Which switch to buy?

[Fede Frede]

Hello,

I live in a small coop where there's 20 apartments. We are looking to get a fiber internet connection (250 mbit) which we all have to share. We have gigabit ethernet cabling - but now I'm seeking a managed switch that can cap each port so we don't max out. In addition, possibly some QoS - but I hope it's not needed. The budget is up to 500 USD.
I'm looking at TP-LINK TL-SG5428 which seems to be able to do what I need.

Any tips or suggestions? That would be much appreciated.

Frederik

 

[azazel1024]

QOS on a switch is going to be VERY limited and not really something you are going to face. QOS on the L2 level is generally only going to come in when you are talking VOIP or maxing a port. In which case QOS can help with latency/jitter by prioritizing port traffic. However, it cannot prioritize on an IP level, which is what you need. You are going to have to rely on the router to do L3 and L7 level QOS.

Also, I don't know that you necessarily want to cap each port, unless you truely do want a max speed for each apartment. Again, you are going to want to lean on the router to do proper QOS management. With good QOS and bandwidth management it'll share out bandwidth more appropriately for the incoming connections.

Now, you might still want the switch to do network segmentation (VLANs) so that the various apartments cannnot see and talk to each other for security reasons. Same goes with the router supporting VLANs.

Anyway, switch will work great if you want to, say, truely limit each apartment to 12.5Mbps, but that also means if there are only 4 users hitting the internet, they each only have 12.5Mbps and the rest of that 200Mbps fiber connection is sitting idle. Proper bandwidth and QOS management at the router level can ensure that those 4 users can each get roughly 62.5Mbps and then if a 5th user hops on, then its 50Mbps for each user, another one hops on, etc.

 

[Cloud200]

If you are going to do this Service provider style, eg max of 50mbps with a reserve of 12.5mbps per port, then you will need to do this with a router.
config would have to be with VLANs, a /30 subnet per port, and the rules set up on the router.

You can definately ease the load on the router by doing some of the work on the switch.
eg. capping the maximum data rate at 50mbps ingress/egress per port in the prior example.

Any real application level QOS though is going to fall flat on its face unless you get a Layer 3 or 4 switch (too expensive for this project)

Edit:
To see what a bandwidth manager for a switch looks like:
https://supportforums.cisco.com/community/911/cisco-small-business-online-device-emulators
select the:
"SG220-50P Smart Switch
Online Device Emulator (ver.1.0.0.16)"

Go to the "Quality of Service" dropdown on the left
Select "Bandwidth"

You should be able to play around from there and get a general understanding of what you can do.

 

[Fede Frede]

Thanks!

Hey azazel1024 & Cloud200

Thank you very much for spending the time wiriting the posts - they helped me a lot in my research.
So if I get this right:
My router (ASUS RT-N66U) controls the DHCP and if I make a /29 network, I should be able to do 32 VLANS with 6 hosts on each network. DHCP is set in the router, the VLAN is set in the swtich - and each VLAN correspond to a port which again correspond to an apartment - hence I can seperate the apartments and make QoS rules based on subnets...?

My only objective is to share the 250-300 mbit connection in a fair and useful matter - and capping each port at 50 mbit must be effective in making sure we don't max out from eg. P2P. Maybe that's all it takes together with the VLAN for security.

Right now we have a small DSL line with QoS supplied from a ASUS RT-N66U with Shibbys Tomato firmware. Works great for now, but I guess I will max out at about 150 mbit - unless I go back to stock firmware and leave out the QoS. Out of curiosity - What kind of equipment can do level7 QoS at a speed of 300 mbit?

The switch I'm looking at is this:
http://www.tp-link.com/lk/products/details/?categoryid=223&model=TL-SL2428

TP-LINK TL-SL2428 - looks great - but I don't know the brand. Reliable?

Regards,

Frederik

 

[htismaqe]

Unless the N66U is VLAN-capable, you won't be able to set QoS policies per VLAN. You could set them based on source/desitination IP addresses but not based on VLAN IDs.

 

[azazel1024]

Unless the N66U is VLAN-capable, you won't be able to set QoS policies per VLAN. You could set them based on source/desitination IP addresses but not based on VLAN IDs.

But you can set bandwidth controls on the switch for each port/VLAN. Its not as good as QoS, but if the goal is really more just "fair" division of the connection, than that can work fine to divy up each port at 50Mbps each and call it a day. Router doesn't need to support VLANs for this to work or to allow network segmentation.

