I upgraded to D-Link business-grade hardware and I won’t look back

After many years of playing with steadily higher and higher quality networking hardware, I’m now running business networking equipment at home, and I’ll never go back to consumer-grade. Don’t get me wrong, it’s got a place in the market, and for a considerable percentage of users, a quality consumer-grade wireless router is fine. Still, with the benefits you get, I believe many users would see advantages to switching over.

Let’s start with the obvious points: I work from home a lot, and that creates an issue if there’s a problem with my network. While I can hotspot from my phone, I don’t want to because it’s inefficient, slow, creates heat, and a regular need to charge my phone. Added to this, I have a couple of other areas of my online life that do require me to be connected.

Yes, you can get all-in-one solutions, but that also has some bottleneck issues with regard to processing and data throughput, one of the reasons that a decent mesh network can be so effective for users. So separating core routing and Wi-Fi has some performance benefits, which I wish I had known about before spending a lot — probably a few thousand dollars — over the years on upgrading routers to get better Wi-Fi.

Needs, wants and hardware

I need a good quality router that allows VPN inbound and passthrough outbound for work needs. I need a good quality firewall for online security, and I want something with a bunch of monitoring and content filtering available.

D-Link recently released the DSR-250V2 router that ticked all the boxes for me, so I was keen to take a look at it. While it would be nice to go to the level of something like a Cisco, it’s just so far beyond my needs it would be a waste. As a home user, the problem introduced by the DSR-250V2 is that it’s purely a wired router option, so I need to consider my Wi-Fi options as well.

Wi-Fi 6 or 6e needs to be considered, and ideally, something that can be scaled easily with outdoor access point options too. That brought me back to a need to think about my switching option, which is currently a “dumb” 16 port gigabit switch.

In thinking about the networking solution, I really wanted to think about what I needed and if there were any problems with my current setup. In reality, the issues were minor and could easily be overlooked:

• Consumer grade hardware has a significantly shorter lifespan and potential bottlenecks in performance
• After spending a lot of money on networking my home properly, I wanted to actually utilise this infrastructure properly
• After a few years of having this networking in place, I also wanted to audit it properly and not use the rack as a dumping ground
• Ensuring that the solution I install works for me and my family for the foreseeable future
• I wanted to also cater to the ludicrous and growing number of devices connected to my network, many that should be segregated
• I need to VPN into the house regularly to access my data

My home network has evolved to a point where need has outgrown the capabilities of consumer-grade hardware. This leaves me with a solution that is multi-tiered and — a shoutout to D-Link — has been designed to meet all of those needs. As a huge bonus, by breaking down the design into individual components, I’m now able to upgrade or replace (in the event of failure) individual hardware items in the future at a relatively minimal cost without needing to take down and set up the entire network from scratch again.

Router Upgrade: DSR-250V2

I spent a lot of time looking at the various routing options and found that, while it’s not the top end of business routers around, the DSR-250V2 has all the features I need. It also has the capacity to scale, which suits me now, with plenty of capacity to scale over time.

The main things I was looking for here were:

• Great VPN performance both in and out of the building
• Capacity to handle multiple WAN connections
• Easy to configure firewall and routing
• Traffic monitoring and management by client
• In a perfect world, rack-mountable: But this one didn’t tick that box

The configuration on D-Link consumer hardware is pretty simple, and it’s really pleasing to see a bit more polish and far more capabilities unlocked for users with the business-grade hardware. Despite the number of features that are available, it’s easy to follow through the process and configure each of these within the interface.

Something that I really wanted to have as my core router was that it’s just a router. While this may seem clumsy and potentially inefficient, it also means that the router isn’t using precious CPU cycles and losing throughput performance in driving my wireless network.

A switch upgrade followed: DGS-1210-10P

My current switch is doing the job I need it to, but the whole point of this exercise was to be more future-proofed. So why not increase the functionality of my network as part of the upgrade while I’m at it, right?

It’s not something I specifically need at this point, particularly as the router has the capability to handle it, but knowing I can have multiple internal VLANs in place is very welcome, particularly with testing equipment that comes and goes from my network regularly.

