this post was submitted on 17 Dec 2023
7 points (100.0% liked)

Aotearoa / New Zealand

1656 readers
31 users here now

Kia ora and welcome to !newzealand, a place to share and discuss anything about Aotearoa in general

Rules:

FAQ ~ NZ Community List ~ Join Matrix chatroom

 

Banner image by Bernard Spragg

Got an idea for next month's banner?

founded 1 year ago
MODERATORS
 

Welcome to today’s daily kōrero!

Anyone can make the thread, first in first served. If you are here on a day and there’s no daily thread, feel free to create it!

Anyway, it’s just a chance to talk about your day, what you have planned, what you have done, etc.

So, how’s it going?

you are viewing a single comment's thread
view the rest of the comments
[–] TagMeInSkipIGotThis 3 points 11 months ago (2 children)

Hey - i've worked as a networking engineer for the last 15 odd years, so can probably assist :)

To give a good recommendation it'd help to know what stuff you have at home, how many devices, how far apart are they etc and what they are etc? Is it spread around the house, or mostly one room; and if the latter, do you have, or have room for a rack (of any size)?

There's all sorts of things a switch can do, it can be a Layer 3 switch and so do its own network/routing, or be a lot dumber and just extend a network you already have. It really depends what you buy & what you're plugging it into, and then how you end up configuring it.

[–] TagMeInSkipIGotThis 3 points 11 months ago (1 children)

Maybe for a bit of context for where i'm coming from, here's a rough description of my setup:

I have a couple of wireless access points, and a handful of network video cameras. Then, the usual domestic stuff - laptops, tablets, phones, tvs. After that, the less usual stuff, an unRaid box, a handful of raspberry Pis, a cluster of little EliteDesk Minis, and a bunch of esp32 based sensors.

For me, with the cameras & access points, it made sense to have something that was PoE capable. And because of the variety of things I have I wanted to be able to securely segment them at layer 3. I also wanted to be able to access stuff remotely so needed something that could work as a firewall as well. And I didn't want to pay any annual license fees or anything else, plus was on the bandwagon already.

So my network is quite simple, a UniFi UDM Pro, plus a USW 16. I have it in a small comms rack that sits under a desk as the only longish device is the unRaid box nothing else is deeper than a half depth on a normal rack.

[–] Ilovethebomb 3 points 11 months ago

I've got a UDM pro at home as well, currently just running two WAPs, but we plan to add cameras in the future when funds allow.

It's a brilliantly simple piece of kit.

[–] Dave 1 points 11 months ago* (last edited 11 months ago) (1 children)

Current setup:

  • Desktop tower attached to TV
  • Old Raspberry Pi for Pi Hole
  • Newish Raspberry Pi for Home Assistant
  • Old laptop as server for self hosting other stuff
  • Mesh wifi network with two access points connected over ethernet

This is just the stuff I'd like over ethernet. Currently everything is together in the TV cabinet (except one of the mesh access points) but probably ideally the desktop stays with the TV and the rest are parked somewhere more out of sight.

In your other comment you also mentioned cameras, we currently have none but I like the look of that setup where it messages you that a car just pulled into your driveway or a person is at your door, etc. Frigate stuff. So it would be good to future proof for that sort of thing too!

Edit: Oh one thing to add, I have a spare ISP router. Can it be used as a switch?

[–] TagMeInSkipIGotThis 3 points 11 months ago* (last edited 11 months ago) (1 children)

Re the ISP router; yes sometimes they can be configured to just act as a switch, but I wouldn't recommend it - can be a complete PITA to setup.

So looking at your current setup, you need 7-8 ports (one as backhaul to your router, possibly 1 extra for the TV); and for future growth you might need 1-4 more POE based ports for cameras. I'd recommend POE for Cameras & Access Points as it just makes installing them a hell of a lot easier.

You also don't need any network segmentation by the sounds of things, everything can sit & talk together. What is your current router / internet gateway?

Just editing to add that Frigate is exactly what I use; and I love it apart from its integration with Home Assistant for notifications which i've struggled to break free from.

[–] Dave 1 points 11 months ago (1 children)

You also don’t need any network segmentation by the sounds of things, everything can sit & talk together.

Currently. However, I have stuff like Nextcloud and Jellyfin that I may want to expose publicly at some point (currently using Tailscale). If I do that and also have cameras on the same network that starts to sound like a bad idea. Maybe segregating the network is a good idea?

What is your current router / internet gateway?

It's an ISP Huawei router. This is then plugged into a Ubiquiti Amplifi mesh base station, and then other things plus into either the router of the base station. The router and mesh setup have a bridged network so the router is the DCHP server for both (if I understand it correctly).

Just editing to add that Frigate is exactly what I use; and I love it apart from its integration with Home Assistant for notifications which I’ve struggled to break free from.

