Vlans No Switch?

gjaltemba

@telescopedepth In a pinch you can just use ea4200 as a 5 port managed switch.

telescopedepth

I bought that exact one and I hope it has all I need it had a 30 day DOA money back guarantee... Usually I do try to figure out the best option but I spent so much time on this.. I thought that was one that will work and has 30 day DOA money back I will try its overkill but maybe I will start a neighborhood watch program and get everyone's surveillance feeds and put NASA out of a job and No Not NaSa but you know who they that must not be named ...I wasn't sure which one i needed I thought I needed full managed... Thanks Again

johnpoz

Let us know how it turns out... 24 ports isn't all that many ;) I have a 28 port sg300 that is getting full.. You would be amazed at how fast you can use up ports when you have them...

And you can never have too many features in your "switch" Go Big or Go Home as they say -- hehehe

telescopedepth

@johnpoz especially when your a nerd I was thinking of seeing if Android supports usb Ethernet your right you never remember the 400 devices laying around not being used until you decide a new use for them

johnpoz

From a quick look at the specs that should be a great switch at the price point.. Quick glance it only seems to be layer 2 and not 3... So guess you won't be able to use it as downstream router ;)

While DOA warranty is nice and all - but 23 ports dead out of 24 is not DOA... I would validate all ports work and such asap..

telescopedepth

This post is deleted!

Babiz

@telescopedepth Hi!
VLANs on pfSense work well with right hardware, my question is why
I mean ,the final goal of bulding more virtual lan instead of putting additional ethernet cable and interface on pfSense?

For my work I do VLANs on hotel with older network layout and a cable "do it all in one" PPPoE , private lan, guests lan, lool ... So I put two identical switchs at both ends for bulding one VLAN TRUNK and only why not available quick other method to manage different networks above.

This not avoid me to notice "poor performance" with high load traffic, like frame retransmission and packet loss. So is not too much fun when your customers make pressure on you everyday, because network is slow even if it's "more secure".

Basically my first rule in mind is "K.I.S.S." (Keep It Simple Stupid)
for good reasons, I mean I need very good reason for build more "complex" network layouts with VLANs and in most case is better to leave existing network "as is" if you not planning a "serious" rebuld of network at your site.

VLANs just for fun? No thanks

JKnott

@babiz said in Vlans No Switch?:

@telescopedepth Hi!
VLANs on pfSense work well with right hardware, my question is why
I mean ,the final goal of bulding more virtual lan instead of putting additional ethernet cable and interface on pfSense?

For my work I do VLANs on hotel with older network layout and a cable "do it all in one" PPPoE , private lan, guests lan, lool ... So I put two identical switchs at both ends for bulding one VLAN TRUNK and only why not available quick other method to manage different networks above.

This not avoid me to notice "poor performance" with high load traffic, like frame retransmission and packet loss. So is not too much fun when your customers make pressure on you everyday, because network is slow even if it's "more secure".

Basically my first rule in mind is "K.I.S.S." (Keep It Simple Stupid)
for good reasons, I mean I need very good reason for build more "complex" network layouts with VLANs and in most case is better to leave existing network "as is" if you not planning a "serious" rebuld of network at your site.

VLANs just for fun? No thanks

The purpose of VLANs is to provide logical isolation. For example, many networks use VoIP phones and a pass through port for a computer. On one job I did in a seniors residence, a few years back, there was the native LAN for the office and VLANs for VoIP, inmate's resident's internet access and one for network management.

Babiz

@jknott
Yes, you are right, I'm agreed your point of view!
Cheers.

johnpoz

There is one thing for logical, and then there is actual isolation and security... I don't want iot devices on the same network as my PC and NAS, etc.. I sure an the hell do not want guest wifi clients on any of my networks, etc. Who knows what nasty billy's device has on it, etc..

Sorry but the days of the single lan home network are thing of the past... Atleast from any sort of security concerns - your typical home has more and more devices on the "network" Doesn't mean that have to be on 1 flat network.. I want a firewall between these different types of devices thank you very much ;)

KISS while sure that 1st S can stand for simple and it can also stand for SECURE ;)

JKnott

@johnpoz said in Vlans No Switch?:

I don't want iot devices on the same network as my PC and NAS, etc.. I sure an the hell do not want guest wifi clients on any of my networks, etc.

You often don't have a choice about cabling. You have to use what's there. In that senior's residence I mentioned, we used ADSL over existing phone lines to bring Internet access to the rooms. I did similar in a hotel turned university residence. Phone lines were there, Ethernet cables weren't, so ADSL was used over the phone lines.

JKnott

@johnpoz said in Vlans No Switch?:

I sure an the hell do not want guest wifi clients on any of my networks, etc. Who knows what nasty billy's device has on it, etc..

Assuming the guest WiFi has it's own SSID and VLAN, how would a guest user have access to the main LAN traffic? Even if they managed to tag their traffic, it would result in QinQ tagging, which wouldn't get them anything.

johnpoz

Have no idea what your talking about dude - yeah the ssid would be on its own vlan - DUH... My points were to the ""do it all in one"" sort of comment..

ie " leave existing network "as is"

That is not what the OP should be doing but segmenting his network. Which is the point trying to make.

Babiz

After reading lastest post, I think to write a mini how-to for vlans primitive users like me.
So I own a pair of TL-SG105E and will be nice to write about standard vlans configuration with added global tribute from Netgate community! Hmmm...
...lol, I missing the vlans train, heh basically vlan concept is simple but is easy to lost under hardware real worLd! Ho yes.. hardware will be make a difference with various configuration stranger things happens

JKnott

@babiz said in Vlans No Switch?:

So I own a pair of TL-SG105E

You don't want to use those switches. They don't handle VLANs properly.

Babiz

@jknott looool
Not , really not ideal hardware ;) , you are in truth,
I notice some packets errors under statistic tab, when this bad switch configured only one vlan trunk
Is nice for me, to figure it out why happen this, because it's working fine with few clients talking, and when many clients talking I get network problem.
For sure this kind of hardware is no good for business, SG105E kidding me! :

telescopedepth

@babiz cable costs I have allready put alot of $ into cables and it would be hundreds of feet of wireing my entire property ... and I need to isolate my security systems 3 separate systems then I got smart wifi power switches then I got endless number of computer's and devices that I want to secure ..Just saw that multiple openvpn instances would cost performance so that ideas gone

telescopedepth

@johnpoz using a single linksys 6350 or something like that in bridge mode and if i need more ports i put another netgear 6300 in wireless access point mode

telescopedepth

well i want to order a switch which one is capable of vlans alot of the ones i see dont say 802.1q Best buy office depot most likely choices for finding them

Derelict

You want something that says Managed, Smart, WebSmart, etc. The specifications should definitely list 802.1q.

I will never again buy anything that requires some form of client application to configure. Needs to have a web interface.

I like the D-Link DGS-1100-08 for a cheap switch.