[NA] LAN Equipment -- Managed Switches and WiFi extenders

AggieMike88

AggieMike88

Touchdown! Greaser!
Joined
Jan 13, 2010
Messages
20,805
Location
Denton, TX
Display Name
Display name:
The original "I don't know it all" of aviation.
In a different thread I started, the suggestion of my obtaining a "managed" switch was made. Currently I have Netgear 24 port non-managed switch that is doing an acceptable job.

What brand and models for the managed swtich does this crowd like? What is the expected price point?

If it helps frame the answers, we have 10 active workstations on the net, server, 9 VoIP phones, mess of printers, and a partridge in a pear tree somewhere around here...

--------------------------------------

And I to expand my WiFi coverage to areas of the warehouse, dismantling area, and the bone yard. I browsed a few while at Staples recently, but would rather find out what brands/models/types/etc are liked before I make the purchase.

Also, I'd like to learn more about how they work... Are they a wired into the LAN item? Or are they set at near the edge of range of my WiFi router listening for the WiFi signal and repeating it? Any throughput issues? Security concerns?
 
Time to hire an it group. Things can get very "interesting" when moving to a managed switch.
 
What do you need to manage ?

Do you plan to run the VOIP phones via PoE ?

Don't use 'wifi extenders'. Buy a box of Ubiquity Pro access points and cover your facility with them. Disable the wifi on your router so it doesn't interfere. The AP-Pros can run off PoE so all you need is one network drop from your PoE switch to install one. They make some designed for outdoor locations and to cover areas like warehouses. It all gets managed via a very simple user interface on a PC that sits somewhere in the same network.
 
Managed switches allow for things like VLANs, diagnostics and remote configuration. It is helpful for troubleshooting, especially if you utilize remote IT services. For 10 users, the benefit is questionable, though. I am not sure I would bother.
 
John221us said:
Managed switches allow for things like VLANs, diagnostics and remote configuration. It is helpful for troubleshooting, especially if you utilize remote IT services. For 10 users, the benefit is questionable, though. I am not sure I would bother.
Click to expand...

Isolating the VOIP on its own VLAN would help with audio performance.
 
asicer said:
Isolating the VOIP on its own VLAN would help with audio performance.
Click to expand...
I have a lot of experience with this (pretty much full time for the last four years) and the answer is no. VoIP uses about 64k to 100k per session. Even at 100 Mb the bandwidth utilization is negligible. Latency is not an issue on the LAN. For ten users, it makes no difference.
 
I use a TP-Link semi-managed switch. It allows for QoS among other things. I know the pros will laugh at TP-Link and probably rightfully so. Oh well, it works for me.

Waiting for Nate's verbos reply on whether QoS might be a concern with VOIP. I've seen it go south in a small office setting but that was 10 years ago and things have changed a lot since then.
 
Clark1961 said:
I use a TP-Link semi-managed switch. It allows for QoS among other things. I know the pros will laugh at TP-Link and probably rightfully so. Oh well, it works for me.

Waiting for Nate's verbos reply on whether QoS might be a concern with VOIP. I've seen it go south in a small office setting but that was 10 years ago and things have changed a lot since then.
Click to expand...
QoS is useful for impacted WAN links and large LANs. For a ten user network, it won't matter. If they are bringing their voice over their Internet connection, it would be useful on the WAN link to the service provider (if they are the same for both voice and data), but not so much for the LAN switch.
 
John, it is a single connection to outside world for both data and VoIP. And per the Ookla speed test, I have a DL/UL rate that far exceeds what Nextiva and other data vendors require.

Clark, I too am interested in what Mr. Wall of Text has to offer.
 
AggieMike88 said:
John, it is a single connection to outside world for both data and VoIP. And per the Ookla speed test, I have a DL/UL rate that far exceeds what Nextiva and other data vendors require.

Clark, I too am interested in what Mr. Wall of Text has to offer.
Click to expand...
Unless you have a dedicated link to the VoIP provider (typically, only because Internet and VoIP provider are one and the same), you won't be able to do QoS (Quality of Service), which prioritizes voice traffic over data. Most of the time it won't matter. If a few people start streaming kitten videos...
 
