Managed POE Switch Recommendations - Zyxel GS1900-8HP?

K

Kevin Rowell

n3wb
Dec 7, 2017
2
0
Hi Experts,

Long time lurker consuming the vast amounts of experience found here. I am currently running Blue Iris and 3 Amcrest 3MP domes off of an Amcrest 4 port POE switch. I plan on upgrading to multiple starlight cameras in the next month or so.

My network runs are in disparate locations currently. I have a long term plan to unify all of the runs to one location but out of reach for now.

-I have a closet where 5 drops terminate servicing the front main part of the house. This is where the 3 cameras are connected with the switch and BI server.
-I have a pair of cat5 running to a second closet as a backbone to the primary closet.
-From the 2nd closet I have 8 drops to service the garage and most of the back yard.

-The plan is to utilize a pair of 8 port POE switches in each closet and use Link Ag to tie both together plus one Link Ag to my Asus router.
-I will create 2 VLANs to separate out the camera traffic from the family/normal traffic.

The Zyxel GS1900-8HP has been mentioned here as a solid choice. Is this still the case?
I am also looking at the Netgear GS408EP and the TP-Link TL-SG108PE v2.
-All three allow 2 or more Link Ags, which I will need one of these to bond with my ASUS and will have another Link Ag to the remote switch.

Thoughts, experiences?
 
Kevin Rowell said:
Hi Experts,

Long time lurker consuming the vast amounts of experience found here. I am currently running Blue Iris and 3 Amcrest 3MP domes off of an Amcrest 4 port POE switch. I plan on upgrading to multiple starlight cameras in the next month or so.

My network runs are in disparate locations currently. I have a long term plan to unify all of the runs to one location but out of reach for now.

-I have a closet where 5 drops terminate servicing the front main part of the house. This is where the 3 cameras are connected with the switch and BI server.
-I have a pair of cat5 running to a second closet as a backbone to the primary closet.
-From the 2nd closet I have 8 drops to service the garage and most of the back yard.

-The plan is to utilize a pair of 8 port POE switches in each closet and use Link Ag to tie both together plus one Link Ag to my Asus router.
-I will create 2 VLANs to separate out the camera traffic from the family/normal traffic.

The Zyxel GS1900-8HP has been mentioned here as a solid choice. Is this still the case?
I am also looking at the Netgear GS408EP and the TP-Link TL-SG108PE v2.
-All three allow 2 or more Link Ags, which I will need one of these to bond with my ASUS and will have another Link Ag to the remote switch.

Thoughts, experiences?
Click to expand...

Aside from picking the managed switches you mention, you should draw two topologies of your network:
- physical one: this seems to be quite "final", as you have opted for dual path (link ag).
- logical one: you mention vlans (which are just fine!), but you state (only) 2. Can you explain why (only) 2? How do you plan to deploy those? Do you want inbound/outbound (limited?) access from your WAN into 1 (or more) vlans? Will you employ VPN? These kind of questions will help you draw your logical topology: where is your WAN IP coming in. Will it fall into a vlan already? Has each vlan its own gateway? Will you use firewall/routing/QoS on each or any vlan? DHCP in each (or any) or the vlans? Make your topology as extensive as possible, it will definitely help to configure your network. As you might have guessed, I am missing a crucial part in your network devices mentioned above, as you might not (yet) have a L3 switch (nor a L2 router) - you ASUS might do the job, but I personally ditched my ASUS from the vlan hocus pocus as it was limited, and use an ER-X (from ubiquity) today.

Good luck!
CC
 
  • Like
Reactions: windguy
Hi Catcamstar,

Thanks for the detailed response. That has given me much to think about.

I have an Asus RT-AC88U which has been rock solid for wifi and internet connection (ATT Giga-Speed). It can handle one Link Ag. The Asus firmware does not support VLANs.
Looks like the merlin opensource firmware will allow it through SSH. Something I need to consider.

After contemplation, I would need 5 VLANs to start with:
-I want to separate the IP Cameras and isolate them to the LAN only.
-I have a Ring alarm and 4 Ring cameras. I prefer to isolate these and put them on a separate wifi network (physical) to maximize wifi signal and allow outbound traffic to the Ring cloud.
-IoT VLAN for future Hubitat or HomeSeer (also hardened for limited external access where needed).
-General purpose for family use streaming, xbox and browsing (might isolate my son's xbox and gaming rig)
-Guest VLAN and wifi.

For hardware, that is why I am here. I want to maximize my value/quality on the purchase. Given the physical layout and location I need to acquire the hardware to make it happen.
"Smart Switches" (Layer 2) are fine as I delve deeper into the networking side.
If I can get the Asus with Merlin firmware working I can play with that. That reduces one item I need to purchase (for now).

Is the Ubiquity EdgeRoute Lite worth it? Maybe just to have the native VLAN control? SNB tests show it hangs with the Asus 53000 for routing :) Ubiquiti EdgeRouter Lite Revisited - SmallNetBuilder - Results from #1

My pocket book stings a bit if i try to keep it in the Ubiquity family. Their POE 8port switch is $175 (today's price).
I can get a 2for1 going with the Zyxel GS1900-8HP or the TP-Link TL-SG108PE v2
With my physical layout with link ag, I am giving up 7 ports (3 Link AG and the BI) so a 16 port switch would be better. Don't you know Zyxel does not make a 16, gotta go up to 24. TP-Link makes a 16 (TL-SG1016PE).

Thoughts and recommendations ?
 
I just ordered my 3rd 1200 managed switch. The first 2 i bought when i came to this site are still running strong with all poe ports being used, one being poe+. I think they are 3-4 years old. I'm a fan.
 
I'm not in a qualified position to make recommendations on the POE switches (as I bought mine cheap ass on an auction).

On the other side, I have (some) good news for you: your ASUS (despite mine AC87U) does have "full" support for vlans: Getting vlans to work on an RT-AC88U

Which means you do not necessarily require additional routing stuff.

Interesting link you showed on the ER-Lite! You compare (bits and pieces) here too: Ubiquiti - Simplifying IT --> I opted to start with the ER-X (it has larger 64k throughput and port spanning back in the days which the Lite couldn't do - not sure if that is still the case or not). A "Lite" costs 3 times the ER-X.

Tons of choices, tons of alternatives, and let's be honest, with a vlan-based design, you can't really mess up stuff :)

Good luck!
CC

PS. tip-of-the-day: keep a backdoor (eg vlan 1) as administration vlan which propagates to your managed switches in case you loose access through troubled routing/firewalling.
 
Last edited:
  • Like
Reactions: Arjun
You must log in or register to reply here.
Top Bottom