House Network Rack Layout

I’m reasonably happy with how the new (July 2025) network rack installation in the House has turned out, after I replaced the original 9u-high, 450mm-deep rack with a 12u-high, 550mm-deep alternative. (The 9u rack will have a second life in the Outbuildings, which have a less demanding network equipment requirement.)

The new rack is an All-Rack branded CAB12WB550BK which is OK for the price (155 GBP + VAT). Overall it’s fairly well made but:

  • It would be a squeeze to populate all 12u of the height, since the top and bottom locations are partially blocked by the top and bottom structure of the enclosure; it works better moving the top unit 1 hole (1/3 of a ‘u’) down (which is how I have it configured)
  • The vertical rails are a bit flimsy and any deep, heavy units need extra support at the back (see the info on the ‘rear brackets’ below)
  • The whole cabinet drooped a bit at the front when loaded up, such that the side panels wouldn’t fit unless the bottom was lifted up slightly (though when installed, the side panels do help to keep the unit ‘square’) so I’ve given it some ‘help’ from large shelf brackets underneath (see below)

I’m running it with the front door off (for ventilation and ease of access to the cabling) and the left-hand side panel removed (since the UniFi switches exhaust hot air to the left).

12u-high, 550mm-deep wall mount data rack

The rack rails are populated with – from the top:

  • A blue-coloured 1u network appliance branded as a smoothwall S4 which was purchased second-hand and actually runs OPNsense acting as the network Router and Firewall.
    • Under the covers this is a Caswell CAR-3030 with two Intel i3 CPUs and 6 1Gb/s Ethernet ports, which is a cost-effective and high-performance platform for OPNsense
  • The first and second 1u 24-port patch panels, connected to 48 of the wall ports
  • The first of two UniFi 48-port PoE network switches, mostly serving the patch ports above it
    • Although some of the connections intentionally go to ‘the other switch’, to distribute devices like the WiFi Access Points across both switches, to maintain WiFi connectivity if a switch fails or is being restarted
  • The third 1u 24-port patch panel, connected to 24 of the wall ports
  • The second UniFi 48-port PoE network switch, mostly serving the patch ports below it
  • The fourth and fifth 1u 24-port patch panels, connected to 48 of the wall ports

The CAT6 patch cables are colour-coded:

  • Grey for general-purpose Ethernet connections
    • These actually serve different VLANs (or potentially multiple VLANs) but no attempt is made to distinguish those via the cable colour
  • Yellow for Ethernet connections which also carry Power-over-Ethernet
    • Mostly as a reminder that removing the cable will power-cycle the connected device
  • Red for incoming Internet
    • There’s one red cable from the small silver box on top of the cabinet, which is a 4G Mobile Broadband ‘backup’ Internet connection going to the second port of the Firewall
    • There’s another red cable going from the first port of the Firewall to one of the wall patch ports – via a PoE power injector hidden behind one of the patch panels which provides UPS-protected power to the OpenReach FTTP ONT point on the Ground Floor, where the ‘primary’ Internet connection originates
  • Orange for the network connection to the Outbuildings
  • Blue for non-Ethernet patch connections for the TV Aerial RF connections
  • Purple for a non-Ethernet patch connection for the MVHR unit’s control panel

The bright green cable coiled up at the bottom of the rack is an unrelated, spare KNX home automation bus cable that just happens to terminate at this same location, and the coil of white cable is a spare 4-core alarm cable which runs to the Plant Room.

The photo below shows the extra support brackets (Heavy Duty White Shelf Bracket – 495 x 330mm from Wickes) and also the Labgear aerial amplifier that drives the two TV aerial connections (Blue cables) via Muxlab baluns.

‘Shelf Brackets’ to help support the weight of the rack

The main reason for needing a larger (deeper) cabinet was the 48-port UniFi network switches which are 370mm deep and quite heavy: there wasn’t enough space for the switches (and their rear power connectors) as well as the bundles of CAT6 cables running to the patch panels at the back of the 450mm-deep 9u cabinet – so the switches poked out the front. These switches are too heavy to cantilever off the front rack rails and warrant some extra support at the back. While it’s possible to purchase rear support brackets (e.g. these) an alternative is to 3D-print some, which work very well – they’re from www.printables.com.

3D-printed ‘L’ brackets to support the back of the 48-port UniFi PoE switches on the rear rack rails

The two switches are connected to each other via their SFP+ ports using two 10Gb/s DAC cables (black) and each switch is also connected to the Firewall via 1Gb/s Ethernet. Since the UniFi switches are not able to be ‘stacked’ with each other, the Firewall connections cannot be aggregated in any way and operate in an Active:Passive configuration (managed by OPNsense) – i.e. only one switch is actually receiving traffic to the Firewall at one time.

One reason for swapping from a 9u rack to a 12u rack was for the possibility of installing a UPS at the bottom, since that it currently sitting on the floor, together with an HP MicroServer. However, having seen how heavy the rack is already and despite having the angle brackets below it, it seems unwise to add so much extra weight into the rack.

When the Tesla PowerWall battery is installed in the Outbuildings, along with its Backup Gateway, that will cover any long-duration power outages leaving the UPS only needing to handle very brief interruptions or ‘brown-outs’. That means the UPS only needs a short run-time, with a smaller (and much lighter) battery. Next time the batteries in this big UPS need replacing, I’ll see if I can pick up a smaller, second-hand unit to replace it – and then reconsider installing that within the rack.

HP Gen8 MicroServer on top of an APC SmartUPS, on the floor

The HP MicroServer runs a set of Docker Containers, including:

  • The UniFi Network Controller application, which is required to manage the UniFi network Switches and Wireless Access Points
  • The UniFi Video server application, which acts as a Network Video Recorder for the House’s CCTV system
  • The Lyrion Music Server, which streams FLAC music files to the Logitech Squeezebox devices
  • The InfluxDB time-series database, its accompanying Telegraf data interface utility and the Grafana graphing dashboard front-end
  • The ‘Mosquitto’ MQTT broker which integrates most of the monitoring data feeds

With the decision to retire the now very out-of-date UniFi Video server application and the fact that its replacement, UniFi Protect, needs to run on a dedicated UniFi hardware appliance (which will require another 1U of space in the Rack) there definitely won’t be enough space for the existing 3U UPS (given that some spare space has been left at the top of the 12U rack).

CC BY-SA 4.0 House Network Rack Layout by Marsh Flatts Farm Self Build Diary is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.