For L4/7 QoS...probably not any commercial router to be able to do 300Mbps. Probably enterprise.

 

[Cloud200]

Hey azazel1024 & Cloud200

Thank you very much for spending the time writing the posts - they helped me a lot in my research.
So if I get this right:
My router (ASUS RT-N66U) controls the DHCP and if I make a /29 network, I should be able to do 32 VLANS with 6 hosts on each network. DHCP is set in the router, the VLAN is set in the swtich - and each VLAN correspond to a port which again correspond to an apartment - hence I can seperate the apartments and make QoS rules based on subnets...?

My only objective is to share the 250-300 mbit connection in a fair and useful matter - and capping each port at 50 mbit must be effective in making sure we don't max out from eg. P2P. Maybe that's all it takes together with the VLAN for security.

The switch I'm looking at is this:
http://www.tp-link.com/lk/products/details/?categoryid=223&model=TL-SL2428

TP-LINK TL-SL2428 - looks great - but I don't know the brand. Reliable?

Regards,

Frederik

You can do this easily with your current hardware.
What you are looking to do is set up private VLANs/Port Isolation
This guide shows you how to set it up with a TP-Link switch:
http://www.tp-link.com/en/article/?faqid=525
The model you listed should work fine.

There will be no need to set up any VLANs etc, just isolate every port from every other port except the router and it will be good to go.

But you can set bandwidth controls on the switch for each port/VLAN. Its not as good as QoS, but if the goal is really more just "fair" division of the connection, than that can work fine to divy up each port at 50Mbps each and call it a day. Router doesn't need to support VLANs for this to work or to allow network segmentation.

For L4/7 QoS...probably not any commercial router to be able to do 300Mbps. Probably enterprise.

Off the top of my head, a decent desktop computer with an intel based dual port server NIC and PFsense installed ought to get it done.

From what Fede Frede said though, it wont be needed.


For more information on VLANs, read these articles from SNB:
http://www.smallnetbuilder.com/lanwan/lanwan-howto/30071-vlan-how-to-segmenting-a-small-lan
http://www.smallnetbuilder.com/lanw...w-to-segment-a-small-lan-using-tag-only-vlans
http://www.smallnetbuilder.com/lanw...segment-a-small-lan-using-tagged-vlans-part-2

EDIT:
Just watch out to make sure you are not overloading the router. If you see that the connection is getting spotty, that will probably be your weakest link.

 

[azazel1024]

True, but technically that isn't buying a router, that is building one. Off the shelf, no consumer router is probably going to meet those performance specs.

An inexpensive mITX board with dual NICs and integrated quad core celeron Bay Trail maybe/probably could for only ~$200-250 for the total build. At worst you might consider moving up to something like a dual core Haswell celeron/pentium for a few bucks more (but a fair amount higher power consumption. Of course we are talking maybe 14-20w compared to 10w).

 

[htismaqe]

True, but technically that isn't buying a router, that is building one. Off the shelf, no consumer router is probably going to meet those performance specs.

Yep. For a budget, building one is probably a better option.

 

[LoneWolf]

Yep. For a budget, building one is probably a better option.

Either that, or possibly a Ubiquiti Edgerouter Lite, and a managed 100Mbps switch to go with.

If have 100-250Mbps of Internet to share, there's no reason not to save money and go with a 48-port Fast Ethernet switch with two gigabit copper uplinks, connecting one of them to the router. This would allow for the best of both worlds on the existing budget; a reasonably powerful router, and a managed L2 switch. The HP 1905-48 would fit this category and stay within budget; the HP 1810-48G pushes that budget when combined with the router, but adds gigabit.

 

[azazel1024]

Either that, or possibly a Ubiquiti Edgerouter Lite, and a managed 100Mbps switch to go with.

If have 100-250Mbps of Internet to share, there's no reason not to save money and go with a 48-port Fast Ethernet switch with two gigabit copper uplinks, connecting one of them to the router. This would allow for the best of both worlds on the existing budget; a reasonably powerful router, and a managed L2 switch. The HP 1905-48 would fit this category and stay within budget; the HP 1810-48G pushes that budget when combined with the router, but adds gigabit.

Only issue is cost and overkill. Unless the apartments themselves are going to be wired up with multiple jacks, I'd tend more towards something like the TP-Link SG2224. 24 ports, got all of the management features you'd probably need (including bandwidth control) and fairly cheap.