Setting up new home network
Setting up new home network
Hey guys,
Im thinking about setting up a new home network (please view picture below for current set-up idea).
I would like to create a separate VLAN for all incoming IoT devices.
One problem with the smart switch I current have (TP-Link TL-SG3210XHP-M2) is that the device is making way too much noise (it's placed in meter cupboard near front door).
Even when fan speed is on normal im hearing constant zooming sound, it even goes through the wall (sound reaches even in living door and kitchen with closed doors).
I'm also kinda new in the configuration of all this stuff, so would like to ask you guys some advice.
Currently what I have in possession:
- TP-Link TL-SG3210XHP-M2 (Can still return this one and thinking to replace it with smaller fanless switches)
- OC200 controller
- 2x EAP683 AP
What I still have to get:
- Router with good firewall option (thinking about the ER707-M2)
- New switches that are fanless (of which 1 should be managable to set up VLAN for IoT devices)?
- Maybe another AP (if I need to set up a different one after the managable switch as you can see in the overview below)?
Questions:
1) Is the set-up below in order? Or would you guys advice to do it in a different way?
2) Someone told me I needed a managable smart switch after my router to be able to set up separate VLAN for IoT, is this true?
3) Do I need an aditional AP after the manageble switch to get a separate network for the IoT? Or can I use the 2x AP 's that are already there?
4) I have seen a lot of complains about the noise of TP-Link TL-SG3210XHP-M2 (can the fan of this device be easily replaced by someone that has never done this before)?
Thanks in advance.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Regarding question 1:
Why not just configure 5 of the ER707 ports as LAN ports and plug the 4 non-POE devices directly into it? If you have some complicated VLAN stuff that needs to be replicated then the 105 or 2008 approach may be needed, if you are buying this switch, I think the SG2008 is not that much more but would have future value in your network, and you may wish to consider the 2008P variant (+40% in cost) to get 4 POE+ ports. You may also consider the new SG2005P-PD, it's absolute overkill and pricy for the temp application...but again in the future, if you were to take you network outdoors with cameras etc, it's quite the swiss army knife to have in your toolkit :)
The advantage of having Omada-aware switches is the level of detail you get downstream...here i have my 2210P connected to a 2008 downstream for NAS/printing:
- Copy Link
- Report Inappropriate Content
Yes, for multiple network and subnets topology, the managed switch is more helpful, and is necessary for me. This is a classical case for your reference here, and no more EAPs, you can set the VLAN ID for multiple SSIDs.
The noise of TL-SG3210XHP-M2 is normal, after the switch is powered on, the fan rotates at a constant speed, regardless of whether there is a client connection or the amount of forwarded traffic. Therefore the sound is also maintained at a stable level. The sound caused by the fan rotation is normal. Since this swich are not suitable for home office/small office usage scenarios, so need to place it on a rack/machine room to isolate the noise.
- Copy Link
- Report Inappropriate Content
@Nvb2 You would be giving up a lot of flexibility using just the unmanaged 1000 series switch devices. At the very least, may I suggest you front end (ie insert between the ER707 and the switches you have picked), something like a SG3210X-M2 that the controller can interact with, then use the 105XX devices for POE injection. You really need a full Omada managed 'router+switch+AP' to get the most out of the controller solution.
- Copy Link
- Report Inappropriate Content
Thanks for your reply.
Just for your info: I do have one SG3210X-M2 in my set-up right now, but the problem of that one remains; it just makes too much noise/ sound.
Also I don't have a rack or isolated room to put it instead.
I also checked the web for TP-link switch alternatives that have:
1) 2,5GE RJ45 ports
2) Fanless (silence) model
3) Managed
..But as far as I can tell they do not exist (I don't see any results under the 500,00 price range).
So for my scenario I think I have to make a decision between:
1) Replace the inside fan of SG3210X-M2 for a different one (one that has around the same airflow but is way lower in dB) so this will resolve the sound issue.
2) Go for a managed switch that only has ports that provide 1GB speed (more choises in these, but then the switch would be the bottleneck in my set up).
If you guys still know another solution/ good switch alternative im all ears.
- Copy Link
- Report Inappropriate Content
Thanks for your reply and the link.
I cant really make a proper sound isolation on the current location right now.
And I also don't have an option to place it elsewhere.
So for now I still have to think of a different solution.
- Copy Link
- Report Inappropriate Content
Actually you have the 3210XHP-M2 ie the POE variant. I am suggesting the fanless non-POE version which you can then use with the SG105's you show above, or other fanless manageable POE switches such as the 2210P. By doing this you can establish the 2.5G link between the 707 and 3210X-M2, and then LAG two (or more) 1G ports to make a 2G (or higher) connection to the subservient switches
In fact, if you don't use POE at all on your existing 3210XHP...you can probably just disconnect the fan and use it like a 3210X (non-HIgh Power variant)
- Copy Link
- Report Inappropriate Content
Thanks for the reply and my bad for missing the difference in 3210XHP-M2 and 3210X-M2.
