Real World UniFi Deployment - SSFCC

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
on my channel I've received a number of requests to show real world implementations of networking and Wi-Fi so that's what we're going to show you today right behind me is the South San Francisco conference center and we're going to be doing a full unify network and wireless setup stay tuned one of the crosstalk solutions my name is Chris Senate so you can see I am NOT in my a normal office I'm actually sitting in a hotel room in Portland Oregon very close to the airport because I have an early flight to catch tomorrow morning down to San Francisco now you guys have asked me on the channel many times hey Chris why don't you show us some more real-world deployments for networking and point-to-point wireless ISP stuff and so that is what we are doing today so I'm flying down to San Francisco tomorrow to meet up with one of my guys one of my crosstalk guys David and he is doing an installation a unify full Wireless unify installation for the South San Francisco conference center now this is basically like a mini convention center right next to the San Francisco Airport and it's a place where they hold meetings you know you can rent out you know a full sized room or a smaller size room for corporate presentations meetings events trade shows etc so the first thing that we need to do is take a look at what we designed for the conference center because you can imagine the conference center is not a place where you want the internet to go down so we had to make sure that it was a very robust as well as very redundant installation and so let's go ahead and switch over to my laptop here and we're gonna take a look at what we have set up for the conference center ok so here we have a very small mock-up of the network that we designed now this is a network that's going to service a small number of internal computers but that's really not the bulk of the traffic that's going to be flowing over this network mostly we're talking about wireless traffic and and basically making sure that we have secure wireless traffic as well as a ton of redundancy so what we're starting off with here is the South San Francisco conference center has currently one one gigabit internet connection there in San Francisco San Francisco's got great internet it comes in on fibre although it is actually being delivered via copper so first of all why did they bring in a fiber connection and then convert it to copper well it's because they already have it in place we're going to be using copper SFPs into this edge router infinity that I'll talk about in a second and the reason that we're doing a comprehend off again is because it was already there and it's much easier just to get a copper SFP for the inter outer infinity than it is to contact Comcast's and have them swap out the handoff from copper to fiber so we're just kind of working with what we were given the second internet connection will probably also be copper just so that it matches the first though it could theoretically be either copper or fiber handoff okay so we have our dual gigabit internet connections coming into the edge router infinity so the first question that I know a lot of people are going to ask is Chris how come you're using an edge router infinity when there's the unified security gateway XG out there which is essentially the same type of device it's a multiple sfp+ edge router or you know firewall and the reason that we're not using the u.s. gxg for this deployment is that the u.s. gxg is still in beta okay and we do not deploy beta hardware in a you know especially in a very important customer deployment we just wouldn't do that you know there it's in beta for a reason it's in beta because it's still being tested so the edge router infinity has already been released and therefore we decided to opt for the edge router infinity at the edge as their firewall because it has the speeds that they need it can terminate both of their Gigabit Ethernet and then we can do a 10 gig sfp+ fiber handoff to their switches it also has redundant PS use in the back of the edge router infinity so moving on from the edge router infinity the edge around our affinity by the way has eight sfp+ ports and a single Gigabit Ethernet port so then we're going to be taking into copper SFPs from the internet and then we're doing one fiber SFP from the edge router and infinity over here to the first of to unify switch 48 port 500 watts now the total number of devices that they're gonna have in this deployment is going to be less than 48 right so they're they could have gotten away with a single 48 ports which we probably would have done the 48 port 750 watt version however again we're speaking to redundancy here so the reason that we're doing two of these 48 port 500 watt switches is because we want one of the switches to be able to take over for both of the switches in the event of a failure and so that is kind of what we designed here hopefully that doesn't happen but if it ever does we can basically just unplug everything and from the failed switch plug it into the good switch and it can run that way temporarily until we can replace the failed switch okay for access points we went with all SH DS okay so they're going to be doing 12 u AP AC SH DS now of course the HD gives you the 4x4 multiuser mimo and that's going to be excellent for when there are hundreds if not thousands of people at this conference center all trying to connect in with their various wireless devices so that's going to provide plenty of throughput throughout the building to take advantage of those dual