Captain Jack Sparrow
Anti-cryptominer
- Joined
- Jul 1, 2007
- Messages
- 561
- Reaction score
- 118
First of all, I'm not sure why we don't yet have a networking sub-forum. I don't know where else to post this, so I'm posting it here anyway.
I need to expand our home network as I am planning to wire more ethernet sockets, and install another Ubiquiti UAP (enterprise-grade wireless access point).
As Ubiquiti UAPs are expensive, I want to do this as quickly, cheaply and dirty as possible.
We have a managed 8 port gigabit switch. Ports 1-6 are configured for a PC only VLAN. I'll call this VLAN 1. Port 7 is configured for a hotspot VLAN. I'll call this VLAN 2. Port 8 is a tagged port which can send traffic to VLAN 2 if it's tagged, otherwise it'll send the traffic to VLAN 1. Here's a really bad diagram.
(click to view full-size)
Now I have a problem, as I am about to run out of ports on this managed switch. I still have an old Cisco 8 port gigabit switch, but it's unmanaged. What I am thinking of doing is to downsize VLAN 1, and use the unmanaged switch to scale up VLAN 1. I don't know if this will work, but logic tells me that I should be able to plug an unmanaged switch into a port which has been assigned to VLAN 1. In this scenario, theoretically the entire unmanaged switch should only be able to communicate with VLAN 1. This is the behavior that I'm looking for. I can then move most of the devices consuming VLAN 1 ports to the unmanaged switch, and free up ports on the managed switch.
That means that I can make VLAN 2 bigger, and assign another port to an AP, just like how port 8 has been set up. Here's another really bad diagram of what I'm trying to achieve.
(click to view full-size)
If I downsized VLAN 1 to ports 1-3, then I could connect the unmanaged switch to port 1, and a server to port 3. Port 2 will remain unused for now. Devices connected to the unmanaged switch should be able to reach the server on port 3, but they should not be able to reach VLAN 2. I can also add ethernet sockets to the unmanaged switch. These should remain on VLAN 1.
With VLAN 2 scaled up to ports 4-6, a pfSense box will be connected to port 4. This will be the only device on VLAN 2 so far. I may add more devices to VLAN 2, but this VLAN is primarily for tablets, smartphones and similar devices.
On ports 7 and 8, I should be able to connect these to Ubiquiti UAPs. Untagged traffic should go to VLAN 1, and tagged traffic should go to VLAN 2.
I have a couple of questions.
Firstly is it okay to use an unmanaged switch on a VLAN? Would this even work, and if so, would the two VLANs remain isolated from each other?
Secondly, is this an acceptable practice? Remember, this is only a home network, and we're not trying to be more secure than MI6
.
I hope someone here can help me, I actually have very little idea of what I'm doing, networking isn't my area of expertise.
I've tried my best to make this situation as easy to understand as possible. Please let me know if you'd like me to clarify anything further.
- Capt. Jack Sparrow.
I need to expand our home network as I am planning to wire more ethernet sockets, and install another Ubiquiti UAP (enterprise-grade wireless access point).
As Ubiquiti UAPs are expensive, I want to do this as quickly, cheaply and dirty as possible.
We have a managed 8 port gigabit switch. Ports 1-6 are configured for a PC only VLAN. I'll call this VLAN 1. Port 7 is configured for a hotspot VLAN. I'll call this VLAN 2. Port 8 is a tagged port which can send traffic to VLAN 2 if it's tagged, otherwise it'll send the traffic to VLAN 1. Here's a really bad diagram.
(click to view full-size)
Now I have a problem, as I am about to run out of ports on this managed switch. I still have an old Cisco 8 port gigabit switch, but it's unmanaged. What I am thinking of doing is to downsize VLAN 1, and use the unmanaged switch to scale up VLAN 1. I don't know if this will work, but logic tells me that I should be able to plug an unmanaged switch into a port which has been assigned to VLAN 1. In this scenario, theoretically the entire unmanaged switch should only be able to communicate with VLAN 1. This is the behavior that I'm looking for. I can then move most of the devices consuming VLAN 1 ports to the unmanaged switch, and free up ports on the managed switch.
That means that I can make VLAN 2 bigger, and assign another port to an AP, just like how port 8 has been set up. Here's another really bad diagram of what I'm trying to achieve.
(click to view full-size)
If I downsized VLAN 1 to ports 1-3, then I could connect the unmanaged switch to port 1, and a server to port 3. Port 2 will remain unused for now. Devices connected to the unmanaged switch should be able to reach the server on port 3, but they should not be able to reach VLAN 2. I can also add ethernet sockets to the unmanaged switch. These should remain on VLAN 1.
With VLAN 2 scaled up to ports 4-6, a pfSense box will be connected to port 4. This will be the only device on VLAN 2 so far. I may add more devices to VLAN 2, but this VLAN is primarily for tablets, smartphones and similar devices.
On ports 7 and 8, I should be able to connect these to Ubiquiti UAPs. Untagged traffic should go to VLAN 1, and tagged traffic should go to VLAN 2.
I have a couple of questions.
Firstly is it okay to use an unmanaged switch on a VLAN? Would this even work, and if so, would the two VLANs remain isolated from each other?
Secondly, is this an acceptable practice? Remember, this is only a home network, and we're not trying to be more secure than MI6
.I hope someone here can help me, I actually have very little idea of what I'm doing, networking isn't my area of expertise.
I've tried my best to make this situation as easy to understand as possible. Please let me know if you'd like me to clarify anything further.
- Capt. Jack Sparrow.
Last edited:
.
.