The main thing I wanted to do by add more flexibility to the network, which meant going down the Power over Ethernet (PoE) pathway. The DGS-1210-10P has a 65W PoE capacity across the 8 10/100/1000 ports. That is plenty of capapcity for any updates or upgrades to hardware that I can envision for the foreseeable future.

At this time, none of my current devices attached to the network are PoE, but having that capacity is certainly welcome. I may well look at putting some hardwired PoE cameras in, but one thing I’m definitely doing is putting in new PoE access points.

Now, for new players to this game, there’s a trap here…
Unlike an unmanaged or “dumb” switch, there’s quite a bit of configuration that needs to happen, and I’d suggest leaving a solid 45 minutes for setup if you’re going to travel down this road.

There are many settings you can play with, and you’ll need to directly connect a PC or laptop with manual IP settings (IP range 10.90.90.X and subnet 255.0.0.0) in order to access the web-based configuration and change the settings to match your network. The best advice I can give to anyone playing with hardware like this is to RTFM.

Wi-Fi: It’s a must these days, but what do I need now and into the future?

My house isn’t huge, so a single access point is probably sufficient, but a second, providing broader coverage and minimising traffic congestion for critical devices, is better. One for IoT and non-critical devices and one for data critical devices; although with Wi-Fi 6 and on, it’s less of an issue with congestion, thanks to OFDMA.

By positioning these strategically in the house where I needed the best coverage, has resulted in outstanding coverage akin to that of the Asus ZenWiFi Pro XT12 I recently reviewed, which stayed in place on a separate VLAN as an unrestricted guest Wi-Fi system.

The two Access Points going in are the DAP-2622 and the Nuclias Connect AX1800. Both are very much focused on business and commercial applications, with some great features to explore. The PoE adds huge flexibility in where you can mount them, particularly if you’ve already got ethernet through the building — minimum Cat5 — to support installation.

When you’re putting access points up anywhere, one of the phrases you should keep in mind is “height is might”. In reality what this means is that getting your AP as high as practically possible will result in your network coverage being the best it can be and the connectivity of your hardware maximised.

DAP-2622 – A wall-plate access point

This particular access point is physically quite small, intended to be wall-mounted and has a couple of passthrough ports to increase the device’s functionality. On the rear is the POE port for connecting to your source switch and underneath are two Ethernet ports; one for data only, one with PoE to support devices such as VoIP phones.

The DAP-2622 is an AC1200 connector, which may preclude it from some use cases given the extra throughput that Wi-Fi 6, Wi-Fi 6e and Wi-Fi 7 (not really a factor yet…) can offer on high-traffic and congested networks with OFDMA.

The 2622 is designed to be installed on a wall with the antenna broadcasting dominantly away from the face of the device; producing poor signal if you’re behind it.

DAP-X2810 – Wow, this is quick!

The big daddy of APs with pretty much any feature you can think of, and, while I’m not going to use all of them; it gives me so much more control over my network. The feature set for the X2810 includes all of the features you’d expect from any access point these days, as well as options like a captive portal, onboard MAC filtering and Wireless isolation.

Unlike the DAP-2622 this is intended to be a stand-alone device with a LAN(PoE) connector, power connector (if you don’t have PoE on your network) and console port. This one has been installed where the majority of our personal devices are going to access the internet; giving us the best possible coverage and the bet possible speeds to all devices.

The X2810 is versatile but primarily designed to be installed on a ceiling, where the signal projects downwards and holistically cover a larger area.

One Controller to rule them all: DNH-100

As part of this article, D-Link was kind enough to provide a DNH-100, which is not necessary for the setup; however, it provides two highly valuable — for business at least — functions to your network. The first is the configuration and management of hardware.

While it’s not quite this simple, the premise is that you create a location, network and profile for the network. This includes VLANs, SSIDs and any other network segmentation you wish to implement, such as a guest network or even individual port setups on a managed switch. Once you’ve done this, you can then “discover” any compatible equipment on the same network and push your configs out at the push of a button.

