Wait! Before you read this…
Before you read this post, I’d like to invite you to a free, “church tech live” session I’m hosting specifically on computer networking. In this Zoom session, we’ll be talking about everything in this post and more in a visual, discussion-oriented session–which gives you the chance to ask questions along the way! So, instead of reading this, register for that! (or do both I suppose ☺️)
Networks are everywhere, and churches are more and more dependant on reliable networks every weekend. This post covers some networking fundamentals, and some basic tips and tricks to help you improve the speed and reliability of your house of worship’s network.Here is the deal, I’m going to start with some of my personal lessons learned, general networking recommendations, and troubleshooting tips. This will likely be the most helpful section for most of you. The second section will delve into a bit more detail around basic network components and definitions, which will be useful for those of you with no understanding of what these various components do, or those of you looking for more information on a specific component or topic.
Oh, also please leave your questions in the comments. I’m really quick to respond and most likely you’re not the only one facing whatever issue you’ve got going on! Questions that seem common will get added to this post so hopefully, it becomes a helpful way for people to resolve common networking issues.
Here we go…
Part I: Learning the Easy Way–from MY mistakes!
I have a bachelors degree in information technology from Carleton University, with a specific focus on network engineering, but most of the practical stuff I’ve learned was through on-the-job mistakes and experience. Please, take a second and read through this.
I’m going to start with my personal recommendations for those of you who have the opportunity of influencing decisions with regard to your house of worship’s network. I will order these in my opinion of importance, from recommendations and tips I believe are extremely important and/or commonly ignored to those less important or less widespread. Here goes!
1. Wire everything you possibly can
I know, I know: it’s way easier to set up a wireless access point or bridge to give that room or that facility access to your network or a connection to the internet. I’ve done it far more often than I should, but I don’t any more.
Here is the deal: even in the best environments wireless is slower, higher-latency, and–worst of all–less reliable than a wired connection. I know it might cost you a day and an extra few hundred dollars to run a cable and install a switch, but I think you’ll thank me in the long run. That dedicated cable is extremely unlikely to ever fail on you or give you inconsistent performance.
Reliability and Predictablity
There are a few good reasons for wiring things, but here is a major issue a lot of people don’t consider: your wireless environment changes drastically on Sunday morning. Sure, you ran all your tests on Friday and everything worked great. Try adding hundreds of wireless devices all scanning for wireless networks and broadcasting their own and try those tests again. Good luck!
Unless you have a professional wireless engineer and a lot of money to spend, it is really, really hard to develop a reliable wireless solution that can support more than a handful of wireless devices.
ProPresenter iOS Remote
We use wireless for just one critical thing on Sunday mornings: ProPresenter’s iOS remote. We run the App on a dedicated iPad that is connected to a hidden wireless SSID that is only given to the production team. The Mac running ProPresenter is wired, and the access point is only a handful of meters away from the stage. We used to have all sorts of issues with the remote dropping out during the service until we wired everything out and got extremely restrictive about who has access to that wireless network to ensure there weren’t a bunch of people hopping on and interfering with the ProPresenter connection.
Now that we cleaned up our network this remote has been really reliable. I’d still rather use a dedicated RF remote to control our slides, but our current setup has been rock-solid for a while now.
2. Set up a separate “guest network”
Here is why: people expect you to provide WiFi at your church. People expect WiFi everywhere these days, and church is no exception. For a while, we had our “production” wireless network that the band used for access to Planning Center and a few other miscellaneous things, but until we set up a guest network we constantly had people asking for access to the WiFi and no matter how hard we tried to keep it secret it seemed like people would get access and after a few weeks we would have a ton of people connecting on Sunday morning and making everything else slow and unreliable.
In a best-case scenario, your “guest” SSID should be an access point on a completely separate network with it’s own dedicated internet access. That guarantees that–besides wireless interference–this won’t interfere in any way with your production network and internet access.
What I’ve seen, is that your guests will stop requesting access to WiFi if there is an open network with internet access available, even if it’s brutally slow! In one church I helped them set up a guest network that shared their primary internet access but restricted the guest internet to 2Mb/s download and 1 Mb/s upload. That’s insanely slow, but it’s still something, so now they don’t have the issue of tons of people finding a way to get access to their production network.
Do yourself a favour: find a way to set up a dedicated wireless guest network.
3. Set up some basic monitoring
I know this might seem like the sort of thing you need an “IT guy” for, but you should find some way of doing some basic network monitoring to help troubleshoot common problems.
I can’t speak highly enough of PRTG, which–amazingly–is free for small networks like ours! You can install it on any Windows system and it can automatically scan your network, find your devices, and set up alerts for outages. Awesome! At the very least you can quickly check to see that all your critical devices are up before an event, but PRTG can also help you pinpoint reliability and bandwidth issues.
We run PRTG 24×7 on a virtual machine on one of our computers that is always on. It takes very little CPU/memory so most likely you don’t need a dedicated computer to get some network monitoring started.
