Upgrade Apartment Intercom (with Ethernet?) and Mesh Wifi - Any suggestions?

[Zucca]

I would like to upgrade the intercom of nine apartment buildings, and take the opportunity to setup a new mesh wifi for everybody.
This building has and will have only one internet connection shared all nine apartments, it's a vacation home so only good wifi will be fine.
Regarding the intercom, every apartment should be able to talk to the main entry door "station" (whre the nine door bells buttoms are) at the ground level and open the door to let the guest in. No video wankery is needed but if video fits, nice to have.

Basically right now I have an analog system with single .75mm2 wires going everywhere. I would like to remove all those cables, so I have room for CAT6/7 Ethernet cables.
POE will be also nice for the intercom if it runs on ethernet jazz.

Something like this:

could works but I worried I do not have enough room for the "star" connection. is POE always a star configuration?

It's a old home in Italy so I need to have to minimize the cables in the walls as much as possible, a daisy chain configuration would be optimal so I can jump with from one apartment to the other quickly

I started today to look up stuff over the www, but may be there are here someone with some good tips for me.

Appreciate your help, thanks in advance.

[mansaxel]

Ethernet today is a star. Deal with it.

There are SIP-based "Door phones" on the market, with things like remote unlock et c.

PoE is not only desirable, I think you have to.

Make sure people can get in and out if there's a power outage. UPS on everything. Saves on support, too.

If you need a central unit, Asterisk runs nicely on as little as a Raspberry Pi. Not that you necessarily should have just one of those, but you can get a full PABX like that.  A possible addition is that you can let your tenants do call forwarding to cellular if desired (don't forget to collect CDRen for this so you can bill them since call forwarding from a PABX like so not only requires a SIP account with a provider, it also means outgoing calls. Which cost.) 

Combining this with WiFi access is indeed possible. You need one Access Point per apartment, anyway, and those are PoE as well.

Expect to pay a little more than you think for the central switch. You need a minimum of 24 ports (one AP, one door phone terminal per apartment is 18, and then sundries like door phones, cameras, PABX et c. )

People who install for speeds lower than Gigabit Ethernet should be whipped.

[TheMG]

These days most apartment buildings no longer have a complex intercom system. They use an "enterphone" type device, which is connected to a regular telephone line (this could be a VoIP line too, but still needs its own number). Each tenant's phone number is then programmed into the unit (this can be either a landline or cellphone, whatever phone number the tenant wants to use).

Such a system eliminates the phone/intercom units in each individual apartment suite, huge savings on equipment and installation cost, simple to maintain, etc. It's also more convenient for the tenants because they are not limited to using a hardwired phone/intercom, they can buzz someone in from their cellphone, or even buzz themselves in if they locked themselves out of the building.

The only downside is that the landlord needs to maintain a database of each tenant's phone numbers in the enterphone system, which can be extra work if there is frequently people moving in and out.

[Zucca]

Well this should be the center of Ethernet star, where the switch goes:



No luck for me. The PVC pipes in the walls have a 12-14 mm diameter so only one eth cable can fit in. the problem is one wall pipes serve 3-4 apartments, depends on the branch.
Thanks for all the suggestions but I do not need a telephone system. I need just to buzz the apartment from the main door and the apartment should able to open the main door.
Looking for a wireless solution right now.

[TheMG]

Thanks for all the suggestions but I do not need a telephone system. I need just to buzz the apartment from the main door and the apartment should able to open the main door.

I think you might be misunderstanding what I was suggesting. You do not need a full blown telephone system for the "enterphone" type intercom.

All you need is the device that installs at the main door, and a plain old telephone line to connect it to, that's it. No other infrastructure required.

Here's one such device: https://mircom.com/product-listing/voice-entry/integrated-telephone-entry-systems/hands-free-electronic-apartment-directory/tx3-200-8c-c-hands-free-voice-entry-panel/

No hardware is required in the individual apartments, and no cabling. All you do is program each tenant's phone number into the device. When someone at the door enters an apartment number, the device calls the phone number that is programmed in for that apartment, and makes a call. The tenant answers, and can press a number on their phone to unlock the door.

The phone numbers would be your tenant's personal phone numbers. I'm assuming most if not all of the tenants have their own phone number in the form of either a landline or a cellular phone, right?