Do you know of any tutorials that tell you what to buy and how to set it up?

[–] TagMeInSkipIGotThis 2 points 11 months ago (1 children)

Ah cool - I basically access my home services in a similar way to you, I prefer to use the VPN as I don't trust my knowledge to secure things sufficiently if I was actually making them exposed.

I'd guess your Huawei box has 4 LAN ports, one of which is connected to the Amplifi base station, and given that's your wifi I don't think there's any need to worry about POE for the APs for now; that also reduces the ports you need down to 5-6 as well. The simplest thing to do for now is to just connect a switch into that and run with 1 VLAN until you need more.

Bang for buck, I like UniFi gear; its not fully featured for enterprise or business but does most of what you'd need. And there's not a big difference between the 8 & 16 port options for the Lite models: https://www.pbtech.co.nz/search?sf=unifi+lite+switch&search_type= You'd just need to run the UniFi Network application on something in order to configure it.

Alternatively you can go for something even dumber, which has the advantage of it being even cheaper: https://www.pbtech.co.nz/category/networking/switches?fs=9326997

The frigate documentation is pretty good, even has a recommended hardware guide: https://docs.frigate.video/

[–] Dave 1 points 11 months ago (1 children)

Thanks! TBH I was expecting a switch to be kinda like an adapter or splitter, to find they were hundreds of dollars was a bit of a shock. What's the (practical) difference between say this $70 switch and this $300 one? What am I getting for the extra $230, just PoE?

[–] TagMeInSkipIGotThis 2 points 11 months ago* (last edited 11 months ago) (2 children)

PoE adds a bunch to the cost, on pretty much any type of switch at any level. On some Enterprise gear for a 48 port switch it can sometimes be another $1k. Sometimes it'll come down to how many ports provide power, and what PoE standards they support. The newer, higher voltage standards typically will cost more. But especially in Enterprise, PoE gives huge flexibility, mostly for Wireless Access Points these days, but used to be that every desk would have a phone powered from the switch as well.

Anywho, other than that; there really isn't a massive difference between the two. Both will need something running the UniFi Network server for initial setup and management of them. It'd be an interesting experiment to see if they just worked without it though. Their management IP is usually a static in the 192.168.1.0/24 network and they default to using VLAN 1 for everything unless otherwise configured.

Alternatively you could meet in the middle and go with the Edge series from Ubiquiti, eg: https://www.pbtech.co.nz/product/SWHUBI31306/Ubiquiti-EdgeSwitch-XP-ES-5XP-5-Port-Gigabit-Manag

These don't require UniFi Network, you just log onto a web GUI to configure them which can be limited to only the MGMT port, and this particular model also does PoE, though probably only the older standard, not PoE+. I have one of them (the older version called ToughSwitch) and its been great. I'm pretty tempted to swap it for one of those Flex Mini's though - as that way I can manage it from my UniFi setup rather than having to do it manually.

Actually just an edit to clarify the adapter/splitter... Back in the day you could buy a Hub, that's closer to what I would call an adapter/splitter. The way they work is it effectively just turns one port into x ports, they're a very dumb usually completely unconfigured device. But on a hub, all ports share the same collision domain so overall performance is weakened especially if you have a lot of devices connected to hubs.

In a switch each port is its own separate connection, and it'll hold its own MAC address table to know how to get to things at layer 2. The difference is a hub is a bit like a party line (back in the analog days) where you could end up having one device talking over another. Whereas with a switch, every device has their own private line back to the cabinet.

[–] TagMeInSkipIGotThis 2 points 11 months ago* (last edited 11 months ago) (1 children)

Replying to myself now...

Eg this thing - i'd be very surprised if it isn't actually a Hub, rather than a switch: https://www.pbtech.co.nz/product/SWHMES11050/Mercusys-MS105G-5-Port-Gigabit-Desktop-Switch

And PBTech have a variety of others: https://www.pbtech.co.nz/category/networking/switches

I've seen some people run the Netgear / TPLink stuff - but they're not things i'd be confident in recommending. Cheap though - just steer clear of anything that's described as an "Unmanaged switch", its probably not much of a switch - ie it'll be single VLAN only, no trunking etc. Like basically a hub, but maybe with separate collision domain & its own MAC table.

[–] Dave 1 points 11 months ago (1 children)

just steer clear of anything that’s described as an “Unmanaged switch”, its probably not much of a switch - ie it’ll be single VLAN only, no trunking etc. Like basically a hub, but maybe with separate collision domain & its own MAC table.

Haha ok, the one I linked is a no then. I have no idea what half those words mean so it's a bit intimidating thinking about having to set it up!

