create a new firewall rules
-
@johnpoz Yep, I think we have hit a nerve for all of us here.
The State Governments used to own the poles and wires here, which is appropriate to give the community control of the distribution grid.
Now we are at the mercy of monopolies and any shared power from self generated plants is not in the interest of power companies.
But we digress, the important issue is to ensure our "always on" devices are very power efficient as our houses become filled with hundreds of devices. IoT in everything - which I love; but.... -
I disagree with this statement from johnpoz:"Not even counting the tplink ones - because well, they have a bad track record of not understanding vlans.. But current model would prob work as well."
I have three managed switches, D-Link 16 ports v2, tp-link 8 ports and Zyxel 8 ports (managed PoE switch for cams). All of them reside in the hot attic of my Florida home. I have had no issues with these switches, almost two years, in that hot attic. They do a great job keeping my network segmented from each other via vlans. Unfortunately, the tplink has an undeserved bad reputation. This is because, in my humble opinion, most users don't understand the concept of vlan and how to setup it up, hence the poor reputation. Yes, the GUI is a little cumbersome compared to other switches; for example, PVID setup is on a separate screen. To me this is a minor issue. Overall... in terms of performance, it is a solid little switch at a competitive price. I got my for under $25.00 from Amazon and very happy with it.
-
There were some TP-Link switches that leaked traffic between VLANs because the switch GUI did not allow removing VLAN 1 from all ports. Not a config issue, an actual bug. I have one, I would not recommend it!
But that's an old model I picked up second hand because it was cheap and I needed more ports. It has been reliable, if leaky. I don't try to use VLANs on it.
I also have a TP-Link T1700G-28TQ that I would definitely recommend. It does everything I've asked of it and silently.
Steve
-
@stephenw10 said in create a new firewall rules:
There were some TP-Link switches that leaked traffic between VLANs because the switch GUI did not allow removing VLAN 1 from all ports.
I can add to that an HP Procurve 1800-8G; you'd think that a name brand product such as that wouldn't have issues, but it does! IPv6 multicast packets don't stay in their own VLAN but instead go out all ports all the time, this of course breaks ND, DHCP6 to name but a few. For instance, a windows 10 machine gets an IPv6 address on every DHCP6 enabled VLAN visible to the switch; broken to say the least.
I suspect there are several switch vendors that have problematic ASICs in them, hence newer gear tends to be more reliable when doing advanced networking. -
@ghost-0 said in create a new firewall rules:
most users don't understand the concept of vlan and how to setup it up, hence the poor reputation.
No that is not why they had a bad reputation - they got a bad reputation because they wouldn't let you remove vlan 1 from any port.. Took them like 2 years to fix it, and then they never stated you could apply it to models before v3..
I could never in good conscious suggest anyone buy one of their switches - sorry but what they did was just F'd up showing zero understanding of how vlans work at even a basic level.
Had zero to do with user understanding what a pvid is..
-
It is still not cool to continue disparaging a company for past sins.
-
@ghost-0 Tell that to the thousands of people that bought the switch that said it would do vlans. Which it can't. Pretty much amounted to just running multiple layer 3 on the same layer 2. Any freaking dumb switch could do that.. With zero compensation and no fix.. If you were v1 or v2 you just got hung out to dry.. Oh well I guess - buy version X, we fixed it...
I don't go out of my way to bad mouth them.. But there are plenty of other brands to choose from - if people ask me what I would suggest. They are just not one of them..
btw - notice I stated "But current model would prob work as well." I just didn't link to one.. They have a bad track record... Lookup vlan 1 tplink yourself if you don't believe me..
