been rock solid, I can’t comment on the difference from the original USG as I haven’t used it, I do know that the USG Pro 4 has a higher throughout, I pay £39 pcm for virgin vivid 350mb (with 500mb available in my area but at twice the price £99pcm)  so I wanted as much to be utilisable as possible - speed test and the Ubiquiti WiFiman app put my iPhone X Max at 278mb connection in any room of my home and wired to the router I can reach speeds of up to 380mbs when not using a VPN.

Over the past couple of days I have been trying to get my head around vLANs and I’m self teaching myself via YouTube and the forumns, it’s a minefield with LAN / IoT devices and NoT devices and there interconnectivity - add Alexa to the mix and I’m pulling my hair out some days lol.

What is your home setup like, similar situation to mine ?

Scott28 · 2-12-2019 04:36:11

@Markr123 & @mickevh Here is a list of my VLAN rules, from the photos you have posted and posts I have read I can say with a high degree of certainty your networking knowledge is far superior than mine.

Just a quick question, what do you think?
Or would you need further information?

mickevh · 2-12-2019 04:36:11

I don't know your equipment, but in general when creating any kind of IT security infrastructure we adopt the posture of "deny by default and allow by exception."

So one starts out with a rules list with nothing in it apart from maybe a "catch all" that denies everything (nomenclature varies a bit across platforms - some may need you to explicitlt code a deny all catchall, some may do so by default.) Then we gradually add in rules to permit what we want. Thusly we end up with a set of rules coded to mostly "permit" stuff with relatively few, if any, rules to "deny" things as that is the default action.

A lot of platforms process rules in some kind of ranked order and - this is the important bit - as soon as a rule is encountered that "hits," no further rules are evaluated, even if there is something that's a better match further down the list. You'll need to check your platforms manuals to see if it works in this way.

So, for example, if I had some rules (evaluated top to bottom...)

send all traffic from washing machine to mars
send all traffic from internal network to venus
send all traffic from dish washer to mercury
drop all traffic

... the bottom two rules never do anything as the second rule is catching everything from my internal network.

"Out of the box" most SOHO firewall tend to allow everything out and nothing in. Some SOHO kit doesn't even have the facility to stop stuff going out. If yours does, you could adopt the same process of blocking all outbound then gradually open things up as you discover what is needed. Though this will likely elicit a marked downturn in domestic harmony as the Internet stops working and you have to figure out what outbound ports to open up.

Markr123 · 2-12-2019 04:36:11

@Scott28 re What is your home setup like, similar situation to mine ?

I had a 1u fan tray like you but removed as most of my kit vents front to back. I do however .have intake and exhaust bottom to top respectively.
Cabinet 1 in the house as pictured (aside from the obvious patch panels includes...

> Ubiquiti PoE switch supplying x3 AP pro’s. Will feed more AP’s and hikvision cameras in the near future.
> x2 Netgear managed switches. One has x2 fibre cables with link aggregation running to a detached garage
> Draytek router (using BT broadband)
> Self built freenas box with x3 hotswap WD Red drives
> x3 Dell Poweredge servers. One running domain controller, the other 2 running VMware. Use these to “try” and keep my skills sharp on several technologies I work with. A nice sandbox away from main kit.
> Sonos Connect feeding one of 6 zones across the house.
> Mac mini linked to NAS for iTunes library serving music and films to ATV in living room.

My other cabinet in the garage has another Netgear managed switch (linked to the house via the x2 fibre links. This is home to Synology NAS, cloud key, 2nd hue hub, HomeKit homebridge, AP Pro, amongst other things.

Re vLAN, It can get complicated quickly especially with rules relating to IoT devices and handling this across managed switches and mixes of kit. You can quickly generate issues. E.g. your iPhone no longer sees a sonos speaker or a CCTV camera cannot be viewed. I think @mickevh summarised nicely with “deny by default and allow by exception”. It’s something I am still working on. I tend to keep my CCTV and NAS only accessible via my VPN to the router. I still have more to do in this area.

Hope this helps.

mickevh · 2-12-2019 04:36:12

I wonder if it may be of some use if we get into what is and is not a VLAN. For example, a set of firewall rules that asserts some behaviour over a particular group of devices is not in and of itself a "VLAN."

If you want to get into this more, we can do.

		Remember me	Forgot password?
Password			register