Managed VS Unmanaged Switches and Support For InterVLAN Routing / Layer Three Switch Routing

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

Tom here from Warren systems and we're going to talk about managed and unmanaged switches and layer-3 networking when you need these different components in your network and part of it has to do of course with scale but there's a little bit more details that we want to dive into on this if you wanna learn more about me or my company however lorne systems comm if you'd like to hire us for a project there's a highest button at the top of our website if you want to participate in our forums and reach out and just have a say hi to us that's a great place to do it and below if you want to support the channel in other ways are lots of links to different affiliate products and affiliate services they give you a lot of discounts too and it be appreciative you want to click on any of those if you see something you like so networking start off with flat networks which is this crappy old d-link box and uh you know this is probably still lots of these floating around in people's houses undoubtedly internet comes in it's an integrated switch Wireless routing all in one box and starts your most basic level of networking right away people start wanting to upgrade and get something a bit better but this doesn't offer any type of network segmentation and this will be our flat network example and will going be spending very brief amount of time on that don't worry this represents a more complex network of even multiple switches here of different brands and a pfsense firewall so I do a lot of videos on this topic and I wanted to have some reference for when I say you know this type of switch or VLAN and things like that and just a basic explainer video so you have something to reference or I have something to reference and reply to people asking about well do I need a layer 3 switch you said that one supports VLANs but doesn't support layer 3 what does that mean so we're gonna make some assumptions and this is the layout I'm about to show you that's all going to be done in diagrams but I figured hey let's talk about the physical part we are going to be assigning two different VLAN IDs plus a native off of one physical port and that's the idea of virtual LANs is you encapsulate multiple virtual networks inside of one physical cable this is done because you may really have a physical cable that goes from here to the other side of my building and then there's a more computers over there and I need different types of traffic to get over there for different networks maybe you have a network for accounting a network for a design etc and you don't want them on the same network or you have your T Network is separate and you don't want that on there and especially in the industrial world we see industrial controllers that we need separated on different networks but we only have one what we may refer to as a backhaul line that gets to the back of the factory where that side it is and we don't have where the customer didn't really want to run all individual lines VLANs help facilitate that pre they're actually very efficient way to use a single cable but that does require manage which is to do that's where we're gonna start so we have this one port coming in and this is gonna have all and then it's gonna go to a this edge switch which does support VLANs and such but does not support layers to be routing then we have this mikrotik switch which does support both VLANs and layer 3 routing so these are just some examples we're not gonna dive deep into it this is more of an overview so you understand how they work not necessarily how you set up inter VLAN routing in a week or two so let's look at the diagrams here and start breaking things down now this is the basic flat unmanaged network with an unmanaged switch unmanaged switch like its namesake means there's nothing you really have to do to switch everything you plug into it just starts talking to everything else is plugged into it there's nothing else that really needs to be done there don't need to be configured out of the box they just make these two boxes talk to each other so we have one 92168 3.9 and 310 in the unmanaged switch they can easily ping and talk to each other and if they can't find something on these 3.0 slash 24 network here it routes out to the internet and a router firewall takes care of it from there really basic really simple this is how a lot of people's home networks are set up and then you although this switch and firewall are all integrated no dealing essentially that's what the dealings doing behind the scenes there's not really any management on the switch side of it when we get to something a little bit more extensive we have this here so the native VLAN ID tag of ones so the base without any VLANs is going to be 192 168 3.1 this is our router firewall represented at the beginning of the video like I said with a PF sense firewall just for example and it's going to be passing with a single cable all the traffic over to manage switch one which managed switch one is going to talk to manage which to and pass all the traffic all the VLANs everything across and manage switch to to manage is tree all the traffic all the VLANs all so anything I define in here and as long as I've programmed these switches to define VLAN 1 337 and VLAN 69 they will carry all the traffic over someone really like to point out that some unmanaged switches will not parse but pass VLAN traffic the difference is some do some don't I don't have a list of them but someone may point out that you could put an unmanaged switch sometimes in between and as long as it forwards