Newbie needing advice onnetwork topology and buying a switch(es).

Associate
Joined
8 Jul 2010
Posts
833
Location
Staffordshire
I'm currently in the process of teaching myself basic networking but I'm still at the stage where things haven't clicked yet. So forgive me if I ask and stupid questions but I'd rather ask them and look a fool than make assumptions.

I'm looking to buy a switch (or three) but I'm not sure whether to get one large Layer 3 switch, or three smaller Layer 2 switches.

Long story short, I have a pfSense box with three available NICs and I have a lot of wired devices that I'd like to connect all at once (I'm currently having to connect and disconnect things as needed) but maintain the ability to segregate and place on separate address range as I see fit. The wired devices include a Ubiquiti UAP, that I plan to use as my main AP and for a guest network. I also have a FreeNAS server (and a few other devices) that I want to be completely segregated from the guest network. I also want to place my current AP (an RT-N66U in AP mode) and the UAP on different ranges for the time being. This is so I can fiddle around with the UAP without disrupting the precious wifi signal in my house.

  1. My question is, can a single switch do all of the above?
  2. Can/should I connect all three pfSense NICs to the switch?
  3. Would two or three Layer 2 switches be a better option?
  4. Are there any brands that I should steer clear of?

I'd also greatly appreciate any recommendations of specific models or product lines. I do have a few requirements above and beyond what I have already mentioned.

  • Gigabit speed.
  • Quiet or passively cooled.
  • The less power hungry, the better.
  • I don't mind used or rackmount stuff (as long as it's not consumer grade tat).
  • I'm not sure what this kind of thing costs, so I won't put a budget but I will say that I'm looking for quality. If I have to pay for it (quality), so be it.
  • Double digit NICs... again, I'm not 100% sure on how many I'll need.
 
Caporegime
Joined
18 Oct 2002
Posts
26,053
You haven't identified anything that requires layer 3, or multiple switches really. If you have less than 48 devices to connect then a single managed layer 2 switch will be more than adequate.
 
Associate
OP
Joined
8 Jul 2010
Posts
833
Location
Staffordshire
How many devices are you looking to hook up and how much redundancy do you want?

I'm not sure of an exact number of device... all I can really say is that my current devices have a total of 8 NICs between them. I'd like to be able to connect every thing that can be wired to the switch (I try to use WiFi only when I have no other option) and I also want plenty of room for future expansion. So I'd say 16 NICs is about the minimum (although I'd go lower if the quality/price of the device was enough to sway me).

As for redundancy... what do you mean exactly?

You haven't identified anything that requires layer 3, or multiple switches really.

That's a fault on my part. When I started the thread the other night, I'd turned myself round in circles reading about networking. I thought that Layer 3 was required for VLAN's but it appears that it's just required for switch level routing between VLAN's.

If you have less than 48 devices to connect then a single managed layer 2 switch will be more than adequate.

I definitely don't need more than 48 (even 24 would be more than enough with plenty of room for expansion factored in) but one slightly off topic question, is 48 NICs a physical limitation of the 1u form factor?

As for using a single L2 switch, one thing I'm trying to find confirmation on is whether all L2 switches support VLAN's.

[EDIT] 800 posts!
 
Last edited:
Caporegime
Joined
18 Oct 2002
Posts
26,053
Also just to confuse you, lots of 'layer 2' managed switches do layer 3 stuff as well like the routing between VLANs. Higher end ones that are advertised as layer 3 will introduce routing protocols.
 
Associate
OP
Joined
8 Jul 2010
Posts
833
Location
Staffordshire
Also just to confuse you, lots of 'layer 2' managed switches do layer 3 stuff as well like the routing between VLANs. Higher end ones that are advertised as layer 3 will introduce routing protocols.

That's certainly one of the things that's making my research a little less straightforward. I've seen various "L2+" and "L3+" switches that do things from the above layers but what I'm trying to figure out is what features a switch must have to be considered Layer 2 or 3.
 
Last edited:
Caporegime
Joined
18 Oct 2002
Posts
26,053
Look at the OSI model to get an idea. If the switch knows what to do with an IP address then it's technically layer 3, but like I said the definition of layer 3 has been trending towards more advanced features and it's unlikely you would need anything more than a basic web-managed switch.
 
Caporegime
Joined
26 Aug 2003
Posts
37,493
Location
Leafy Cheshire
To me this all hinges on the real reason behind wanting to learn networking.

If it's simply for a better understanding for your own personal use then yes, just get a simple web-managed L2 switch.

If however you see this as a career path, you might as well get yourself a decent (second hand) Cisco device, and start down the path of certifications. This route will either cost you more, or you'll have to forgo gigabit to stay within the same price bracket as your typical DLink (or similar) web-managed switch, but ultimately you'll learn more relevant skills this way.
 

APM

APM

Associate
Joined
9 Nov 2011
Posts
1,460
Location
Wales
How distributed is all your kit?

Is it mostly in one room or spread about a few rooms,is it on one floor only or over two or more floors,how is the ethernet cabling where you are?

Are there ethernet cables running to everywhere you need the kit to be?

How much control would you like at each device/in each room etc?

All factors that could help you get to the correct set up for your needs.
 
