Rackmount gigabit switch recommendations

Muel

Muel

Muel

Soldato
Joined
26 Jun 2009
Posts
3,023
Location
Sheffield
Heyup

As always, I want to do this as cheaply as I can but also I want to play around with networks. I have very little experience bar the fact that I have a Sonicwall TZ170 and have played about with that a bit.

I've never had a managed switch or anything like that, but I've decided that I'd like one. I have a server running ESXi, which has a few VMs on it. What I want is to set up a VPN so that the server will have two NICs, and I can either pass the NIC dedicated to my internal network to a particular VM, or I can pass the NIC dedicated to the external network (I.E: available over the VPN).

Is this possible? I want to essentially end up with some VMs I can access from outside (web dev server, Minecraft server etc) and some that I can't, and that are local only (print server, shared storage for media etc).

I need a gigabit, rack mountable switch (or router?) that can achieve this.

Help? I've got almost no knowledge but would love to play and learn.
 
DRZ said:
I think you've got some terms mixed up here (and/or are presenting this inaccurately).
Click to expand...

Highly likely, I'm very nooby when it comes to networks!

DRZ said:
Let's start with the switch. I'm going to assume that you want a managed device so you can learn with it (because you certainly don't need a full layer 3 managed switch for what you are suggesting), and the best "vendor" for that is probably Cisco. However, you said "cheap" and that probably means you're not going to get a 'proper' Cisco switch for that.
Click to expand...

I think "managed" is what I need, yes. I doubt I can afford a proper Cisco jobby, for a budget I'd say around £50-75 second hand? The number of ports doesn't bother me really, 12 or above is fine.

DRZ said:
The idea of a VPN is essentially exactly what it stands for, a Virtual Private Network. I.e. connect to the VPN and it is as if you are on the local LAN (most basic explanation here!). Would you be wanting to give this access to known external people (friends/relatives) or open to the general public? If it is the former then yeah, VPN and external servers either on a different subnet/vlan with appropriate ACLs or on the same subnet with appropriate ACLs. If it is the latter, then VPN is going to be a massive PITA for you to manage and you want to set up a DMZ.
Click to expand...

I see, errm I want it all private, not public. My Minecraft server is strictly friends and family, as I don't have the hardware to support more than a few users. I also don't want the hassle of people building stuff then getting arsey if I just decide to change the map, so strictly mates only.

DRZ said:
In any case, I wouldn't be "passing the NIC" anywhere. I'd have a vSwitch and corresponding VLAN and subnet that was for externally accessible services and another one for internal. You would then have both NICs teamed together going into your switch (active/passive if there isn't any EtherChannel support on your switch, active/active if there is). VLAN trunking is your friend here, so you can get both VLANs from your ESX environment into your LAN.
Click to expand...

I think I understand this. I'd be teaming both NICs together for double speeds, but have two virtual networks, giving certain VMs access to either network as I see fit?

I want my Windows Server 2008 VM to be private, so only stuff in my flat can access my printer and network storage, but I want my two Ubuntu Server VMs to be on the VPN, so my mates can log in and access my Minecraft stuff and my web dev server. (Also meaning I can access stuff I'm developing from outside the flat, at uni for example).

DRZ said:
If I was doing the shopping for that, I'd get the cheapest Layer 2 managed Gigabit switch that I could find that supported VLANs, 802.1q and EtherChannel (probably going to be a Netgear of some sort I'd have thought) and the best Cisco router you could afford to act as a router-on-a-stick.

With these basic elements you have the foundation of a pretty decent learning environment.
Click to expand...

Something like a NetGear GSM712 or do you reckon a GS116UK would suffice? Not rack mountable though I think. :( (I have a project in mind, ideally want to mount it properly.)

Why would I need a router as well? I have two at the moment (kind of), the O2 free one acting as a modem, then the TZ170 which is kind of a router/firewall I think.
 
£75 was just a ballpark of what I've ideally like to spend on a switch, but looks like I'll have to get a router as well...

I didn't think of the subnet/VLAN (are they the same thing?) issue, traffic is going to have to go between them you're right, so that computers on the "internal" subnet/VLAN can access the stuff on the public one. (Minecraft server).

I've no idea what the Sonicwall can do tbh, I'll have a look later. The Sonicwall does have a major problem though in that it doesn't have any gigabit ports.


The other option I guess is to get a basic unmanaged gigabit switch and stick everything on that, and just not have a VPN. That's no fun though. :P


Starting to think my rather broken knowledge of messing about with old networking kit I've accumulated over the years won't cut it... Are there any books I can learn from?
 
Last edited:
Aye but the 2900 doesn't have gigabit does it?

How about if I try to pick up a 3560G-24TS cheap?
 
I do indeed, one of the main functions of the server is going to be as a backup server. Can't backup over 2tb of stuff regularly without gigabit! :P

It's also going to be a media share thingy so streaming 1080p will be a pain without gigabit methinks.
 
:( Yeh that's way over budget.

Looking at Netgear/Dell stuff I think. Cisco gigabit kit seems to command a premium.

We shall see... I do want to have something to play with.
 
Now considering just setting up a basic VPN instead, you need a password to access anything on my Windows Server 2008 VM anyway so none of my mates will be able to print "poo" over and over again or do hilarious things to my video collection.

If I let them get in via the VPN, then they should just be able to access my minecraft/web dev VMs I think, without getting access to the Windows Server 2008 one right?

Need to upgrade our internet connection anyway, currently on ADSL but could be on fibre optic for around the same monies.
 
You must log in or register to reply here.
Back
Top Bottom