and doesn't strip any of the traffic out of that VLAN yes it will forward it but a unmanaged which is not ideal and many times when I'm doing troubleshooting for people finding one of these in the mixed of here where someone thought to plug one in because they thought they were being helpful causes confusion because you'll just have missing VLANs down here it'll only forward VLAN 1 traffic because that's all it was designed to do but occasionally maybes because the chipsets they use they will forward some of the other traffic but not going to dive deep into that just a little note and something of note so when these devices we have VLAN ID 69 172 1669 dot 1 network / 24 this is what these are the assignments that the router would have as its LAN IP if you will and each one of these lands so VLAN ID of 1 337 has 10 dot 1337 dot 1/24 so things on the / 24 means it can talk to anything as long as that last octet right here is 1 to 254 it's able to talk to any of those devices so well one being the router C can reuse that once you get the idea this means that's going to be on that subnet so now here we have VLAN ID 69 so it's defined up here we've programmed our switches and I have a port and we assign it to VLAN 69 and it's given this box 172 16 6922 also plugged in to this switch is VLAN ID 69 172 69 23 their neighbors plugged in the same switch so when these two devices want to talk to each other they just go through the switch that's so that's simple they get whatever the full speed of the switches so let's assume this is a gigabit switch they can talk to each other at gigabit no problem because they're on the same switch segment what about this one over here well it can talk to it too but when VLAN ID 69 is pulled off a main switch or switching between and then this switch this is going to go let's say we had a packet original from here it's gonna go from here to here to here then over to here so now sharing the bandwidth assuming there's one wire between switch with any of the other traffic that's traversing across here same thing with this VLAN ID 1 3 3 7 10 13 37 66 plugged into managed switch here you can talk to this one but it's got to traverse all of these now what about this guy here 192 168 3.9 how does it handle the crowding if it wanted to get over to BL n ID 69 or over to this well because this isn't a local segment it's got to go from 192 168 3.9 all the way over here actually I just realize I have a typo this has to be a different IP address just in case someone calls me out on it it has to go from here 192 168 3.9 through manage switch 3 2 1 all the way up here to the firewall which hands off a rule because it says ok you're looking for the VLAN 69 Network then it redirects or to switch 1 which says no I don't have it nope I don't have it I don't have it but you want to get here so in order for this to work it's going through here 1 2 3 4 5 6 7 back over here so you can see there's a lot of traversal going on it happens really fast it's gonna happen at the line speed but if each of these is also doing things that also have to reverse all these switches you can start to end up with a bit of a problem where congestion happens you've just got so much traffic going through all these switches now someone may point out why isn't this more in a star design why are you showing switches across isn't normally one course switch then everything kind of goes out and a wheel spoke hub spoke style well yes but the real world sometimes doesn't let you do that ideally if you had your ability to design it and it was going to be implemented that way yes that's the most ideal so you're always trying to reduce the number of switches in between that is always the goal sometimes it's just not as feasible when you're running wires or the way the buildings are laid out when you're setting things up but this is where layer 3 switching kicks in so layer 3 switching would allow us to go from right here to right here this would have to be a layer 3 capable switch but that also means a couple other things you have to build the rule sets for that maybe you want it just to automatically connect the two subnets together no problem that's something very common with layer switches what if you had specific rules that I only needed a very specific machine to talk to a very specific other machine on this network but not all of them so now I have some really specific Packer packet filtering rules that are gonna go in between as well well in that case that's nice but it becomes another platform you have to manage so this is one of the reasons you'll see people settle on a single platform and try to really keep it that way with all their switches because they'll build these rules they'll copy and paste them between all the different switches uploading the same config so they're very uniformly done or whatever platforms are using me half a management platform that allows them to see all the rules because this sometimes has created problems when we've gone out and helped companies with networks that we didn't have passwords to and had to start reverse engineering things because we don't have any information about that network from the people who set it up originally and you'll find that you're like well it seems like this should route this way but every time someone tries to get out of a network it just goes somewhere else that's because of the routing rules that are defined in here this is something that when you're scoping out or re-engineering and taking over networks you have to make sure all these rules aren't there or you'll say hey I think I secured and separated your two separate networks and next thing you know two different offers can talk to each