What's new

Home network switches (16 port and 5-8 port)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Cloaky

Occasional Visitor
Hello everyone,

I am revamping my home network and I would like some advices. I am no expert at all.

This is my sketch:


From what I read online, the 16 port switch needs to be smart or managed as I will be doing a link aggregation.

Could you please give me advices on which ones I should buy? I will buy them from Amazon. This is what I am looking to finish it:
  • 16 Port Switch
  • 5-8 Port Switch.

I was considering these two
http://amzn.com/B00K4DS67C
http://amzn.com/B00K4DS5KU



Thanks everyone!
 
Last edited:
TP-Link`s are quite decent...

And first one would be a better choice according your diagram.
And you could do actually link aggregation to upstream to main AC68U as well with Merlin firmware and scripts.

Actually I would go a bit higher end ones (business class) as they have a proper CLI as well.
http://www.tp-link.com/en/products/biz-list-40.html
 
TP-Link`s are quite decent...

And first one would be a better choice according your diagram.
And you could do actually link aggregation to upstream to main AC68U as well with Merlin firmware and scripts.

Oh, I need both. Not just the first one hahahah

That would be awesome... is there any other brand that you would recommend?
 
Oh, I need both. Not just the first one hahahah

Well, still I would buy those first ones...second one is less smart.

That would be awesome... is there any other brand that you would recommend?

Well, if budget is not concern, then go with HP and lifetime warranty... :)

HP1910 is real decent switch for home use, which can be "hacked" to have full functionality of its bigger brothers... ;)
Problem is, they have active cooling, which limits a bit where you can actually put those.

If possible, I would avoid daisy chaining two switches and tried to incorporate all to one larger one 24-port one, if cabling permits.
 
Last edited:
Well, still I would buy those first ones...second one is less smart.



Well, if budget is not concern, then go with HP and lifetime warranty... :)

HP1910 is real decent switch for home use, which can be "hacked" to have full functionality of its bigger brothers... ;)
Problem is, they have active cooling, which limits a bit where you can actually put those.

If possible, I would avoid daisy chaining two switches and tried to incorporate all to one larger one 24-port one, if cabling permits.
Unformnutaly I need to chain... I only have 1 cabble going to my TV Rack. What I could do is plug both directly into the router, do you think that would be best?

@HP1910, that is a 500 dollars switch... hahaha I don't plan on spending that much. Budged is not a real issue, but that is an overkill... And I won't use any of its features.

Is there anything else besides LAG that I should look for?
 
Unformnutaly I need to chain... I only have 1 cabble going to my TV Rack, what I cold do is plug both directly to the router, do you think that would be best?

Plugging into switch would be better, as your AV equipment probably wants to access files from your NAS as well and it would be a shorter (most likely less congested) path to it.
 
Damn,

Apparently, to set up Link Aggregation on the Synology, you need a switch that supports LACP. Those are pretty expensive.
 
you should plug both AC68Us to the switch. You can get semi managed switches cheaper. Just avoid D-link and you'll be fine. just search for semi managed switches that have LAGG.
 
Why run 2 routers? Use VLANs to network your local LAN.

Don't use hubs as they will bottleneck your local LAN network.

I would use an Cisco SG300-28 layer 3 switch. Use ACL to control access to your local networks and across VLANs. They can be had used off eBay. You want to load the latest firmware.

You only need 1 layer 3 switch. If you want more switches you can by used cisco SG200 switches off eBay also. Just trunk the VLANs from the layer 3 switch to these other switches. This will build a layer 3 switch for your core with surrounding layer 2 switches feeding your core.
 
Last edited:
Why run 2 routers? Use VLANs to network your local LAN.

Don't use hubs as they will bottleneck your local LAN network.

I would use an Cisco SG300-28 layer 3 switch. Use ACL to control access to your local networks and across VLANs. They can be had used off eBay. You want to load the latest firmware.

You only need 1 layer 3 switch. If you want more switches you can by used cisco SG200 switches off eBay also. Just trunk the VLANs from the layer 3 switch to these other switches. This will build a layer 3 switch for your core with surrounding layer 2 switches feeding your core.
The main reason is for the slow wireless stuff don't slow everything else, IP Cameras and some extra coverage as not all IP Cameras are in range .

Question, I need to trunk the VLAN because I am chaining a second switch, right?

you should plug both AC68Us to the switch. You can get semi managed switches cheaper. Just avoid D-link and you'll be fine. just search for semi managed switches that have LAGG.

That makes more sense. Thanks!


Based on the feedback, my plan seems to be:
  • Move the second router (AP) to the switch.
  • Move one TV (the one that I don't really use) to the wifi
  • Use a SG300-10 as the main switch
 
Last edited:
Are you running the second RT-AC68U in router or AP mode?
I also vote for the TP-Link switches. I have 6 of them in my house and have never had any problems. I would at least get the Smart series for you 16 Port "core" switch. Then maybe use the Easy Smart series for the 5 or 8 port othes.
http://www.tp-link.us/products/biz-cat-35.html
 
Last edited:
VLANs are layer 2 not layer 3. Layer 3 switches switch by looking at the IP header. So a managed layer 2 switch will do VLANs.