The question posed about "what and why do you need to manage it"? is important.

With less than 24 devices on the network, one good quality gigabit switch, even unmanaged, should handle it. I'd go managed but just to split the VLANs up for future expansion or to fight bandwidth or other issues that might come up. I just like the voice network separate from the data network.

As far as brands, we are an HP switch shop. Mainly because they don't draw the religious price tag that Ciscos do, but are built as high end easily as Ciscos are. Their command line interface isn't for the feint of heart, though. They "kinda" emulate Cisco commands, but just different enough to need to pay attention.

You don't gain much in your setup splitting things up, other than just to say you're built for future additions. Reason is, all the traffic goes one of two places, from desktop to server, or desktop and phones out to the internet.

That shared link to the internet will be your Achilles heel. Doing QoS won't help because QoS dies / can't be transported usually, past your edge router to the Net.

As someone said, someone streaming a cat video will get the same priority as all of the phones. Which *should* still work, but whenever you completely fill the pipe, you risk packet loss.

A VLAN split in your setup only helps with one thing, keeping the desktop to server traffic off of the phone VLAN, which with it all in a single switch is somewhat meaningless right now, and maybe forever if you could always run that network on a single 24 or 48 port switch.

There's not a lot you need there other than a good quality switch that has good backplane speed numbers so the switch never becomes the bottleneck.

I'm completely ignoring any security or management VLAN mentions because I don't see any info on firewall or other security stuff, and that network isn't big enough to worry much about network management having its own LAN. No need to over engineer it.

If you go simple and don't split it up, you could drive to a local store and buy nearly any switch to replace a dead one. Something to consider.

The big thing I'd consider is PoE over worrying about the VLAN or management on that network. So much simpler not to have to power phones with wall worts.
 
Oh wireless. Don't do extenders. Ditto the comments on using Ubiquiti AP Pro devices and run cable to them. Only problem we have ever had with ours was firmware memory leak the last three weeks, and they fixed that last Friday. Stable for years before that. You will need to install their management software on a server that stays on, if you want to control user access from the Windows Domain server(s). If just a single user/pass or a couple (like a guest network), no need to run something all the time. Few ways to do all of that. We set up encrypted RADIUS for them. Too much to detail here.

Oh and that might be another VLAN reason... a guest network. Guest Ethernet ports or wifi wouldn't be allowed to touch internal networks. We did that, but folks have to connect to our VPN server if they're in a conference room on wired LAN in that setup and it needed some static routing to make that work in the firewall.
 
Some of these SMB all in one security appliances, such as Meraki and Fortinet offer content filtering (by subscription). That could be helpful in preventing the kitten video thing and would probably be money better spent than a managed switch, but those HP web managed switches are pretty reasonably priced. Definitely go with PoE.
 
denverpilot said:
The big thing I'd consider is PoE over worrying about the VLAN or management on that network. So much simpler not to have to power phones with wall worts.
Click to expand...

When I was looking for a PoE switch for my house, I didn't see anything that was unmanaged and with PoE. I ended up with a Cisco switch that has 8 of the 26 ports with PoE which is sufficient for what I need (a couple of AP-Pros and IP cameras). The PoE switches that power all ports are $$$ and a waste if most of your equipment is non-PoE like desktops and printers. Looking back, having a managed switch is a good idea because at some point the HD cameras may start saturating things and I need to start playing with QoS and VLANs
 
Mike,

I sent you a PM a bit ago about the Meraki cloud managed gear. I'll add to what Nate is saying with the shared internet pipe, and say a second redundant internet connection would be beneficial. The meraki MX series of firewalls can do traffic shaping and you can load balance across the two internet links. Furthermore, you can set preferred links for traffic and route the voice traffic through one connection, and web through the second one. Will also add that with the MR access points you can content filter at the AP and limit bandwidth to wireless devices by category of traffic. In the past when I've used them, I've say set bandwidth limits on youtube, facebook etc at 1.5 mbit. It's enough to let the end user surf those sites(ish), but not so much that it takes away from the network being able to get out and share the WAN connection. I've got a consulting client of about 100 users strongly considering replacing their fortigates with the Cisco Meraki stack.
 
You must log in or register to reply here.
Back
Top