The LAG set-up configuration sounds like an interesting solution.
I do have a few questions regarding this LAG set-up you suggested for making a 2G (or higher) connection.
1) If I would set this up; so lets says 2x 1G from 3210 towards 2 ports of a 2210P, then I still would need to use another 2x RJ45 port output to maintain this 2G speed, correct?
2) So if I'd plug a cable from the 2210P towards the EAP683 (EAP683 only got 1 input) then my bottleneck would be the 1G since only 1 output port on the 2210P can be used?
3) Is it possible to set up a 3x 1G from the 3210 towards the TL-SG105PP-M2 (so input on the switch will be 3G) and continue with the other ports to give 2.5G output? Or does the receiving switch NEED to be managable to be able to convert 3x 1G input towards 2,5G+ output?
Thanks
- Copy Link
- Report Inappropriate Content
1. LAG (LACP) is only supported on TPlink switches at this time. Yes, you would need to bond 2x1G to continue the higher BW connection downstream
2. My suggested architecture would 'limit' and I use that word lightly, your AP's BW to 1G symmetric (which IMHO is not a significant limitation).
3. Yes you can bond 3 or more channels if you need more aggregate BW.
My suggestion was all around providing visibility and monitoring using the OC200 in your design. As soon as you throw unmanaged switches in there, it gets messy.
That said, your final suggestion of perhaps manually configuring the SG105PP with LAGs and using the Controller to confiuring the LAGs on the 3210 could work. Alternatively, you could do away with the SG105PP's altogether and replace them with 2.5G capable POE injectors if you only have few devices that need >1G AND POE power. I have also bought aftermarket injectors to run 12VDC over the passive POE pairs if your APs support that.
You have a few levers to play with here :) I will be very interested to see which one makes the most sense for you
- Copy Link
- Report Inappropriate Content
In my region an SG105PP is about 3X the cost of a 2.5G capable POE injector. This would allow you to run everything off the 3210-nonPOE and skip the SG105 layer. The downside of POE injector over POE switch is you don't have power control (ie ability to bounce the power on one device, or to de-power a device overnight)
The bad news is the SG105PP is not a 'Smart Switch', so you won't be able to configure LAGs on it, not that you need to as it already supports up to 2.5G uplink. It is really just a 2.5G port expander with POE.
- Copy Link
- Report Inappropriate Content
Thanks for all the replies once again.
For now i'm thinking about giving up on the 2.5G speed for now.
The devices im going for are:
- TL SG3210 (8 port, non PoE)
- TL SG105PE (5 port, PoE+)
- Omada ER707-M2 (non PoE)
1) In this set up I believe the Omada controller needs to be linked to the router, correct?
2) So this would be solved by putting in one PoE-150S Gigabit PoE injector between the router and the controller?
3) All trafic needs to go through the SG3210 to be properly managed right? Or can the 707 partly take over this task?
Meaning I could connect the SG3210 on the 1G ports of the 707. And in a future scenario connect the 707 2.5G port towards a 2.5G switch/ AP?
Or is this not suggestible in your opinion?
- Copy Link
- Report Inappropriate Content
I think you can reasonably assume that in the next year, there will be SOHO switches released by TPlink that have 2.5G ports like the SG105PP, but which are compatible with Omada controllers. Given where you want to go, I wouldn't 'build out' completely today, I would take an interim approach
So my standard config is ER707 connected to an SG2210P. That gets you 8 POE+ ports, with 62W power budget and both boxes are fanless. I would not spend money on SG105PPs UNLESS you can live with the following info in italics below (stolen shamelessly from a reddit post by gjs520820) about gateway ACLs for devices connected to the SG105PP's, OR, if you simply want to use them as port expanders for identical devices (ie 3 identically configured APs attached to SG105 which is plugged into SG2210P or similar) and that only makes sense if you are running out of ports on the 2210.
Gateway ACL's are stateful. Meaning a gateway deny acl will allow the denied vlan to reply to a request, but it can not initiate a request. Currently under Controller mode gateway ACL's can only be written at the LAN level. Meaning you can block or allow the entire vlan, but not IPgroups or IP_Portgroups.
Switch level ACL's are not stateful, but can be written to block individual or groups of clients and also define ports to be allowed or blocked.
It would depend on your network, but with the gateway ACL's only acting at the LAN level makes them almost useless.
So use the 2210P for now...more than enough to power your OC200 and 3-4 APs at gigabit speeds with full Omada functionality and 'limp' along at Gigabit speeds :) When the inevitable SGXXXX comes out that has 2.5G ports, then add that to your solution attached to the 2.5G LAN port on the ER707 and move your high speed APs over to that.
Oh and I wouldn't spend money on the 3210 switch unless you have a need to run fibre off it's 1Gbps SFP's.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 1581
Replies: 14
Voters 0
No one has voted for it yet.