TP-link, zyxel and netgear make decent semi managed switches that are inexpensive and in the lower end tier.
TP-link works well with basic features so even if they have an impressive feature list i wouldnt expect it all to work. They do well with basic features.
Netgear will often have an odd thing in their firmware that wont work. I have a semi managed netgear that will not work with jumbo frames.
zyxel is pricier but they have less issues than both.

cisco, juniper, mikrotik, ubiquiti switches are more of a higher end that can do more but cost a lot more at the same time.

do not be scared of switches that use fans. Some would think that routers with a fan wont do well but with a fan it is less likely to overheat. Since most switches are fanless nowadays make sure they have sufficient airflow.

Another feature that many here do not check is power use. low power use is very useful for equipment that run 24/7. networking gear do not use less power when idle because they didnt think it would be needed but when you stack all the power usage together they do get significant. Using a kill-a-watt meter helps to measure this or you can use the worse case scenario by adding up the power inputs of all the devices. USB2 is rated as 500mA with 5V by default, USB 3 default is rated as 1500mA with 5V by default (incase you have any devices powered by usb all the time). some usb outputs are rated 2.1A with 5V.

So while you would have a core switch, 2 AC68Us, a modem, you also have cameras that will be running all the time and any other equipment you would have running all the time so power use is something to calculate. A tp-link smart switch would do vlans as vlans are layer 2, i dont see how many here keep confusing it with getting a layer 3 switch as layer 3 means the IP layer which is where IP stuff happens. LAN communication actually uses mac addresses and the switch learns this on layer 2. You dont need a fancy cisco switch if you want VLANs and LAGG as almost any smart switch will do that (be sure to check the feature list though).

I suggested having both wifi routers connected to the switch instead to prevent congestion since with AC1900 it is easy to get 1Gb/s practical wifi use and the 4 LAN ports on it are connected to the CPU by a 1Gb/s link so on the router you have both WAN and wifi that will contest the 1Gb/s switch link and adding more wired clients to it when there is a 1Gb/s link to the main switch from the main router isnt a good idea.

If you want a cisco switch make sure to get one that is configurable because there are good tutorials from cisco professionals that are a decade old that help protect against layer 2 attacks such as the famous pineapple hack and other similar attacks. So you go with cisco if you want the extra reliability, features and security. If your needs are basic than go with a lower end switch.
 
Where layer 2 breaks down with VLANs is when you assign IP networks to the different VLANs. You create VLANs to segment your traffic and then you assign a different network IP to represent the different VLANs or network structures like IP cameras and PCs. This way you know that all devices that are 192.168.0.0/24 is data traffic and all devices say 192.168.10.0/24 are IP cameras. Now the problem is to route the traffic. Say you want all your IP cameras to store data on your NAS which is on the data network 192.168.0.0 network and the IP cameras are all on 192.168.10.0 network you now have to route traffic between networks. And say you don't want any body on the PC network to have access to the IP cameras except for you. The best way to do this is a layer3 switch. A router will work but providing it has the capability but I don't want the constant load on my internet router. I would rather use a layer3 switch and I believe most big networks are built this way.
This is the best structure for adding more VLANs like a guest network. As you add more VLANs it really gets hard to keep up without IP addressing and networking. We all work at the IP level.
 
Last edited:
Where layer 2 breaks down with VLANs is when you assign IP networks to the different VLANs. You create VLANs to segment your traffic and then you assign a different network IP to represent the different VLANs or network structures like IP cameras and PCs. This way you know that all devices that are 192.168.0.0/24 is data traffic and all devices say 192.168.10.0/24 are IP cameras. Now the problem is to route the traffic. Say you want all your IP cameras to store data on your NAS which is on the data network 192.168.0.0 network and the IP cameras are all on 192.168.10.0 network you now have to route traffic between networks. And say you don't want any body on the PC network to have access to the IP cameras except for you. The best way to do this is a layer3 switch. A router will work but providing it has the capability but I don't want the constant load on my internet router. I would rather use a layer3 switch and I believe most big networks are built this way.
This is the best structure for adding more VLANs like a guest network. As you add more VLANs it really gets hard to keep up without IP addressing and networking. We all work at the IP level.
This is something that should be mentioned when doing network segmentation. Just suggesting VLANs and guest networks doesnt warrant a need for a layer 3 switch.