other because of some rule in some switch somewhere so it does create a little bit more complexity in terms of management but in the situation where I want these things to talk to each other without hopping back through each time it's definitely a really good thing to have when you want the layer three let's talk about this mikrotik seat RS 305 one gave for us in one review for port must have 10 gig switch I agree sir Tom did a great article they dive deep on the topic of the switch I just did a review of it myself and it does support layer 3 this though is one of the things at this 130 dollar price performance which I agree with them completely is great buy if you need 10 gigs but as you can see as you start to add features like IP filters and small packet sizes the switch goes to sub 1 gig speeds so this is an important aspect of when you're thinking about this that can the device the layer 3 device can't handle the speeds so it's not just a matter now when were equate one more piece to the equation when you're trying to buy a switch is hey this switch does 10-gig between ports that means it should route at 10 gauge that is different it doesn't necessarily do that so when you're trying to decide when you're doing a larger scale infrastructure network you then have to dive deeper into the capability to switch and maybe that's fine because you only a little bit of traffic like a printer I need a printer and I need the routing on these so the printer hops don't go all the way through the switches printers are generally low bandwidth devices you can put them on a separate network you can create very specific rules for them and I'm okay if printers have a lower bandwidth depending on the print volume of course but generally speaking printers aren't something high bandwidth same with some of your miscellany small iot devices maybe you want a limited amount of access across the VLANs and inter VLAN routing would maybe work for that where you have a very specific rule but they're low bandwidth because it just needs to send something if you packets over to kick something off like turn on a light so just one more piece in equation so do you need a layer 3 switch not that often until you start getting into the larger network with multiple hops on there because of the other challenges and once you go into a higher-end layer 3 switch because like I said once you offload some of the packet filtering stuff on there it has to be fast enough to do it or you didn't really move the bar and accomplish what you wanted to do of solving the hops problem and solving the bandwidth you just moved where the problem is um it's really dependent on your network needs now I encourage all these people with a home labs and one who I really need this go ahead and buy it's a great way to learn it's a great way to start plugging in because there's a lot to setting up a layer 3 switch for example you know goes out of scope of this talk but routing rules that have to be in to pass off the routes because just because you put the layer 3 rules in here you have to make sure the devices have the proper routing tables to become sure they understand how to get there and there's a whole different level of steps required to do this not something that's like I said on doable I don't want to make these things sound insurmountable but they're all the considerations you have to have when you're building these out so hopefully this clears up the layer 3 question that I get a lot does it do layer 3 and that's where even things like this edge which become kind of a do not every edge which does layer 3 and then unify I've covered numerous other switches and I know the new line doesn't have it yet but are supposed to be getting some layer-3 functionality on their Pro Series of the new unified gen 2 Pro Series so I'll be doing more videos on that I don't have that many actually I don't think I have any current layer 3 demos for any of the edge switches but also do note not every edge switch such as this one here the edge which connects even has that capability so something to consider is something to think about and thank you um continue the discussion over on the forums and or to leave some comments and I try to reply to all of them on here but I definitely reply to them on the forums thanks and thank you for making it to the end of the video if you like this video please give it a thumbs up if you'd like to see more content for the channel hit the subscribe button and hit the bell icon if you like youtube to notify you when new videos come out if you'd like to hire us head over to Lauren systems comm fill out our contact page and let us know what we can help you with in what projects you like us to work together on if you want to carry on the discussion hetero to forum style or insistence calm or we can carry on the discussion about this video other videos or other tech topics in general even suggestions for new videos they're accepted right there on our forums which are free also if you'd like to help the channel on other ways head over to our affiliate page we have a lot of great tech offers for you and once again thanks for watching and see you next time

Info

Channel: Lawrence Systems

Views: 167,766

Rating: 4.9319396 out of 5

Keywords: lawrencesystems, Layer Three Switch Routing, inter vlan routing, intervlan routing, multilayer switch, layer 3 switch, intervlan routing on layer 3 switch, multilayer switch inter vlan routing, multilayer switch explained, inter vlan routing multilayer switch, layer three switch, l3 switch, networking, multi layer switch, l3 switch vs router

Id: WqAqeS4tDL8

Channel Id: undefined

Length: 14min 44sec (884 seconds)

Published: Sun Jan 19 2020