Here are the things I believe are absolutely essential for you to monitor if at all possible:
Current internet bandwidth usage
“The internet is not working” is such a common phrase these days. Most often the “why” is totally unanswerable. Being able to quickly look at your internet bandwidth history helps you identify whether the internet is actually unreachable, or some device or piece of software (Google Drive, Dropbox, etc.) is perhaps using all your available bandwidth.
A lot of routers these days have built-in bandwidth usage history, so that might be the easiest way for you to monitor your internet usage.
Number of connected wireless devices (per wireless access point)
This is a little trickier to monitor sometimes, but really helpful. If you suddenly get kicked off the wireless or have really slow access it’s very likely you have an access point that simply has too many clients associated. You may need to add another access point or be more restrictive about who has access to that SSID.
At the very least, I recommend setting up PRTG to monitor whether or not all your “critical” devices are “up”. PRTG does this by sending a “ping” to each of your devices every couple of minutes, and alerting you if they every stop responding. Here are some examples of critical devices:
– Wireless access points
– Media servers (iTunes, Drobo, Xibo…)
– Control computers (lighting, ProPresenter, audio…)
– Projectors (if you are lucky enough to have networkable projectors)
– Apple TVs (we use these guys all over the place)
This way I know within a couple of minutes if an Apple TV gets unplugged or our printer gets disconnected for some reason for example. A lot of times that means I can solve an issue before anybody else even notices, but at the very least it helps me start the troubleshooting process when somebody walks up on Sunday and says “blank is not working”.
This is a little bit of a tangent, but if you aren’t currently I’d recommend setting up something to monitor your website. There are free options out there that–at the very least–will let you know within a couple of minutes if your site goes offline. People expect your site to be up, but sometimes we’re the last ones to notice! Make sure you get a notification quickly if one of your sites goes offline.
4. Invest a little extra in your router and wireless access points
These are two devices where I think it’s worth investing a little extra. We recently replaced a D-Link wireless router we were using as our main internet gateway with a TP-Link TL-600VPN. It’s $100 on Amazon (Canada) and it’s wired-only, but it’s really improved our overall internet reliability.
We also use EAP350 dedicated wireless access points. I’m not really convinced they’re the best, but I do think it’s worth having dedicated wireless access points evenly distributed throughout your facility. I know I already said to wire everything, but a lot of day-to-day stuff can be really efficiently done over WiFi, so making sure your WiFi is reliable and decently fast is worth the extra investment.
5. Limit Dropbox and Google Drive
Sync applications like Dropbox and Google Drive can use a ton of network bandwidth. We use Google Drive heavily here, but during events I try to make sure that the sync applications are paused or closed as much as possible. This helps ensure the predictability of my available bandwidth.
6. Lock in your update schedule
I really hate the way Windows handles updates. I know they’re important, but the default settings leave much to be desired in my opinion. All that to say you should take control of your update schedule: make sure updates aren’t being downloaded during events and really make sure your computer isn’t going to spontaneously restart during an event because Windows decided you so desperately needed that newest security patch.
Part II: Network Components and Definitions
Here is a quick description of some fundamental networking components and terminology, along with some device-specific recommendations and tips:
“IP” is short for “internet protocol”, which is the foundational protocol computers use for basic communication with each other. There are other important protocols, but no matter which other protocols you’re using, you’re probably using them in addition to IP. An “IP address” is a computer’s address–kind of like a telephone number–to be used with the internet protocol. These addresses are usually written as an address and a mask or subnet mask. They’re also typically written as four numbers separated by periods, something like this:
220.127.116.11/255.255.255.0. You may also see them written like this:
18.104.22.168/24, which is the same address in a different format.
I won’t go into more detail here, but there is a decent article here if you really want to understand everything these numbers represent. Here are the important things to keep in mind for a basic network:
– IP addresses are typically given out via the dynamic host configuration protocol (DHCP), any typically the DHCP server (the device distributing addresses) is your main router. If that’s not the case for you, you likely have an IT person who understands this more than I do!
– Each computer must have a unique address in the same subnet (more on subnets in a second) to be able to communicate without a router.
If your computers can’t communicate with each other, a good first-step is to check that they both have an IP address in the same subnet. You can do this via the control panel on Windows or System Preferences on macOS. If you’re like most people and you’re using a private subnet, your address will likely be
192.168.x.y, 255.255.255.0. In this case, “x” will represent the network, and “y” will represent the host on that network. Which means your two computers need to have the same number for “x”, and a unique number for “y” in order to communicate on the network. If they don’t make sure your DHCP server is working correctly and that your computers are connected to the same wired or wireless network.
A router connects different IP networks. Let’s say, from the above example, you’ve got computers with the addresses 192.168.1.1/24 and 192.168.2.1/24. These computers are on different networks (different numbers for “x”), which means they need a router to help them communicate.
This is how the internet works: routers on the internet allow multiple computers on your private network to simultaneously talk to the millions of other computers in the world using IP. There is some other “magic” involved here, but the important thing to remember is:
– You should typically only have a single router per network for a typical network setup.
– In most cases, the router is also the DHCP server, and–unless you have a very special or enterprise setup–you must only have a single DHCP server per network
Usually the only purpose for a router is to allow your network access to the internet. If your network doesn’t need access to the internet, you probably don’t need a router.
