Hi,
I'm seeking your advice for my new home network.
Today, I have a flat network featuring Gigabit Ethernet, a central server hosting photos, videos, documents, music, etc. Everything is connected to the internet through my ISP router. I only use unmanaged switches (Netgear) and 5 years later everything works fine.
For my new home, I want to add more features, more flexibility and more security. By feature I mean PoE, VPN access, guest access, etc. I've been thinking to use 802.1Q VLAN to achieve this but I'm stuck against inter-vlan routing.
Here's the draft topology :
- VLAN 1 : ISP router 192.168.1.1
- VLAN 2 : private network 192.168.2.0/24 = server, PCs, TV, printer, media renderer, private Wifi AP
- VLAN 3 : guest network 192.168.3.0/24 = guest cabled access to selected ressources, internet access, Guest Wifi AP with captive portal
- VLAN 4 : host for VPN access
- VLAN 5 : surveillance IP cameras or stuff
I'm thinking about placing the server in a DMZ (another VLAN).
Now, if VLAN 2 must access the internet on VLAN1, I must route the trafic either with a router if I use a Layer 2 switch or with a Layer 3 switch.
If I'm right, it's no cheaper to buy a Layer 2 switch+a router instead of a Layer 3 switch.
Now, I also need PoE. It's no cheaper to buy a couple of PoE injectors and non PSD switch instead of a PSD switch, so I'd go for a PoE switch.
At the end, I'd choose a Layer 3 PoE switch such as the Cisco SG-300 28P but it's quite out of budget (>650-700€). I've been wondering if it would be cheaper and reliable to buy a small Cisco SG-300 10 (L3, no PoE) and another cheap L2 802.1Q compliant switch. What do you think ?
Thank you for your remarks and advices.
Popal
I'm seeking your advice for my new home network.
Today, I have a flat network featuring Gigabit Ethernet, a central server hosting photos, videos, documents, music, etc. Everything is connected to the internet through my ISP router. I only use unmanaged switches (Netgear) and 5 years later everything works fine.
For my new home, I want to add more features, more flexibility and more security. By feature I mean PoE, VPN access, guest access, etc. I've been thinking to use 802.1Q VLAN to achieve this but I'm stuck against inter-vlan routing.
Here's the draft topology :
- VLAN 1 : ISP router 192.168.1.1
- VLAN 2 : private network 192.168.2.0/24 = server, PCs, TV, printer, media renderer, private Wifi AP
- VLAN 3 : guest network 192.168.3.0/24 = guest cabled access to selected ressources, internet access, Guest Wifi AP with captive portal
- VLAN 4 : host for VPN access
- VLAN 5 : surveillance IP cameras or stuff
I'm thinking about placing the server in a DMZ (another VLAN).
Now, if VLAN 2 must access the internet on VLAN1, I must route the trafic either with a router if I use a Layer 2 switch or with a Layer 3 switch.
If I'm right, it's no cheaper to buy a Layer 2 switch+a router instead of a Layer 3 switch.
Now, I also need PoE. It's no cheaper to buy a couple of PoE injectors and non PSD switch instead of a PSD switch, so I'd go for a PoE switch.
At the end, I'd choose a Layer 3 PoE switch such as the Cisco SG-300 28P but it's quite out of budget (>650-700€). I've been wondering if it would be cheaper and reliable to buy a small Cisco SG-300 10 (L3, no PoE) and another cheap L2 802.1Q compliant switch. What do you think ?
Thank you for your remarks and advices.
Popal