I really enjoyed the Know how on networking

[G+_telly coleman]

I really enjoyed the Know how on networking. I am way over my head with my self instillation. I am a networking IT novice. I took Leo's advice and installed conduit in my house and 2 Ethernet lines hardwired in every room of my house. My coat closet turned into a network closet. In it i have an asus RT-AC5300 connected to a 48 port netgear switch GS&48Tv5. to that switch I have connected a Synology Nas exactly like the one mention on know how. I use this for surveillance only and have 4 POE cameras hooked to a 10 port netgear POE switch.(the Poe switch is connected directly to another port on the Asus router not to the 48port switch) I basically have done very little to the switch as far as settings because like i said i have no knowledge of enterprise hardware. I have 1) turned of DHCP on my 48 port switch let the router handle that

2) Updated firmware on everything

3)set my statin IP outside of the DHCP range

Do i need to set up VLANS?

is ther anything else that needs to be done?

Thanks

[G+_Chris Druif (Automated]

VLANs have multiple purposes in the Enterprise world. However with the rise of IoT (or better named IoIT; Internet of Insecure Things) VLANs start to have a real purpose in home networks. With VLANs you can separate parts of your network so that they can't (easily) reach each other. And because a lot of those IoT devices aren't very secure you'd want them on a separate network to make sure you don't infect the rest of your device. The linked episode of Security Now talks about how to separate IoT from the rest of the network by using 3 routers but VLANs do the same thing in one device, but it also talks about the why you should do it (if memory serves me)

twit.tv - Security Now 545 Three Dumb Routers | TWiT.TV

[G+_Jason Perry]

Here is my reluctance with putting VLANS into practice on my network. The ideal situation is to put everything on their own VLANS, separate everything. I put things on my network to be used. Until I am confident that I can accomplish both segregation, and interaction, VLANs are no more than a concept I play with when I have time.

 

I am hoping at the completion of this networking series Fr. Robert Ballecer, SJ? explains how he accomplishes this on his network.

[G+_telly coleman]

I agree, there are so many setting I just leave them alone. What is aggregate network managemwnt ????? I need help

Fr. Robert Ballecer, SJ

[G+_Benjamin Webb]

Guys most IOT is wireless. VLAN is useless unless he has a separate access point connected to it. What he would want is isolated guest wireless SSID if that router supports it.

 

I run two of them on my homemade router one at 2.4 ghz and another at 5.0 ghz. I also put them on separate DHCP servers for each much like a VLAN except for wireless. This is probably overkill.

[G+_Ben Reese]

Benjamin Webb Ubiquiti access points will do multiple SSIDs with a different VLAN for each one. Would a higher end router like the RT-AC530 he mentioned do the same?

 

I've been interested in vlans for a long time, just haven't been real successful configuring them. I'm sure part if my problem is that the DD-WRT interface leaves a lot to be desired for the more advanced stuff.

[G+_Benjamin Webb]

Ben Reese Might want to look at openwrt as interface is much more powerful. Setup is very user unfriendly though. With mine had to telnet in to install web interface. The documentation is mostly for the command line interface for SSH. Found almost all settings available in web interface once you get it going. It does complain about self signed https cert though with web browser.

[G+_Ben Reese]

Benjamin Webb? self-signed web certs seem common. At least it's using https. Signed certs for local IPs just really isn't possible. Could open it to the WAN side and get a domain name for it, but then you have a public-facing configuration...

 

I'll probably check out OpenWRT sometime to see how it compares.

[G+_Benjamin Webb]

Have mine running IPv6 although still trying to figure out the configuration for Android. Having DNS troubles. Wife's IPhone works fine.

[G+_Fr. Robert Ballecer, SJ]

Sorry guys... We are most definitely not getting to VLANs in the Net101 series. (Perhaps in the 102 series in August)

[G+_Benjamin Webb]

Fr. Robert Ballecer, SJ Feel free to add ipv6 on your 103 series lol. I specialize in troubleshooting communication issues on ipv4 and serial on SCADA systems for a living.

 

Trying to get a good practical knowledge down by building my own router but between all the temporary addresses and the different implementation methods I feel I can get something that works but will never be able to troubleshoot failures as my understanding is shallow.

 

Usually run into engineering specifications in legalese if I try to dig further.

 

If someone could actually explain this stuff out it would be extremely helpful. Nothing like entering ifconfig and having 6 ip addresses with very little explaination.

 

Realize a small portion would be into this so understandable if does not make the show. I have to be king nerd in SCADA land as there is nobody above me to figure it out.