TP-Link TL-600VPN, which is only $100 on Amazon. That may seem like quite a bit for a single device, but keep in mind this is your connection to the internet, and the mechanism all your devices use to get an IP address, so you want something reliable. This router also can act as a VPN server to give you remote access to your network, and has some nice features you won’t see in cheaper routers that can come in really handy as your network grows.I recommend investing in a decent internet router. We use the
A switch can be thought of like a “splitter” for your network. It’s a bit more than that, but essentially it can turn a single connection point into connection points for multiple devices. They’re really handy, but keep in mind that every time you add a switch, you add another layer of latency and bandwidth aggregation. Let me explain:
Let’s say you have a router connected to the internet that has 4 ports for computers to connect. You’ve used that up, so you add an 8-port switch and connect it to one of the ports on the router, so now you have three free ports on the router, and 7 free ports on the switch, allowing you to connect a total of 10 devices to your network and give them all internet access. Great! Here is what you need to keep in mind: the 7 computers connected to the switch are sharing a single “uplink” connection to the internet! This is really important to keep in mind, because although it may not be a problem for you now, it could become a problem.
Let’s look at another scenario to explain where this could become a problem. Let’s say you connect a file server like a Drobo 5n–which is what we use for network file storage here–to one of the 3 free ports on the router in the example above. Let’s also say for this example that the router is 1Gb/s and the switch is only 100Mb/s (that’s the speed each of the ports can communicate at). Now, a Drobo 5n can easily push over 100Mb/s. In our example, the two other devices connected to the router will be able to each get up to 1Gb/s access to the Drobo, but the 7 devices connected to the switch have to share a 100Mb/s connection to the Drobo! That means that even if none of the computers on that 8-port switch are using the network (for internet or something else), the best speed for those 7 devices will be 100Mb/s to the Drobo, only 1/10th the speed you will get if you connect directly to the router!
Maybe an overkill explanation, but let me summarize: switches are great, but they aren’t magical. Adding a switch adds a potential bottleneck to your network, so as much as possible, by larger switches than you need to avoid having switches connected to switches connected to switches, which is very likely going to lead to issues where certain computers can’t access network resources as quickly as they need to. Plus: buying a larger switch now is actually cheaper than buying two smaller switches!
One other minor consideration: every switch also adds some “latency” (delay) the connection. Most of the time latency isn’t a major problem, but if you’re using the network for realtime streaming audio or video (like for Dante or NDI) then adding a few layers of switches–adding just a few milliseconds of latency–can actually be a significant problem!
Wireless Router/Access Point
Okay, first of all “wireless router” really usually means a device that is a router, a wireless access point, and a switch all in one. That means it is a device that has a “WAN” or internet connection point, a few ports (switch) to connect wired devices, and a wireless access point for wireless devices. Since we’ve already described a router and a switch, let’s talk about a wireless access point:
A wireless access point is a device that connects to a network, and broadcasts access to that network wirelessly. There are different standards released over the years (802.11a/b/g/n/ac) and each of these give you different amounts of bandwidth (download speed), latency, and range. For the most part wireless access points can be fairly straightforward.
Here are some key things to keep in mind:
– The name of a wireless network is called an “SSID”. The SSID should be the same for all access points connecting to the same IP subnet!
I don’t know how many times I’ve seen things like “StupidPlaceWifiNorth” and “StupidPlaceWifiSouth”: these should both just be “AwesomeplaceWifi”. Your wireless devices automatically scan for all access points broadcasting the same SSID and automatically select the one that has the best signal. If you use different SSIDs for each access point, your device is going to try to stay connected to it’s current SSID as long as possible before connecting to another one, even if it’s an access point on the same network with better signal! Don’t make this ridiculous mistake: use the same SSID for access points on the same network! Ugh. Okay, my rant is done.
– Although with 802.11n/ac you can get decent wireless bandwidth, you will always have way more latency over wireless then you will on a wired connection. On a good wireless connection you’re probably going to have 30ms of latency immediately, but you can easily have as little as 1ms on a wired connection.
I know wireless is convenient, but do yourself a favour and and wire every single device you can possibly wire. You’ll save yourself a ton of headaches and reliability issues in the long run. Trust me on this one!
– Keep in mind that wireless bandwidth is shared! That means that although yes, in theory you can get 300Mb/s on a 2.4Ghz 802.11n connection, that requires that you have a perfect connection to the access point, and that you’re the only one using it! As soon as a second device hops on each device is now sharing 300Mb/s plus they are going to interfere with one another. You’re now very lucky if you can get even 80Mb/s per device on that wireless network, and I’d be surprised if you could even get that much.
– Adding an unsecured access point with a “Guest” SSID gives anyone with a wireless device unrestricted access to your corporate network. If you need a guest network, it should either be a completely separate network, or give very restricted access to your corporate network (like internet-only).
As I said in the intro, please leave your questions, suggestions, recommendations and life experiences in the comments below. We’re all using networks these days, let’s help each other find great ways to develop cost-effective reliable networks for our churches!