[David Hess]

The first step should be not using Mesh Wifi.  If you cannot run wired Ethernet, likely with PoE, to each access point, then running a separate distribution channel on a different band is much better.

[mansaxel]

The first step should be not using Mesh Wifi.  If you cannot run wired Ethernet, likely with PoE, to each access point, then running a separate distribution channel on a different band is much better then giving up and having a bottle of Amarone with a serving of cheese and cold cuts does more for good Internet than any optimism surrounding mesh or other wireless backbones.

There, fixed it for you. 

And, I'm more or less serious.

[mikerj]

No luck for me. The PVC pipes in the walls have a 12-14 mm diameter so only one eth cable can fit in. the problem is one wall pipes serve 3-4 apartments, depends on the branch.
Thanks for all the suggestions but I do not need a telephone system. I need just to buzz the apartment from the main door and the apartment should able to open the main door.
Looking for a wireless solution right now.

One ethernet cable from your central switch to a small remote POE switch that serves 3-4 apartments.

[Zucca]

Sorry for the late reply, I was busy and far away from my parent's home for covid reasons.
Many thanks for all the replies! I appreciate it.

I think some small remote POE switches are the only hope here.
FTTC is coming so I need to put this project on wheels.

Now I will look on the market for some ethernet apartment intercon system with the option for have a button to open the main door.
On the single apartment, it must be possible to ring the bell in from of the apartment door. This is another requirement to be considered.

and a plain old telephone line to connect it to, that's it. No other infrastructure required.

There is no tel line going to the apartments. It's a holiday houses and there was/is no need for that.

[Ian.M]

It may be worth looking at getting your own DSLAM and running private ADSL to the apartments to share the internet connection.  That would only need one pair in a Cat5 cable per apartment, so you could daisy chain up to four apartments, and would also support  POTS telephony, which would be compatible with many baseband audio only entryphone systems that only requires two wires per handset. 

Separate bells at individual apartment doors will vastly simplify your life, although its possible you may find a two wire system supplier that has individual single door modules.

Individual apartment owners would each have their own off-the-shelf ADSL router for access to the shared internet and security IPcams e.g at the main front door.  It may be possible to bridge from VOIP to the entryphone system to allow mobile devices on each individual owner's WiFi to access a local portal page that allows speech with the main front door and operating the door release.

[NiHaoMike]

Something else worth considering is Wifi over coax or MOCA. The main advantage is no active electronics needed at the junction points. Both of those operate at high frequencies so they will coexist with intercom at much lower frequencies.

[jonpaul]

Old building wiring is a nightmare.

The high tech solutions are costly and unreliable eg lots of metal in old walls reduces WiFi range to some apartments.




Suggest

1/ Leave as is, drop project!

2/ Use just a sign:

NO INTERCOM CALL TENANT ON MOBILE

Jon

[Zucca]

Well I will not give up! doctors saves lifes, we are EE and fix those problems!

  

Okay the circle is getting smaller... POE is a must then something like this....



still navigating the www to find a good product.

DSLAM and MOCA are sexy solutions, but I still want to investigate a more normal way. KISS first.

[jmelson]

Nowadays, firt thing I think of when somebody says "intercom" is voip.  I put together a home phone system with a bunch of $5 Snom 300 voip phones and an old PC.  Now, I DO use it as a phone system, but I also have rudimentary intercom as well.  The phones are generally available with power over Ethernet, so you get a PoE Ethernet switch, and only need one cable to each phone.

Now, the other thing is you need to program the whole thing, and that can get complicated.  I use FreePBX, a distro of Asterisk on Linux.
It is possible that some brands of voip phones can do intercom all by themselves without needing the Asterisk central station.

Jon

[Zucca]

Thanks Jon I did not know about FreePBX.
Old PC is something that yeahhh I try to avoid.. I got my fingers burned with pfSense... old PCs have by definition a short life and for a 24/7 always on system it was always in need of some love or attention.

It must be reliable and idiot proof. I need something turn it on and forget it.... yeah I love to dream.

[Ian.M]

The problem is the limited duct diameter (min. 12mm) which due to the minimum diameter of Cat5 or better Ethernet cable, prevents a star topology and forces the need to daisy-chain up to four apartments if regular Ethernet is used. (Zucca's reply #3)  Feeding a daisy chain of four PoE powered PoE switches from the root PoE switch is going to seriously limit the available power to the PoE devices in the last apartment in the chain. 

