Me again - another hopeful simple question - just trying to learn

[oharag]

Hello. I've been here bugging you guys on my future network setup. I'm hoping to future proof my home network (speeds/tech/etc..).

I have a question regarding Level 2 vs Level 3 switches. Most of the switches from big boys (Qnap/etc...) are Level 2. Some of the Chinese switches add Level 3 and VLAN capabilities. So my question: Do I need a level 3 switch? If yes why do so many name brand switches offer only Level 2. I'm building a home network - Gaming/PC/Plex/AppleTV etc... I want to play with Docker/PFSense/whatever comes down the way. Am I limited with choosing a Level 2 switch? Thanks

 

[oharag]

I got this from LinkedIn:

Using a Layer 3 Switch With VLANs
Each virtual LAN must be entered and port-mapped on the switch. Routing parameters for each VLAN interface must also be specified.Some Layer 3 switches implement DHCP support that can be used to automatically assign IP addresses to devices within a VLAN. Alternatively, an outside DHCP server can be used, or static IP addresses configured separately.

Challenges With Layer 3 Switches
Layer 3 switches cost more than ordinary switches but less than routers. Configuring and administering these switches and VLANs also require additional effort.

The applications of Layer 3 switches are limited to intranet environments with a sufficiently large scale of device subnets and traffic. Home networks usually have no use for these devices. Lacking WAN functionality, Layer 3 switches are not a replacement for routers.

Keynotes:
Features of Layer-2 Switches
Enlisted below are the various features of Layer-2 switches.

• Layer-2 Switch act as a network bridge that links up various end devices of a computer networking system on one single platform. They are able to transport data very rapidly and competently from the source to the destination end in LAN networks.
• Layer-2 switches perform the switching function to re-arrange the data frames from the source to a destination end by learning the MAC address of the destination node from the address table of the Switch.
• The MAC address table provisions the unique address of each device of layer-2, on the basis of which it can identify the end devices and the node on which the data is to be delivered.
• Layer-2 Switch splits a bulky complicated LAN network into small VLAN networks.
• By configuring multiple VLAN’s within a vast LAN network, the switching becomes faster as it is not being physically connected.

Features of Layer-3 Switches
The various features of Layer-3 switches are given below:

• It performs the static routing to transfer data between different VLAN’s. Whereas the layer-2 device can transfer data between the networks of the same VLAN only.
• It also performs dynamic routing in the same way in which a router performs. This dynamic routing technique allows the switch to execute optimal packet routing.
• It provides a set of multiple paths according to the real-time scenario of the network to deliver the data packets. Here, the switch can select the most feasible path for routing the data packet. The most popular routing techniques include RIP and OSPF.
• The switches have the capability to recognize the IP address related information that is heading towards the switch about the traffic.
• Switches have the capability to deploy QoS classifications depending upon subnetting or VLAN traffic tagging instead of configuring the switch port manually as in the case of layer-2 switches.
• They require more power to operate and tender higher bandwidths links between the switches which are almost more than 10Gbits.
• They provide highly secure paths for data exchange. Thereby, they are implemented in such instances where data security is a prime concern.
• The features associated with switches like 802.1x authentication, loopback detection, and ARP inspection make it efficient to use at instances where secure data transmission is essential.

 

[oharag]

So it states for Home networks - Level 2 is fine. But I still don't get the VLAN comments. Can Level 3 switches only setup VLANS? If yes - again - am I missing out for future growth?

 

[Tech Junky]

Vlans can be both layer 2&3

Difference being one is routable and the other just tags the traffic.

Layer 2 is just the fast switching and tagging based on the port or mac address

Layer 3 will allow you to tag traffic by subnet / IP

 

[oharag]

It says that Level 3 can not act as a switch due to not having WAN. Is this correct?
Otherwise I have a strong believe Level 2 is fine for me.

