This document describes the physical aspects of the in-house network.
There are three interconnected buildings. Alternative naming is used either in the construction environment or when referring to the postal addresses.
Construction Building Code |
Postal Address: Chemin des Tines.. |
A |
3 |
B |
1 |
C |
5 |
Each building is equipped with optical fibers linking all rooms (apartment, technical room, common room) to a technical room in the basement.
Two public network operators link the buildings to their network, with individual entry points in every building (BEPs). They run passive optical networks with either 1GBit bandwidth (PON) or 10GBit bandwidth (XGS-PON).
-
NetPlus Léman (PON only) https://netplusleman.ch/
-
Swisscom (XGS-PON and PON) https://www.swisscom.ch/
According to federal regulations[1], each connected room has optical termination outlets (OTOs) with 4 optical connectors of type LC/APC.
Those connectors terminate 4 single mode fibers of type OS2, that are usually assigned to one or more operators and are usually directly soldered to operator fibers at the BEPs.
Of those 4 fibers,
-
2 are occupied by Swisscom
-
1 by NetPlus Léman
-
1 is left available for our in-house network
Note that
The buildings are interconnected by OS2 monomode fiber cables including 6 strands. Connections exist between the technical rooms as follows
-
C ← → A
-
C ← → B
This yields a star topology with C in the center, when using a single strand between two buildings. By using two strands, a ring topology is established where one switch of builing A is looped back to one in building B, passing through building C. (See Switch / Router / Modem Placement and Port Assignments)
Within one building, all physical links join the technical room (star topology).
The FTTH layout requires optical cables of type OS2 to join all connected rooms with the technical room. 4 strands of fiber link each room with the technical room. On the room side, they are terminated by a on-the-wall OTO.
The majority of technical building installations that need Internet connectivity are connected to the technical room via copper Ethernet cables. For long distances, OS2 optical cable is used, with multiple strands. In those cases, an OTO is present close to the installation (requiring a media converter to connect the RJ45-based devices) and another one in the technical room.
Each technical room is equipped with
-
A 42 units height rack for patch panels and active network equipment
-
A BEP, receiving external optical cables owned by the operators
-
Cables joining the BEP with 4 optical strands going to OTOs in each room (apartments etc.), 3 of those strands being soldered directly with the operator strands. These OTOs have subscriber identifier numbers (SINs) that allow subscription to one of the operators. The joints between in-house fibers and operator fibers are spliced, in a point to multi-point configuration (P2MP) with up to approximately 32 rooms sharing the same physical operator medium.
-
Wall-mount OTOs with SINs that connect the technical room itself to the BEP (and thus the operator network)
-
Patch panels in the rack that receive 1 out of 4 strands from each room, that are not soldered to operator fibers. This strand is fed out of the BEP again (not connected to any operator), and connected to that panel. The panels provide 24 duplex LC/APC connectors each (but not for duplex operation). One such panel provides connectors to the in-house strands of 48 rooms.
-
Patch panels in the rack that terminate the building-to-building fiber cables with the same type of LC/APC connectors as the panels connecting the rooms.
-
One or more primary managed layer 3 optical switches with 24 SFP, 2 10GBASE-T, and 4 SFP+ connectors, of the model D-Link DGS-3130-30S. Those switches provide cross-building connectivity between modems (for operator subscriptions), rooms and second-level RJ45 switches.
-
One secondary managed layer 2 switch with 16 RJ45 and 2 SFP connectors, of the model D-Link 1210-16. Those switches provide connectivity between modems (for operator subscriptions), technical installations (primarily on RJ45 ports), and primary-level switches (on SFP ports, to provide cross-building connectivity).
The technical room in building C is equipped with
-
A modem serving a subscription providing a set of public IP addresses, to allow incoming connections to specific technical devices, as well as outgoing connectivity for more technical devices using a shared public IP address via DHCP + masquerading NAT
-
A layer 3 router of model Ubiquity Edge Router X. This router provides DHCP and NAT masquerading for the outgoing connectivity for a subset of technical devices.
The technical room in building A is equipped with
-
A 10GBit XGS-PON media converter Nokia XS-010X-Q
-
A MikroTik CR2004-1G-12S+2XS gateway router
-
A Banana Pi to host a user database and authentication services (LDAP, RADIUS), with an internal DNS entry 'auth.eco'
-
A Raspberry Pi 2B to provide user services (collaboration, organization, documentation), with an internal DNS entry 'services.eco'
The main power entry room (Local SIN) beneath building B is equipped with
-
A MikroTik RB260 SFP / RJ45 router, to connect photovoltaic and building power consumption monitoring equipment
Close to the fire door, a wireless router DAP-2610 is mounted to the ceiling raceway, providing separate WiFi SSIDs for the electric car chargers, internet for the charger users and for association members.