Im not an expert on what models of cisco switches have what functionality but there are a few experts here who can suggest models that are configurable that will suit your purpose. The reason for configurable is because layer 2 security requires configuration from multiple network gear. Another security detail you could use that relates to using a configurable switch is to use a RADIUS server preconfigured to authenticate your cameras so that if someone tries to assign themselves to the same network as the cameras they will not be able to communicate incase your wifi AP password gets out. wifi APs are able to use a RADIUS server to only allow authenticated users to assign themselves to the AP and the server could also be used as tftp server which is a requirement for some of the layer 2 security tutorials. Technically the ASUS AC68U has the hardware for this but im not sure if there is a software package for it but you may try 3rd party firmware such as tomato and openwrt but you would need to check if they have these features.

However your choices should depend on whether or not you need the security and layer 3 segmentation or switching also depends on how many VLANs you have. 2 or 3 VLANs should be easy to keep track of and if you have a computer NIC assigned to multiple VLANs than you would not need layer 3 segmentation. Linux for example can have as many virtual NICs to one NIC which lets you have 1 DHCP assigned to the NIC and other static IPs assigned to it. On the switch this means you can assign multiple VLANs/IP segments to that port connected to PC and it will not need to go through the router to communicate with multiple networks. I believe that a VLAN counts as an interface on a router or PC so it depends if the OS supports VLANs or not and no virtual NICs would be needed.
 
I have never stated layer 3 is the only way to handle things. There are plenty of folks which recommend layer 2. I think the Cisco SG300-28 nonPOE layer 3 switch is a good buy used on eBay for a home user. I am not recommending a high end layer 3 switch but a low end switch used, which goes for about $200 and only uses 17 watts of electricity. This puts them in the price range of layer 2 switches. The Cisco SG300-28 will handle layer 2 stuff, in fact you can run this switch in layer 2 mode, but it will also do layer 3 stuff where these other recommended switches cannot do because they are layer 2 only.

Keeping your IP cameras segmented on a separate VLAN is good organization. Once you build VLANs you really need to be able to route between them. Trying to run VLANs without routing and security makes networking more difficult. Adding a guest network with routing and security just compounds the problems. ACLs, access control lists, are your friends in these situations. ACLs makes the security easy. ACLs puts you at layer 3 not layer 2.

PS
There is also a SG300-10 which would be cheaper but I have no experience with it. Is it as fast as the SG300-28? It probably would work fine but I needed more than 10 ports so I did not look at one.
 
Last edited:
After carefully reviewing everyones comments and feedback (thanks for that). I made a change to my sketch.
  • The second router (RT-AC68U, running on AP mode) will be connected directly to the core switch, as recommended by some of you.
I did some research on switches that would fit my needs without being an over kill. I set a budget of 200-250 dollars, for both switches. That seem a reasonable value to spend on my case. It is just a home network. This is what I found that would fit it.

Option 1:
  • Cisco SG300-10 $ 130 (The option with more ports is way too expensive, $ 250+)
  • Cisco SG200-08 $ 75
On this option, I would need to give up some of the network, one TV and one Desktop that don't really need to be connect, not a big deal.

Option 2:
  • TP-LINK TL-SG3216 $160
  • TP-LINK TL-SG2008 $70

Option 3:
  • TP-LINK TL-SG2216 $115
  • TP-LINK TL-SG108E $40

All those 3 options seems to meet the pre-requirement, support for dynamic link aggregation (LACP).

VLAN seems more to be a want than a need. I understood it as a way to better organize my network and add some extra security.

Based on everything you read and saw from my need. What would you do if you were buying the switches?
 
The best advice I can give you...

Managed Switches - ensure that they do not have dependencies on a particular browser/OS - there are a few out there they are perhaps Windows only... one with a shell that you can telnet/ssh to is preferred... and the WebGUI should not depend on Java/Flash/Silverlight/DotNet/ActiveX/etc...

There are a few low-cost switches out there that have these dependencies..

Unmanaged Switches - the price delta on a "dumb" switch between 5 and 8 ports is fairly minor, so go with 8 ports...
 
The best advice I can give you...

Managed Switches - ensure that they do not have dependencies on a particular browser/OS - there are a few out there they are perhaps Windows only... one with a shell that you can telnet/ssh to is preferred... and the WebGUI should not depend on Java/Flash/Silverlight/DotNet/ActiveX/etc...

There are a few low-cost switches out there that have these dependencies..

Unmanaged Switches - the price delta on a "dumb" switch between 5 and 8 ports is fairly minor, so go with 8 ports...
Very good points, as a Mac user I don't want to be stuck with Flash/Java and etc..
 
inter VLAN routing isnt always required for instance if you only want to manually set the vlan when you want to managed your security network unless you want to view your IP cameras from the web.

AT a minimum i suggest layer 2 managed switches which are a cheap option. but having fully managed and layer 3 is good if you want to have that option later when you want to use it. Configurable switches are even better.

Make sure to secure your network on layer 2 as well. This would mean preventing ARP spoofing, mac spoofing, rogue DHCP servers, using RADIUS.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top