gigabit internet connections and the edge router infinity it also gives them some upgrade ability or source um some future proofing to take advantage of whatever additional features come out for the sh d now i did the u AP acs HD video a while back and you guys can see some of the enhanced features and functionality that come with the SS with the sh d and today it's it's kind of cool like the stuff that they've built in for the sh d but what I think is really cool is the stuff that they're planning to build in do that to the sh d so you guys can check out the video on that I will put a little link up in the corner you can go check out the my full review on the ua p AC sh d so coming straight off of the two 48 port switches we have a total of 10 of these s HDS and then throughout the building they have two single lines that run out to more remote areas where we have a single 850 watt switch and that has that takes place two times so there's two lines that run out to these extra eight port switches each of those will have one you ap a CS HD as well as some other devices in those more remote locations now as for the wireless networks themselves we have come up with a total of four wireless networks that we're going to be using for this deployment the first wireless network is going to be a non throttled full-speed network that's going to be their internal office VLAN so this is computers that are directly plugged into the unified switch that are going to be on the internal office as well as anyone who is an employee for instance that needs access to those systems they will pop on to the internal office VLAN non throttled full-speed wireless access the second wireless network that we have set up for these guys is a contractor VLAN so this is it for instance imagine if they were doing a trade show this would be the wireless network that is going to be used by all of the vendors at that trade show so they'll use it to set it up they'll set up all of their you know their booth and whatever devices they have at their booth that needs wireless access that will be on this separate VLAN separated from the actual guest traffic for the you know the customers and the people that are coming in to look at all the vendors wares and whatnot so then that will also be full-speed then we will have a standard guest VLAN which will be throttled now I have not figured out exactly how we're gonna throttle at how much speed we're going to give these different throttled VLANs yet we will find that out as we go through the install this weekend starting tomorrow but the standard guest VLAN that we're creating is just going to be a regular guest VLAN for the conference center you know just if someone's in the lobby or if they're you know hanging around outside and they want access it'll just be a password-protected guests VLAN just very standard and certainly very throttle the fourth VLAN that we're doing is a special VLAN or a special wireless SSID that will be configurable on a per client basis for the South San Francisco conference center so imagine like I think about trade shows like Astrakhan or whisper Palooza let's say we have Astrakhan is going to be at the South San Francisco conference center well we would be able to utilize this fourth SSID and make it like Astrakhan guessed right they'd be able to change it for every new client and potentially sell that as a service to their clients and then is it going to be throttled or is it not going to be throttled that's configurable and that's something that they would be able to charge the client for certainly they would charge less if it's throttled it would cost the client more if they're going to allow their guests full-speed access to that particular guest VLAN so that's the way that it's going to work in theory this is how we did the initial design and of course when you ever you know whenever you do a deployment like this the initial design is a really good framework but inevitably sometimes things change and the project sort of evolves over time so it'll be interesting to see where we end up after we finish the project versus what we have designed on paper here so that's really what comes next I'm traveling to San Francisco in the morning I'm gonna meet up with David with crosstalk solutions who's doing the actual install hopefully I'm not gonna bug him too much by sticking cameras in his face and stuff but we will get down there do some more filming and then I will take you guys along on the journey of our wireless set-up of the South San Francisco conference center [Music] all right so I'm here this morning I'm at PDX I'm waiting to get out to San Francisco David's actually already on site the customer did the physical installation already we're going to show up and basically dial everything in run some tests site surveys things of that nature so just sitting in the airport I got here super early and when you get the airport early you have the advantage of getting through security really fast so there's no any line for security super happy about that you know I have an hour to kill before I get on the flight I will check in again when we get to San Francisco okay so I'm here with David David works with crosstalk solutions David you've been with us for gosh close to two years yeah two years so David does a lot of our unified set ups and deployments for larger customers such as the South San Francisco conference center and David is going to explain to you the equipment that is in use in a little bit more detail than I already gave you on the previous segment so David go ahead and take all right thanks Chris so the client came to us asking if we