Hey do you have a recommendation for CAT6A RJ45 cables? I ordered CAT6 a while back thinking that would be more than acceptable - but this was back in the day I was dreaming about 1 Gbe network. I usually order from Monoprice due to cost. But the CAT6A cable has so-so reviews - a customer gave this comment:

We normally love ordering from Monoprice, great price and quality. However, when we received 5 of these cables and tested them with our $15,000 Fluke, they all failed the Near-End crosstalk test.

PROS: Cheap cable
Will probably work for most scenarios

CONS: Does NOT pass CAT6a channel test on Fluke (failed Near-End crosstalk)
I wouldn't use these in a data center, especially for storage networking (ISCSI, FCOE)

https://www.monoprice.com/product?p_id=5902

Any recommendations for RJ45 SFP+ transceivers - I have to at least use RJ45 for my uGreen NAS. I will use Optical for my MS-01 - so yeah any recommendations for these optical transceivers as well.

I'm going to buy this switch:

QNAP QSW-M3216R-8S8T | QNAPWorks.com

www.qnapworks.com

It's a name brand - has good SW management solution - has 8XRJ45 10Gbe and 8X 10 gbe SFP+. I see running 10GBe RJ45 to certain areas of the home - upstairs office (maybe 100 ft - maybe less it's hard to measure) - basement (less than 50ft - this is where my ONT is located - and most likely where I will place the switch/MS-01 and NAS) and two rooms on first floor (maybe les than 50 feet).

Upstairs is where I have my computers are located - I definitely want 10Gbe here. My MS-01 and NAS will be close to the above switch (in basement).

Any recommendations for a cheaper - non-managed switch that has at least QNTY 2 10 Gbe RJ45 and maybe 4-5 2.5 Gbe RJ45?

 

[Tech Junky]

A switch doesn't have a wan because it's not a router. However, there are ways to make a switch act like a router

If they don't pass crosstalk then they probably need to be terminated again.

 

[MountainBofh]

I have a pile of the monoprice cat6a patch cables in my data center at work. They work fine at 10gb.

 

[oharag]

Okay.

So here's my setup - hoping this works - maybe I'm truly ignorant

Currently:
I have Verizon Fios ONT down in basement (it can go to 1gig/1gig but at moment I have 300/300. Fios is rolling out 2.5gig but that will be a while). A ethernet cable connects my ONT to my Asus XT8 wifi router. I want a better firewall/VPN "router".

Plan:
So I've been watching tubes and reading nets and I believe I want this setup:
- MS-01 running pfsense and docker (still a noob so I don't know much about this) - goal: have a way more powerful firewall/VPN system.
- I will connect the ONT to the MS-01 2.5 Gbe port.
- I will then connect both SFP+ ports using optical to the QNAP switch above (link aggregation).
- I will also connect my NAS to QNAP using RJ45 (link aggregation)
- From the QNAP I will make runs to my devices (gaming/TV/etc..)
- One of those runs will be to my Asus wifi router - I will disable the NAT feature on Asus since I believe the MS-01 will be the NAT - correct?
- I will use the Asus as my wireless router only - the ports on the Asus are only 1 Gbe - so everything will go through the switch.
- I may also buy smaller unmanaged swithes to place in different locations to run 2.5gbe to my multimedia devices (TVs/Firestick/AppleTV/WiFi router/etc...)

Are there any flaws to the above setup? I assumed this would work.

 

[sic0048]

I have a question regarding Level 2 vs Level 3 switches. Most of the switches from big boys (Qnap/etc...) are Level 2. Some of the Chinese switches add Level 3 and VLAN capabilities. So my question: Do I need a level 3 switch? If yes why do so many name brand switches offer only Level 2. I'm building a home network - Gaming/PC/Plex/AppleTV etc... I want to play with Docker/PFSense/whatever comes down the way. Am I limited with choosing a Level 2 switch? Thanks

You first have to understand what "Layer 2" and "Layer 3" really are referring to. I'm not IT Professional but layer 2 is routing done at the MAC address level and Layer 3 is routing done at the IP address level. In laymen's terms, you need Layer 3 to cross over network segments while layer 2 handles data traveling on the same network segment. In a normal residential network, the router is the only layer 3 device and the switch is a layer 2 device (handling routing via ARP tables). This means that any traffic that needs to cross over a network segment (whether that is to/from an external network - ie the internet - or across a VLAN on the same local network) has to traverse through the router. But all data flowing between devices on the same network segment can by handled by a layer 2 device and that traffic doesn't need to go to the layer 3 device during it's transit.