It *may* be possible to run a pair of auxiliary low voltage power wires (say 48V DC) of sufficient CSA through the same duct to power the switch and intercom in each apartment, (bucking locally to the required voltage) or to provide a mains feed in one of the last two apartments so that only two PoE switches have to be cascaded power-wise.

[Zucca]

Spot on Ian,

This is the real pain.

Now, as mikerj suggested:

One ethernet cable from your central switch to a small remote POE switch that serves 3-4 apartments.

The small remotes POE switches are the only hope here. I need to feed them from the general 220VAC mains part indipendent from the apartments (like the lights for the stairs...).

My idea is to use the local POE switches to power the apartments branches locally and let the ethernet magically run on few RJ45 calbes further back to the big switch in the basement (center of the ethernet star) which it could not support POE at this point.

In this way I will solve the problem to minimize the cables running in the walls and have POE power at the apartments.
The plan is also to use POE to power the mesh wifi repeaters installed (at least) at each floor.

I personally like this solution.

I hope it will work. Please correct me if I am assuming something wrong.

[ejeffrey]

Ethernet today is a star. Deal with it.

However, many access points (including many "mesh" nodes) have 2 ethernet ports on them.  This means that if you are willing to give up on PoE from the central switch you can daisy chain access points.  You will either need separate power connection or to use PoE injectors.  I have seen a handful of low-power devices that have both PoE input and PoE passthrough with a lower power rating.  It's possible then that you could get a chain of 2 devices from a single power source in this fashion, but I haven't seen access points with this functionality.

All the usual caveats about daisy chains apply: if one device is down the remainder of the chain is down. You might be better off with small 4 port gigabit switches in a daisy chain with APs connected to them.  Unmanaged switches are much simpler than access points, less likely to crash and less likely to reboot for a firmware update.  It might also make placement easier.

The PVC pipes in the walls have a 12-14 mm diameter so only one eth cable can fit in. the problem is one wall pipes serve 3-4 apartments, depends on the branch.

I've seen some low profile ethernet cables, either flat or smaller diameter round where you might be able to fit more cables through such a size pipe.  However, I imagine they have smaller diameter wire and don't support PoE well, at least at long spans.  I'm not even sure if such cable is available in bulk, pre-connectorized would obviously defeat the purpose for this application.

[Zucca]

Looking at small POE Switch now to install in different locations in the building, this one for example.

What are exactly those uplink ports?


Can I daisy chain POE switch by connecting pairs of them through the uplink ports? So I go to the first uplink port in the next poe switch from the second uplink  port of the poe switch before??



This could be a game changer.

[Zucca]

It looks like yes I can do it.

[jmelson]

Thanks Jon I did not know about FreePBX.
Old PC is something that yeahhh I try to avoid.. I got my fingers burned with pfSense... old PCs have by definition a short life and for a 24/7 always on system it was always in need of some love or attention.

It must be reliable and idiot proof. I need something turn it on and forget it.... yeah I love to dream.

I use exclusively off-lease Dell Optiplex (their commerical line, as opposed to home line) computers.  I have had several that have run 24/7 for 12+ years with no problems.  But, you can get a mini-ITX motherboard, it has all the computing power you need.
It was HELL to configure all the stuff I wanted, but I have just about never had to touch it after that.

Jon

[jmelson]

The problem is the limited duct diameter (min. 12mm) which due to the minimum diameter of Cat5 or better Ethernet cable, prevents a star topology and forces the need to daisy-chain up to four apartments if regular Ethernet is used.

If you cut the ends off the cable and then re-terminate them when pulled through, you should be able to get several through the 12 mm duct.

Jon

[Ian.M]

Although you can find Cat5E and Cat6 cable with outside diameters under 6mm so it should *IN *THEORY* be able to get two cables through a 12mm dia straight duct, any grit, glue or sealant residue etc. present in the duct is likely to create a pinch point causing enough friction to make it impossible to get a pair of round cables past it without applying damaging excessive tension  even with generous application of cable pulling lubricant and extreme care to avoid kinks or tists while feeding the cables.

Three equally sized cables require a duct of min 2.31 x the cable diameter  due to the geometry + enough extra clearance for pulling.

If you can find a supplier for round multi-core cable with cores to Cat5E specs but with eight pairs you could simply run four two pair 10Base100 + Mode A 802.3af PoE circuits down one cable through that duct.