could provide a network that could sustain two full gigabit connections coming from their isp with the possibility in the future of upgrading to you know ten gigabit possibly so at the time we went with the edge router infinity as the USG alternatives still in beta so what we have is two gigabit connections coming from there is P going into this and it's being 50/50 load balance and then that's going into to unify switches here that essentially go out and power the 12 s HD access points as well as their one test HD access point here this provided really good blanket of coverage for this entire event center we also went with an on-site you know my server the reason we did this is because they have a captive portal that will be you know getting a lot of requests you know hundreds at a time so having this off-site or on cloud key just once suffice all right so there you have it that's an overview of the equipment okay so let's go ahead and take a look at what we have set up in both the edge router infinity interface as well as the unified controller we're gonna pop down to my laptop here and you can see a couple things right off the bat number one edge router infinity is running version 1.9 point seven hotfix four I also see that you can see a lot of really cool stuff here you can see the temperatures the system voltage the fan speeds that's really cool I'm not sure if that's actually an edge router infinity thing or if that is an edge router version 1.9 dot seven thing I'm gonna have to check that out when I get home I will upgrade my er light to 1.9 dot seven okay over here we can see our two internet connections so up at the top the copper port of the edge router infinity is actually 0 and then the sfp+ ports start at each one up through e8 so we can see that there's nothing plugged into copper zero but then we have our two gigabit ethernet connectivity internet connections plugged into e1 and e2 respectively so I had mentioned earlier that I wasn't sure if they had the second internet connection from Comcast in they do have it in so we actually are load-balancing 5050 between the two gigabit comcast internet connections they are doing a copper handoff on both and if they ever upgrade in the future they will switch that to fiber so that they can do a fiber handoff to the edge router infinity instead of a copper handoff however if you look at e8 right here that is our port over to the edge switch 48 and you can see that that is colored white which means that's a full 10 gigabit fiber connection from the edge router infinity over to the first unified switch 48 okay as far as routing and firewall rules between these different subnets the way that we did that and this is always a work in progress but we basically set it up with network groups so that we have any group that's not the contractor network any group that's not yes Network any group that's not the swap network and these are all the different VLANs so basically that allows us to use the network groups to basically say okay we want to provide access to the Internet to everyone but you know the mainland can have access to any of the non-gas groups or something like that right so it allows us to sort of lock it down on a per VLAN basis so if you look at our firewall policies for instance let's look at LAN local and here we can see guest separation so if we look at this rule we're gonna drop all packets where the source is Ethernet 8.30 so the guest VLAN and the destination is any non guest be live right so basically that's how it works drop any packets from the guest VLAN to any nan guest VLAN and so we kind of just replicated that rule for each of the different VLANs so that they couldn't talk to each other but the mainland can see everything except for the guest Network okay other than that all of the VLANs were set up as a slash 16 to provide plenty of IP address availability in DHCP and let's go ahead and pop over to unify okay so here's unify our unified version that we're running is the latest in grants it's 5.6 22 so if we click on devices we can see all of our switches of which they actually only ended up using one of the eight port switches and so and I have a spare 8 port 150 watt which would be nice if they ever need to use it in a different area or replace you know a temporary replacement for any other device or switch ok so then we've got all of our different access points including one additional one which is not an S HD it's just a standard HD access point that's located up here in the server room that'll be used for not only testing up here in the server room of various configurations on a specific access point but it's also used as a spare in case any of the SH DS happens to go out if we look at our map here here's our coverage map so the interesting thing about this is when we plugged in all of the SH DS and then looked at the coverage map everything was set to auto channel selection and auto power selection right output power selection so the channel selection we then went through and set everything manually because for some reason it unify piled everything up into channel one except for one of the exes point abusers on channel 11 so of course that's not a very good way to run things there's gonna be a lot of interference so we went through and we separated out the channels that's just the 2.4 gigahertz gems but we did the same thing for the 5 gigahertz channels as well where we separated out the access points on two different non-overlapping channels to provide the best coverage and the most seamless roaming between access points for the users however on the power selection we actually ended up