A switch that has been set up as a true layer 3 switch is able to route things at both the IP address level and the MAC address level. This means that gateways and routing rules (called ACLs) are created in the switch instead of in the router. In fact, networks that have set up their switches as layer 3 devices typically don't have a firewall/router because the switch is handling all of that functionality (DHCP, ACLs, gateways, VLAN management, etc).

I firmly believe that running switches as true layer 3 devices in a typical residential network is completely overkill and unneeded. What I mean by that is that if you are an IT professional that works with layer 3 switches everyday and it's second nature for you to set up networks like this, then it is fine. But if you don't know how to do this already, there is no need to go out and learn how to set up switches for layer 3 functionality. It's simply not worth the effort IMHO. The traditional home network configuration where you have a router acting as the layer 3 device and your switches are acting as layer 2 devices works great and is easy to set up, even with VLANs.

Therefore I think a MUCH better question for a typical residential network is do you want managed or unmanaged switches for your primary networking switches. If you are on this forum, then I think the answer to that question is always going to be managed switches - specifically managed switches that support VLANs (the 802.1Q networking standard). Sometimes these switches are called VLAN aware switches. There is a very high likelihood that you will eventually want to run VLANs on your residential network, so make sure the managed switch you choose can support them.

Outside of that, it really doesn't matter if the switch is layer 2 (with VLAN support) or layer 3. You can get a "layer 3" switch and never use any of the functionality that makes it layer 3 - effectively keeping it a layer 2 switch. Conversely, the odds of you actually wanting all of that layer 3 functionality is also very low, so purchasing a layer 2 switch that supports VLANs isn't likely going to hold you back either. In other words, don't make your switch purchase based on whether it is layer 2 or layer 3. It's more important to buy a managed switch (with VLAN support) that has the port configuration (speed, number, type, etc) that you need vs worrying about if it is layer 2 or layer 3.

Hopefully that helps!

 

[oharag]

You first have to understand what "Layer 2" and "Layer 3" really are referring to. I'm not IT Professional but in laymen's terms - layer 2 is routing done at the MAC address level and Layer 3 is routing done at the IP address level. You need Layer 3 to cross over network segments. In a normal residential network, the router is the only layer 3 device and the switch is a layer 2 device (handling routing via ARP tables). This means that any traffic that needs to cross over a network segment (whether that is to/from an external network - ie the internet - or across a VLAN on the same local network) has to traverse through the router.

A switch that has been set up as a true layer 3 switch is able to route things at the IP address level. This means that gateways and routing rules (called ACLs) are created in the switch instead of in the router. In fact, most networks that have layer 3 switches don't even have a traditional routers because the switch is handling all of those functions (DHCP, ACLs, gateways, VLAN management, etc).

I firmly believe that running switches as true layer 3 devices in a typical residential network is completely overkill and unneeded. What I mean by that is that if you are an IT professional that works with layer 3 switches everyday and it's second nature for you to set up networks like this, then it is fine. But if you don't know how to do this already, there is no need to go out and learn how to set up switches for layer 3 functionality. It's simply not worth the effort IMHO. The traditional home network configuration where you have a router acting as the layer 3 device and your switches are acting as layer 2 devices works great and is easy to set up, even with VLANs.

