What about managed switches for vlan?

foghat

Young grasshopper
Joined
Sep 20, 2019
Messages
85
Reaction score
19
Location
Alberta
HI,

I see a lot of talk/suggestions here about setting a vlan up via the router.

Would using a managed switch work as well? Doing something like suggested here:


Part of the reason using a switch is attractive to me is:
1. My cable modem's bridge mode does not seem to work. When it is in bridged mode, any router I connect to it, does not get internet access. Of course, I can work with the isp to get this addressed.
2. After all the intro and explanations in the link above, looking at the 'Creating vlans on a Netgear switch' section, seems so straight forward.

If a router is absolutely the way one needs to go, which router offers the easiest way to get segregated ipcams up and running properly? I've seen some very thorough documentation written by a member here on configuring the ubiquiti EdgeRouter - it does appear to be a somewhat complex process. At least to my 'not much network experience' eyes.

Thanks.
 

mikeynags

Known around here
Joined
Mar 14, 2017
Messages
1,034
Reaction score
939
Location
CT
@foghat I would look at separating the two. Especially if you are not comfortable with networking. I would get some type of router setup, whether that be an Asus, TP Link etc. router and look at creating your VLANS at the switching layer. Of course, I have no idea how your network is setup so, you ask 10 people you may get 10 different answers. By separating the routing requirement from the VLAN requirement, I think you'll be in a more stable place once you get things sorted.
 

foghat

Young grasshopper
Joined
Sep 20, 2019
Messages
85
Reaction score
19
Location
Alberta
Thanks.

My home network is pretty basic (I think). Sitting in my basement: Cable modem (acting as router, wifi turned off) --> 16 port switch sitting right next to modem --> panel in the wall (routing ethernet to rest of house). I have a router on the main level that is acting only as a wifi access point and number of small switches throughout the house.
 

mikeynags

Known around here
Joined
Mar 14, 2017
Messages
1,034
Reaction score
939
Location
CT
I prefer having it all separated. Modem ==> router ==> switch.

Having the modem do just one role will help prevent against a change the cable company makes that could break the rest of your network. They did that repeatedly to my mother-in-law and so I bought her a wifi/router combo and split the role off of the cable modem and have no issues since.
 

catcamstar

Known around here
Joined
Jan 28, 2018
Messages
1,659
Reaction score
1,193
I agree with the previous posts. If you can "manage" your own core router (or to name it like Ubiquity's "EdgeRouter" model), you can easily switch providers or even better: you can create redundant ISP uplinks if you want to (eg with an Android phone, you can "upgrade" your ASUS router to dial up to 4G when your cable ISP goes down). If you hook up such a system to a UPS, you will never loose any push notification from your IPC environment.

Good luck!
CC
 

foghat

Young grasshopper
Joined
Sep 20, 2019
Messages
85
Reaction score
19
Location
Alberta
@foghat I would look at separating the two. Especially if you are not comfortable with networking. I would get some type of router setup, whether that be an Asus, TP Link etc. router and look at creating your VLANS at the switching layer. Of course, I have no idea how your network is setup so, you ask 10 people you may get 10 different answers. By separating the routing requirement from the VLAN requirement, I think you'll be in a more stable place once you get things sorted.
I somehow missed this when I first read your reply - so it sounds like using a managed switch to create the vlan (as per the linked article) vs. doing it at the router is an acceptable way to go?

I prefer having it all separated. Modem ==> router ==> switch.

Having the modem do just one role will help prevent against a change the cable company makes that could break the rest of your network. They did that repeatedly to my mother-in-law and so I bought her a wifi/router combo and split the role off of the cable modem and have no issues since.
I agree with the previous posts. If you can "manage" your own core router (or to name it like Ubiquity's "EdgeRouter" model), you can easily switch providers or even better: you can create redundant ISP uplinks if you want to (eg with an Android phone, you can "upgrade" your ASUS router to dial up to 4G when your cable ISP goes down). If you hook up such a system to a UPS, you will never loose any push notification from your IPC environment.

Good luck!
CC
Ya, I used to always use a seperate router, but a couple years back I upgraded my internet plan which ended up requiring a new modem. Like I said in my first post, the bridge mode on that modem does not seem to work - after a couple of hours of trying to get internet to the stand alone router, I basically said screw it and just let the modem do router duty.

It has been a couple of years, perhaps I will try bridge the modem again and see what happens - not sure if firmware updates are automatically pushed to the modem - there certainly does not seem to be a way to manually update the firmware.
 

foghat

Young grasshopper
Joined
Sep 20, 2019
Messages
85
Reaction score
19
Location
Alberta
Not sure if it makes difference one way or the other, but my cable modem assigns a 10.0.0.xx ip addresses. Guess that may come in handy as I believe the dahua default to 192.168.xx?
 

mikeynags

Known around here
Joined
Mar 14, 2017
Messages
1,034
Reaction score
939
Location
CT
Not sure if it makes difference one way or the other, but my cable modem assigns a 10.0.0.xx ip addresses. Guess that may come in handy as I believe the dahua default to 192.168.xx?
Yes - but in the method we've been chatting about where you put a router in place, that will get your cable modem out of the business of handing out DHCP addresses to your local network. You'll definitely need to plan what you want your network to look like long term as it will guide how and what you purchase to make that happen. There is a ton of info in the wiki and searchable here on the forum about network VLANS and separating out camera traffic from your network. Another thing you'll want to do is not allow your cameras Internet access. Plenty of topics here on that as well.
 

foghat

Young grasshopper
Joined
Sep 20, 2019
Messages
85
Reaction score
19
Location
Alberta
Yes - but in the method we've been chatting about where you put a router in place, that will get your cable modem out of the business of handing out DHCP addresses to your local network. You'll definitely need to plan what you want your network to look like long term as it will guide how and what you purchase to make that happen. There is a ton of info in the wiki and searchable here on the forum about network VLANS and separating out camera traffic from your network. Another thing you'll want to do is not allow your cameras Internet access. Plenty of topics here on that as well.
Right. Agreed, if I start using a stand alone router, I will likely be off 10.0.0.xx.

I have always been thinking about using a PoE nvr - I am just finding out it sounds like most PoE nvr's put the cameras on a separate physical network.


I am now trying to determine if all this router/managed switch 'security' configuration essentially goes away if one uses a PoE nvr. Aside, I assume, from still using a vpn when connecting to your cameras remotely.
 
Top