leaving it auto because if you see here like this one's tuned down a little bit but the rest of these are mostly full power and the auto setting we found provided a pretty good coverage alright so what we're gonna do is we're gonna leave it Auto for now and then eventually if we need to we can always come in and fine-tune it if they find problematic areas or if the results of David's site survey turn up that there's just too much noise in a particular area we can then fine tune and you know sort of tune them down a little bit ok so let's go through our settings really quickly here so here's our wireless networks we can see that we have our 4 different VLANs and our four different wireless networks of which the main wireless network is just the the non tag VLAN and then the other three wireless networks are tagged 20 30 and 40 respectively the only one that is a guest network is the South San Francisco comfort Center free Wi-Fi which is guest network client isolated bandwidth throttled and down to 2 megabits so if we take a look at this edit that one so we can see that there is a captive portal I'm sorry the user group is guest we'll take a look at that next that's how we do the throttling and then we've applied guest policies such as the captive portal guest authentication and access okay so let's take a look at the user group so here's VLAN 30 user group guest so we want to say user groups we're gonna take a look at the guest user group and very simple oh it looks like we even tuned it down little bit so we headed it to previously and now it's like actually tuned down to one point five megabits up and down for the guest Network okay so now let's go over to guest control enable the guest portal no authentication we have an eight-hour expiration on that right so if you come in here and you authenticate your device eight hours later your device D authenticates right and you have to go through the captive portal click on the terms and conditions again we do that because most people aren't going to be here for more than eight hours at a time anyways and then if we scroll down here we can see the portal customization and oh I'm connecting through cloud access actually I didn't know this was a thing so it says portal customization preview is not available when connecting via unified cloud access to preview your customizations please connect to your flight controller directly so I can't show you the way that we did the style of the portal but basically it's very simple it's a black background it has the you know South San Francisco conference center logo and a check box that says I agree to the terms and conditions and then a button that says connect okay so there's a quick overview of unify and let's just do one more thing I want to run both a wired and a wireless speed test to see what kind of speeds I can get now I'm connecting up here to an HD but this should be similar to the speeds that someone who's connecting downstairs will see if they have a similar type of laptop for the one that I have here we're going to bring up our speed test we're gonna say go okay so for the wireless speed test it looks like I was able to get about 167 megabits down and 324 megabits up let's go ahead and do the same speed test but we're gonna wire in instead of do the wireless okay and there we go so my download when I'm wired in is 281 megabits and the upload is 788 megabits so why the download is so much slower on both the wired and wireless tests I'm not exactly sure we're gonna play around with that and see if we can't figure that out and figure out how to boost that up a little bit okay so the next thing we need to do is go find David he's actually walking around doing a site survey at the moment using a tool called net spot and what that tool does is it allows us to walk around to take wireless readings from different areas around the property and then it puts every together into a nice wireless heat map that shows us whether or not we need to fine-tune the power output of the access points and if there are any areas that aren't getting the coverage that we want all right so let's go catch up with David and see how he's progressing on that part of the arch David is doing our site survey right now and he's using an application called a net spot so David if you would just explain what net spot is and how you're using it there and let's go ahead and run a runner the next the next spot if you will yes so net spot essentially runs on any Windows or Mac PC after you purchase the license and what it will do is test the environment of currently where you're standing first you have to import maps and then put a measurement and kind of like the unify system on its heat map but what we do is essentially find herself on the map pick a location and it will start taking a sample how long does it take to do a sample usually generally about 20 seconds and after you cover the entire area with this green radius you can actually go back and look at the individual signals all right so they're just finished that one let's walk to the next spot let's do another one yes let's walk right up here so same deal we just come up here and click the location we're at and it will take another survey helps to have a touch screen huh yes it makes it very nice and then once everything's complete you have to like submit it and it gives you like an overview of like the actual heat map for the Y fire has that worked yes so it will give you multiple views you can go back and look at you know individual signals at different points it surveys every Wi-Fi signal in the area and you can actually do different breakdowns to see how the