Therefore I think a MUCH better question for a typical residential network is do you want managed or unmanaged switches. If you are on this forum, then I think the answer to that question is always going to be managed switches - specifically managed switches that support VLANs (sometimes called VLAN aware switches). There is a very high likelihood that you will eventually want to run VLANs on your residential network, so make sure the managed switch you choose can support them.

Outside of that, it really doesn't matter if the switch is layer 2 (with VLAN support) or layer 3. You can get a "layer 3" switch and never use any of the functionality that makes it layer 3 - effectively keeping it a layer 2 switch. But the odds of you actually wanting all of that layer 3 functionality is also very low, so don't make your switch purchase strictly on whether or not it is layer 2 or layer 3. It's more important to buy a managed switch (with VLAN support) that has the port configuration (speed, number, type, etc) that you need vs worrying about if it is layer 2 or layer 3.

Hopefully that helps!

No awesome - thanks for the great info. I appreciate this from the STH members. I'm learning from you guys.

 

[Tech Junky]

flaws

assumed

link aggregation

You're on the right track with the custom box as gig+ requires faster NICs not aggregation. Aggregation will work to an extent but, sometimes not.

Running a single cable is less to troubleshoot if it goes wrong but running a backup cable at the same time is cost effective. Picking a medium aka cable type can help KISS the setup and make it easier to manage or swap parts around to test things if needed. If you go fiber then the bits on the end of the cable tend to be standard and swappable. This helps because sometimes SFPs just don't work or a cable might need the ends swapped tx/rx to make it work.

"Layer 2" and "Layer 3"

To dumb it down even further.... L2 can be thought of as a splitter that just gives you more ports to plug stuff into or aggregate devices and then send them to an uplink further into the network. It just sits there and moves the data w/o thinking about it as each port gets mapped for processing.

L3 does the same thing but, can also make decisions based on more criteria.

Both types have managed options though. L2 dumb switches are cheap for port density as you can grab simple 5 port options for under $10. Add the ability to put VLANs on them and the price jumps a bit.

Add L3/IP to the switch and you're easily over $100 usually.

Pricing though comes down to un/managed. port density, and port speed. There are ways around it though if you want to break 10GE speeds such as putting higher speed NICs into 2 devices and using a DAC cable instead of pushing it through a switch. Say you have a couple of devices that sync large files and you want them to do it quickly then you grab a couple of 25GE cards to put into each one and a DAC cable to connect them directly for ~$100 vs spending significantly more on a switch that can hit the same speeds.

Either way @oharag planning makes for a cheaper experience in the end. This takes some experience though and knowing what your data requirements / needs / wants are. Even 25GE might not be enough and you might consider 100GE or more. For me I made my own router out of a PC / ATX setup and put everything I want to have the fastest access inside of it. I do a lot of Plex stuff so, that's running there and the storage is inside as well with the tuners to capture OTA programming directly to the disk. If I had a 100GE ISP WAN connection I wouldn't have any issues as far as a bottleneck would be concerned because the NIC would be sized to the link and the disk inside hits 6.5GB/s which still would leave room for additional traffic if it were maxed out. Also, since it's a full sized ATX setup there's room for expansion or swapping of parts. I have slots to play with or swap NICs if I wanted to as well places to stick more storage if needed or any other random project that comes along.

Starting out though with a MS box as a router is a good place to start though until you decide what you want / need at a decent price point though. ~$200 isn't a bad deal but, it's limited to whatever you order it with in terms of the ports since they're not swappable. The other option would be to use a SFF PC with a couple of slots which would give the option of a couple of NICs of varying speeds to design as needed. At least a mATX board would give few slots to play with as most ITX options are single slot unless you find a unicorn that has 2 slots. Then pick some NIC that has 4 ports on it like the QNAP 5G4T that gives you 5GE ports for $200. Or go all in and grab a couple of dual port 10GE cards and SFPs. There are tons of different ways to do things between a DIY setup or a dedicated piece of HW from a vendor specific to your needs / wants. Something off the shelf might offer ease and efficiency but, it will cost a bit more. But, you get support and ease of use.