[–] TagMeInSkipIGotThis 2 points 11 months ago

If you're confident enough to setup stuff like Frigate then working through the basic management stuff on something like the EdgeSwitch wouldn't be a stretch. The GUI is very friendly, it even puts cables in for the ports that have something plugged in:

[–] Dave 1 points 11 months ago (2 children)

I'm thinking I might go without PoE and just meet my current need, then add a PoE switch to support cameras if or when I get them.

I've been reading a bit on managed vs unmanaged switches, and it sounds like unmanaged switches are like managed switches but you just plug in your stuff and it works. There are no settings, but also there is no need to set it up. If I'm just out to allow more devices to join the network via ethernet, would something like this be suitable? I'm specifically doing it to improve the speed vs wifi so I don't want to make it worse 😆

[–] Panq 2 points 11 months ago (2 children)

I'm thinking I might go without PoE and just meet my current need, then add a PoE switch to support cameras if or when I get them.

That's more or less what I did when the dirt cheap AliExpress cameras died - just got a PoE switch from PB Tech and a small pile of Reolink cameras (RLC810A). Definitely the best value-for-money, and works well with Home Assistant. Way better than those stupid splitters or having a pile of individual POE injectors.

[–] TagMeInSkipIGotThis 2 points 11 months ago

I started off with a couple of UniFi cameras; and they're very good, but only the even more expensive ones supported the object detection stuff. So when I wanted to add some more given i'd switched to using Frigate anyway to detect humans vs spiders I ended up buying some of these - they're definitely not as good as the UniFi, and who knows how buggy/weak the software is, but they work well enough and good value.

https://www.amazon.com/Amcrest-5-Megapixel-NightVision-Weatherproof-IP5M-T1179EW-28MM/dp/B083G9KT4C/ref=sr_1_4?crid=1VULWG1O37SC3&keywords=amcrest+poe+camera&qid=1702921890&sprefix=amcrest%2Caps%2C362&sr=8-4

[–] Dave 1 points 11 months ago (1 children)

I'm new to home assistant and slowly adding things. Cameras are on my list but probably a while away!

[–] TagMeInSkipIGotThis 2 points 11 months ago (1 children)

I'm trying to remove as much stuff from Home Assistant as possible so I can turn it off. I have no interest in any home automation so its really just collating data that could be going direct to influx/prometheus and providing some of the most unreliable notifications for camera events ever.

Its supposed to only send me a push if my phone is not at home; but it just sends them all the time, even when the phone is in the at home state. I kinda hate it, purely for that.

[–] Dave 1 points 11 months ago

Haha oh I guess I will see how well it works when I get around to it then!

[–] TagMeInSkipIGotThis 2 points 11 months ago (1 children)

man, why is that one more expensive than the others, its only a 100M switch - that'd be slower than your wifi!

This one is only 8 ports, but at least they're Gigabit: https://www.pbtech.co.nz/product/SWHTPL1004/TP-Link-TL-SG108-8-Port-Gigabit-Unmanaged-Switch-S

And this would be the netgear equivalent: https://www.pbtech.co.nz/product/SWHNGR30830/NETGEAR-GS308-SOHO-8-port-Gigabit-Unmanaged-Switch

[–] Dave 1 points 11 months ago* (last edited 11 months ago) (1 children)

Ah didn't catch it's only 100M. I saw a review on the one you linked earlier that said they just plugged it in and it works, but it also has config options. However, everyone is powering it via PoE. Can I assume that means it needs another switch first to provide that power? I don't think the ISP router or the mesh APs provide PoE.

I'm thinking back in the direction of managed switch because I'm sure I'll be able to work it out, and it provides a learning opportunity. But I think that $70ish price point is what I'm aiming for rather than hundreds of dollars.

Edit: Maybe this one? It's netgear, seems it can configure itself but may also allow you to configure it? https://www.pbtech.co.nz/product/SWHNGR0025/NETGEAR-8-Port-Gigabit-Ethernet-Plus-Switch-GS108E

[–] TagMeInSkipIGotThis 2 points 11 months ago (1 children)

Yeah I think its a good option, especially if you can just plug it in & have it work too. Has 2 options for power:

Power Method

USB Type C, 5V 802.3af/at PoE (44 - 57VDC, 0.05 - 0.04A)

[–] Dave 1 points 11 months ago (1 children)

Ok I've ordered it, thanks for the help!

[–] TagMeInSkipIGotThis 2 points 11 months ago (1 children)

I'm struggling hard with FOMO and might have to order one for myself.

[–] Dave 1 points 11 months ago (1 children)

Haha I thought for sure you'd have much nicer stuff than this!

[–] TagMeInSkipIGotThis 2 points 11 months ago

I do, but it'd be nice to have a small box behind the TV to replace the ToughSwitch that's there now; which I can then deploy elsewhere for some other projects I have on the go.