Wi-Fi is you know going through services stuff like that very cool well we'll take a look at the heat map once you're actually done with it all right okay so I figured out the speed test thing and why we were seeing such low speeds on the download and then you know adhesive speeds on the upload and what we did is we unplugged from my laptop and we plug directly into Comcast's equipment and I set my laptop with a static way an IP address for the South San Francisco conference center then we ran the speed test again and we were still seeing the same low download speed on a gigabit connection which of course shouldn't be so what was the bottleneck and why was it doing that well let me go ahead and run a speed test here and I will show you so this is the bucola speed test from speedtest.net this is the speed test that I typically run it's sort of my go-to speed test whenever I'm doing something I also have the app on my phone for the hoopla speed test and as you can see here it looks like I'm going to be getting around 320 down and then we'll see what the upload comes out to be okay so same sort of result you know I see I got 285 down 773 up which it's nothing to shake a stick at but why is it bottleneck and again I'm seeing these exact same results even when plugged directly into Comcast's equipment so what we figured out was that the bottleneck was actually Buchla okay so this is such a fast internet connection that whatever connection is between where I am and where this speed test is running wasn't able to handle the download speeds that I was trying to get from it so the bottleneck was the actual Internet okay so if we come over to the Xfinity speed test so the actual Comcast speed test that's located at speed test Xfinity calm we click on Advanced Settings and then we set it to something a little bit closer so in this case I'm gonna choose San Jose California and then we're gonna say start test and we should see a significant increase in the download speed the uploads okay so here we go so this one isn't actually even the most impressive speed test that I've done the highest that I got was I believe a 717 down by you know 940 or something up so this is still a lot better it helps to solve the the problem of why I Saints such low download speeds and this is actually mirrored on the upload our excuse me mirrored on wireless now I'm getting a more synchronous Wireless of about 300 megabits up and down from my wireless NIC on this laptop which I assume the bottleneck there is just the available bandwidth of the wireless okay so we've got our final net spot results in David what are you seeing here yes so after we you know surveyed all the area we found that the wireless coverage is actually very optimal the green there shows that it's good coverage but you know there's not too much overpowering or you know too little coverage as the signal fire down here shows we only surveyed the rooms that currently are being used some of them actually are being used by their clients so we don't want to bother them but so far we see everything is very satisfactory yeah looks great and this is with the auto settings in unify right so I don't really see any need to adjust anything I think that looks beautiful right yep it looks great to me alright cool thanks David yep ok so there you have it there's a look at a crosstalk Solutions wireless deployment for the South San Francisco conference center here in a beautiful San Francisco California your first time in San Francisco right yes it is yes second first time in the west coast absolutely oh wow so David guts come out here on the west coast and enjoy our beautiful sunshine and yeah it's been a pretty successful deployment so far obvious you know fingers crossed we come out to these deployments and just you know you hope that everything goes really well and in this case everything did seem to go really well ok so that about does it for David and myself thank you guys so much for watching if you like this video please give us a thumbs up and if you'd like to see more videos like this please click subscribe thank you so much [Music]
Info
Channel: Crosstalk Solutions
Views: 72,539
Rating: undefined out of 5
Keywords: edgerouter, edgerouter infinity, crosstalk, crosstalk solutions, ubiquiti, ubiquity, unifi, unify, uap-ac-shd, uap-ac-hd, us-48-500w
Id: pECjj1eohi4
Channel Id: undefined
Length: 27min 59sec (1679 seconds)
Published: Tue Dec 19 2017
Related Videos
UAP-AC-SHD
Crosstalk Solutions
49K
STIR/SHAKEN and the Death of the Small VoIP Carrier
Crosstalk Solutions
36K
BEST WiFi Optimization Settings!
Crosstalk Solutions
143K
USW-Flex-Mini
Crosstalk Solutions
156K
My internet is literally too fast.
Snazzy Labs
447K
Which UniFi Wireless Unit Should You Buy Based on Different Use Cases & Scenarios
Lawrence Systems
133K
Unifi Pre-deployment
Mactelecom Networks
9.8K
Should You Buy The Ubiquiti UniFi UXG-Pro?
Lawrence Systems
67K
The Value of Ubiquiti
Crosstalk Solutions
87K
Unifi Mesh - Fix Your WiFi Issues!
Crosstalk Solutions
95K
UniFi Network Dual WAN Load Balancing Explained
Crosstalk Solutions
18K
Where's the Best Coverage? Access Point Placement exercise!
Crosstalk Solutions
30K
UniFi Protect AI Theta Cameras Announced!
Crosstalk Solutions
44K
Why We Install So Many UniFi / Ubiquiti Networks and What Makes Them Different.
Lawrence Systems
98K
Ubiquiti Routing and Switching Basics - Part 4 - VLANs
Crosstalk Solutions
106K
Unifi Controller Security Best Practices
Crosstalk Solutions
59K
Configuring VLANS in UniFi (And How to Use Them)
Tech Me Out
27K
UniFi Guest WiFi
Crosstalk Solutions
363K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.