[Zucca]

Thanks for all the inputs, this is my attack game plan now (forgive me the use of schematics for ethernet/network purposes)



basically I want to daisy chain the apartments in branches using little POE Switches.

Can you guys suggest me a good main swtich? I would like to throttle down the internet connection from the VDSL modem.
For example, 50% Upload speed and 50% download internet speed for the guests network and the private network should go full blast 100%.
Normally I do such trick with pfSense, but I would like to go with a ready to go solution with a good network switch.

[mansaxel]

QoS (Quality of Service, i.e. traffic priority) is where switches start to cost real money. If you take something like the "cheap" (and soon to be discontinued) Cisco 2960 series, it is possible to get PoE versions, but all 2960 models do lack a lot of QoS bells and whistles that you need to do this. Not until you hit the likes of 3650 (also discontinued) or similar iron will you get the features you're looking for.

My understanding of the broader switch vendor market is somewhat limited, but I have the firm impression that most SoHo gear (like D-Link or NetGear or similar ) will have just a fleeing shadow of QoS, and not up to your specification. They work for the naïve case, and as long as everything is fine and there is light traffic they will perform adequately. If you add media streams or multicast they will show their limitations.

The reason -- beyond market segmentation -- is that to do these things you need a sorting and priority assignment framework, and the power and resources to do it in the switch. Which costs development time and real hardware memory.

Your idea sounds simple, just allow this much from there to there, but not as much from there to there.  But there is a bunch of stuff happening under the surface that need to work.

Zooming in on the Internet connection, we can assume that this is where there will be a bandwidth problem. Somewhere there will be a queue, because unless your Internet connection has the same bandwidth as your switch interface, there has to be a way to make packets that arrive at 1Gbit/s wait before they can be put on the wire at perhaps 10Mbit. When the row of packets that have destinations determined to be on the other side of the WAN link becomes too long for the buffer that's pacing them down from 1Gbit to 10Mbit, they will have to be dropped. 

Thus, what we need to do is to make a function that makes sure that the departure buffer, when full, first drops those packets we think are less important.

How do we know what is important and not?

Not counting the work to understand traffic patterns and judging their importance here are a number of sorting possibilities, the most common being DSCP tag, IP address, traffic type and interface.  For all of those except interface and DSCP tag the switch needs to be a L3 switch. For DSCP it probably is that too, at least capable of. If you select "interface", because I haven't said it's expensive yet, you will indeed get that priority, but since time-critical traffic from the phones will pass over the same interface as the generic surf traffic, you will get poor phone performance if you hit it with the same rule.  Therefore, you need some way of telling that media packets going from a apartment phone to the door phone can't be hit with that hard rule.  (Probably they'll never hit the Internet connection, but they must be allowed to pass with priority tags added into the switch, since if not they'll not get past next step. )

Thus, you need to identify and mark packets on their importance.  This sorting must happen before we hit the queue, on input, as early as possible.  In your case, we can identify two levels, high and low, but we must further subdivide into three classes;

• Priority traffic from management systems, "management"
• Priority traffic for voice communications, and its signalling, "voice"
• Scavenger traffic, the rest, "bulk"

How we do it, well, on the management interface, if we believe in the illusion that the network is managed and secure, we can mark "management" on ingress, by default. On the rest of the internal interfaces, we can mark on IP address, if we know the addresses of all the phones, or mac address, if we know those.  It is probably the easiest to single out the priority devices, and mark those explicit "voice", and default all others to "bulk". Most voice equipment can mark its traffic with DSCP tags, but trusting that means that you'll open up for bulkers marking their traffic with priority DSCP and bypassing your limits.

Then, as I wrote above, on all the interfaces there are queues outbound from the switch. One priority queue, and one non priority queue (or more, but good luck finding more than two in anything except very expensive iron). Here the interfaces differ in their strategy;

• The interface towards Internet connection needs to prioritise "management" and put the rest into best effort.
• The interface towards the management gear needs to prioritise "voice"  and "management"
• The interfaces towards the apartments needs to prioritise "voice" and default the rest.

This is just a rough sketch, and there's bound to be gotchas. But it sort of conveys the general idea of traffic management in packet-forwarding multiservice networks.  And, it does only prioritise if there's starvation.