Associate
OP
Joined
8 Jul 2010
Posts
833
Location
Staffordshire
Sorry for the slow response. I posted a couple of nights ago but the forum when into maintenance mode. My reply must not have made it in time.

Look at the OSI model to get an idea. If the switch knows what to do with an IP address then it's technically layer 3, but like I said the definition of layer 3 has been trending towards more advanced features and it's unlikely you would need anything more than a basic web-managed switch.

I'm researching the OSI model (which is so simple and ingenious!) but I'm still unsure if all Layer X switches must be capable of everything in the corresponding OSI layer.

To me this all hinges on the real reason behind wanting to learn networking.

If it's simply for a better understanding for your own personal use then yes, just get a simple web-managed L2 switch.

If however you see this as a career path, you might as well get yourself a decent (second hand) Cisco device, and start down the path of certifications. This route will either cost you more, or you'll have to forgo gigabit to stay within the same price bracket as your typical DLink (or similar) web-managed switch, but ultimately you'll learn more relevant skills this way.

I'm currently learning basic networking purely so I can better understand and configure my pfSense box and so I can improve the security of my LAN.But it is proving to be rather enjoyable and there is a possibility that it could be a career path. I'm looking into that at the moment.

As for forgoing gigabit, that's something I'm willing to do on some but not all of the ports.

I have been looking at a few used Cisco switches on the bay but it's difficult comparing switches when you don't really know what to look for and whether switch A is worth the added expense compared to switch B.


Redundancy = Expansion or how many more ports you may want in the future.

In that case, I've answered that in a subsequent post (in response to another user) but to save you looking back through the comments. I'm after around 16 ports at a minimum. I would go a little lower (say... 14) for the right switch. I'd also see little point in going above 24 ports as I'd almost certainly never use them... unless I was doing some homelab stuff in the event I decide to pursue networking as a career.
 
Last edited:
Caporegime
Joined
26 Aug 2003
Posts
37,493
Location
Leafy Cheshire
I'm researching the OSI model (which is so simple and ingenious!) but I'm still unsure if all Layer X switches must be capable of everything in the corresponding OSI layer.

Given that there is no standard for feature sets in "layer X" switches of the same manufacturer, let alone industry-wide, I'd take it as a "no" for that. However any Layer 3 switch MUST be capable of IP Routing (ignore the existence of dynamic routing protocols for now, the device will have a routing table, even if it's just full of static routes), and as a result will be capable of inter-vlan traffic. It should therefore also be capable of VLAN Tagging (so as to allow trunking).

I'm currently learning basic networking purely so I can better understand and configure my pfSense box and so I can improve the security of my LAN.But it is proving to be rather enjoyable and there is a possibility that it could be a career path. I'm looking into that at the moment.

In which case I'd definitely suggest getting in a decent brand of switch (I won't specifically state Cisco, you could go HP for example). This would also then mean that you are best off getting a minimum of 24-port (any less and you'll typically be dropping into the SOHO or Consumer ranges of equipment, you don't tend to rackmount 8-port switches ;))

As for forgoing gigabit, that's something I'm willing to do on some but not all of the ports.

At absolute most on a primarily 10/100 switch you'll get 4 Gigabit ports (Cisco 2960s come to mind here), sometimes you'll only get 2, and sometimes none at all. They may or may not be RJ45, sometimes they'll be SFP or GBIC ports, sometimes they'll be dual-personality. If you want Gigabit for a number of devices, you're going to have to plumb for a gigabit switch.

I have been looking at a few used Cisco switches on the bay but it's difficult comparing switches when you don't really know what to look for and whether switch A is worth the added expense compared to switch B.

Something like this will support VLAN tagging, trunking, port-aggregation, pretty anything you can think of at Layer2. They DON'T however do routing (you'd need a 3560G or 3750G for that), but assuming you are keeping your pFsense box, you could always "router on a stick" your network topology. pFsense supports 802.1q tagging. Given the cost difference there though, I'd take the 3750G over the 2960G, even with the 3750G's cosmetic damage.

The 3560G and 3750G are both Layer3 devices, they support IP routing (and IPv6 routing), as well as dynamic routing protocols.
 
Last edited:
Soldato
Joined
30 Nov 2007
Posts
2,989
Location
Bristol, UK
If you have a local set up go straight for 1 L3 switch as that will cover all your needs. If you are spread out or need port density then buy L2 for this function and trunk back to the L3 switch.

If you want to take it further (i.e career) buy Cisco switches as they are fairly standard and common.
 
Soldato
Joined
30 Nov 2007
Posts
2,989
Location
Bristol, UK
Current "best practice" is L3 end-to-end. Even our client-access layer is L3 these days.

What do you mean end to end - make every port a L3 routed port with point to point /30 subnets configured on each?

Almost everywhere I have been has L2 Vlans deployed to aggregate users trunking into L3 devices for routing. Theres no point (certainly not in a work environment) buy more expensive L3 devices in the access layer to do this and the overhead setting it up wouldn't be worth it
 
Caporegime
Joined
26 Aug 2003
Posts
37,493
Location
Leafy Cheshire
No, just be able to route at every switch layer in your topology.

As for setting up, beyond your typical switchport and security configurations (of which you'll be doing that for your L2 switches anyway), assuming you have implemented dynamic routing on your network, there should be very little "extra" to configure.
 
Back
Top Bottom