As I say, for a small network, this isn’t necessary, but at scale, the convenience of pushing out configuration files, updates and firmware this way is a massive time saver and convenience that I’m not sure can truly be understood unless you’ve done manual updates on dozens of pieces of hardware like this.

The second major advantage of the DNH-100 is the monitoring capabilities for hardware you’ve implemented in your network as well as network utilisation. Even in my home network, during setup and installation, this has been an extremely useful feature to identify how many devices are connected to the network, on what SSID, and how much data is being used on which networks.

Looking at the application from a business setting, imagine a client contacts their IT services provider to note that Wi-Fi is slow or offline. The provider can remotely connect to the network, log into the DNH-100 and investigate quickly; with clear identification of online and offline devices. Providing the device is still connected, you can remotely reboot devices, push Firmware updates and even update configurations. This improves response time and (barring outright hardware failure) resolution to any issues.

Should a hardware failure occur, installing a replacement can be done by anyone, and then the service provider can remotely run discovery, onboard and push the config out to replacement hardware.

It’s all so user-friendly, but you do need some technical knowledge

There are so many features and so much power to control, monitor and maintain your network in a relatively user-friendly interface. Don’t mistake what I’m saying here because you will need a solid understanding of networks in order to make the best of hardware at this level.

There are pre-set IP addresses on IP ranges that aren’t common and subnets that most people wouldn’t necessarily think of. Provided you’re able to configure your PC or Laptop to connect to this for setup, you’ll be able to get your network functional. To get it really flying, you’ll need to invest more time in the configuration, but there are rewards at the end of that for heavy users.

There were some minor issues in setup that meant (I know it’s best practice…) I needed to update the firmware on the DNH-100 and the access points for the APs to be detected and onboarded, as well as a bit of fiddling for the switch to be detected. A quick shoutout to Mark at Centre Fit for their assistance in getting everything going.

The final network map

Some of the information of my network is understandably redacted, but what I’ve got now, instead of an all-in-one wireless modem/router, is an NBN connection (via Leaptel) that connects via my router to the 8 Port Gigabit PoE Switch, which feeds:

• The DNH-100 for control of the new hardware
• The — earlier mentioned — two access points running PoE
• The rest of the network

I’ve used the network infrastructure I upgraded a few years ago to maintain hardwired connections to most of my other connected hardware. I had to get a couple more cables punched into my patch panel for the Access Points, but that’s part of the reason I got it installed. I still stick with the approach that wherever possible, without sacrificing mobility and flexibility, I prefer to hardwire my gear purely for the reliability and consistency of connection.

The end result: Visibility, Connectivity and Control

What’s astounded me — I knew it was happening, just not how much it was happening — with the installation of this network upgrade is the amount of data that’s going out of my network. Devices like Ring, Alexa, Google, Arlo and Smart Lighting are sending data, well they’re trying to, to servers overseas. Some of it is simply maintaining connectivity, but I’m sure some is personally identifiable data, so my next project will change over as much of my smart home to local controls on Home Assistant as is possible; I’ve already started blocking many of the outbound connections and haven’t (yet) lost any functionality.

Just be wary if you go down this pathway to ensure that your VLANs are configured correctly to keep any internal data transfer — like casting etc — fully functional.

Providing I’m systematic about it, I can, in theory, utilise my Synology NAS and a PoE camera to reduce my reliance on subscription services, although I’m happy with Ring now I have everything in the one ecosystem.

When it comes to setting up a network like this, there are a lot of advantages in the end result. Clearly the performance is going to be one of those; it’s not just faster, it’s far more consistent in the performance. This is not a cheap solution to home networking and, frankly, it’s overkill for many. For users who want higher levels of control ofer your network, visibility of the data that’s coming in and out, as well as more granular control over what devices — and why — connect to your network, it’s a cost worth investigating.

Disclosure: Many brands on the market could yield similar results as this has for me, including Cisco, Ubiquiti, Draytec, Fortinet and Synology, to name a few. This has been my experience in upgrading using the provided D-Link hardware, and the results I’ve enjoyed from upgrading to a networking solution that truly works for me.