Its not really a loop because the camera network is a separate static network. Its not like the BI machine has its interfaces bridged.
The two common ways is using a bridging router or use managed switches at both ends with the ports divided into two vlans and a cable patched across. Either way Mac filtering should be used, but of course if someone physically gets a hold of the switch at the gate they can figure out how to clone the mac address of the myQ and gain access. That is why securing the switch at the gate is more important than mac filtering.
I also want to point out since the camera on the camera network is statically address, so its not going to know the gateway address and if it did, it couldn't communicate because its on a 256 ip address subnet.
Yes exactly, there was no loops in the design I laid out on purpose so that it would all play nicely according to STP. According to the OP there is a very low probability of someone plugging into any of these ports at the pole (although the switch should still be physically secured). It seems far more important to secure everything against vandalism than a hacking attempt. The idea for the camera network is to deliberately keep it isolated behind the BI PC yet allow the internet data VLAN for MyQ to pass through the network on its way to the pole.
Last edited: