Network switch question
-
I'm looking for network switch where I can specifically block a physical port from communicating to another physical port on the switch. For example, the library computers at the school might be plugged into ports 1 & 2. I don't want those ports talking to ports that, say, the financial computers in the admin office are plugged into. Is there such a thing? Is this a viable approach? Marc
People are just notoriously impossible. --DavidCrow
There's NO excuse for not commenting your code. -- John Simmons / outlaw programmer
People who say that they will refactor their code later to make it "good" don't understand refactoring, nor the art and craft of programming. -- Josh Smith -
I'm looking for network switch where I can specifically block a physical port from communicating to another physical port on the switch. For example, the library computers at the school might be plugged into ports 1 & 2. I don't want those ports talking to ports that, say, the financial computers in the admin office are plugged into. Is there such a thing? Is this a viable approach? Marc
People are just notoriously impossible. --DavidCrow
There's NO excuse for not commenting your code. -- John Simmons / outlaw programmer
People who say that they will refactor their code later to make it "good" don't understand refactoring, nor the art and craft of programming. -- Josh SmithPerhaps you need to look at VLANs[^]? The more enterprisey switches will have VLAN features.
Stability. What an interesting concept. -- Chris Maunder
-
Perhaps you need to look at VLANs[^]? The more enterprisey switches will have VLAN features.
Stability. What an interesting concept. -- Chris Maunder
Mike Dimmick wrote:
Perhaps you need to look at VLANs[^]?
Ah, thanks! The switch the school has supports VLANs. Wasn't quite sure what they were. You know the kind of documentation where it walks you through the admin screens without telling you what the heck the technology actually does? Well, that's how these docs (a Linksys product) are written. Marc
People are just notoriously impossible. --DavidCrow
There's NO excuse for not commenting your code. -- John Simmons / outlaw programmer
People who say that they will refactor their code later to make it "good" don't understand refactoring, nor the art and craft of programming. -- Josh Smith -
I'm looking for network switch where I can specifically block a physical port from communicating to another physical port on the switch. For example, the library computers at the school might be plugged into ports 1 & 2. I don't want those ports talking to ports that, say, the financial computers in the admin office are plugged into. Is there such a thing? Is this a viable approach? Marc
People are just notoriously impossible. --DavidCrow
There's NO excuse for not commenting your code. -- John Simmons / outlaw programmer
People who say that they will refactor their code later to make it "good" don't understand refactoring, nor the art and craft of programming. -- Josh SmithIve been revising for my Networking exam all day. I just came here to get away from it. Thanks. ;P
-
Mike Dimmick wrote:
Perhaps you need to look at VLANs[^]?
Ah, thanks! The switch the school has supports VLANs. Wasn't quite sure what they were. You know the kind of documentation where it walks you through the admin screens without telling you what the heck the technology actually does? Well, that's how these docs (a Linksys product) are written. Marc
People are just notoriously impossible. --DavidCrow
There's NO excuse for not commenting your code. -- John Simmons / outlaw programmer
People who say that they will refactor their code later to make it "good" don't understand refactoring, nor the art and craft of programming. -- Josh Smith -
Ive been revising for my Networking exam all day. I just came here to get away from it. Thanks. ;P
Nnamdi Onyeyiri wrote:
Ive been revising for my Networking exam all day. I just came here to get away from it. Thanks.
You're welcome, hehe. But you didn't give me an answer! I would think you of all people should know! Marc
People are just notoriously impossible. --DavidCrow
There's NO excuse for not commenting your code. -- John Simmons / outlaw programmer
People who say that they will refactor their code later to make it "good" don't understand refactoring, nor the art and craft of programming. -- Josh Smith -
I'm looking for network switch where I can specifically block a physical port from communicating to another physical port on the switch. For example, the library computers at the school might be plugged into ports 1 & 2. I don't want those ports talking to ports that, say, the financial computers in the admin office are plugged into. Is there such a thing? Is this a viable approach? Marc
People are just notoriously impossible. --DavidCrow
There's NO excuse for not commenting your code. -- John Simmons / outlaw programmer
People who say that they will refactor their code later to make it "good" don't understand refactoring, nor the art and craft of programming. -- Josh SmithAny managed switch( Layer 2) with VLAN will will do. I suggest Allied Telesyn for this. They are cheap and has good documentation. http://www.alliedtelesyn.com/[^]
Tapas Shome System Software Engineer Keen Computer Solutions 1408 Erin Street Winnipeg, Manitoba Canada R3E 2S8 http://www.keencomputer.com
-
I'm looking for network switch where I can specifically block a physical port from communicating to another physical port on the switch. For example, the library computers at the school might be plugged into ports 1 & 2. I don't want those ports talking to ports that, say, the financial computers in the admin office are plugged into. Is there such a thing? Is this a viable approach? Marc
People are just notoriously impossible. --DavidCrow
There's NO excuse for not commenting your code. -- John Simmons / outlaw programmer
People who say that they will refactor their code later to make it "good" don't understand refactoring, nor the art and craft of programming. -- Josh SmithUm...why in the world? You do know you can buy a two hubs for next to nothing at a fraction of the cost of a switch instead and never have this problem at all? Un-necessary switches are rampant these days. The networking hardware companies must be laughing all the way to the bank.
"110%" - it's the new 70%
-
Um...why in the world? You do know you can buy a two hubs for next to nothing at a fraction of the cost of a switch instead and never have this problem at all? Un-necessary switches are rampant these days. The networking hardware companies must be laughing all the way to the bank.
"110%" - it's the new 70%
the switch he has, has the vlan function he needs. why buy more switched when you can impliment it at the moment using an advanced feature of the existing switch?
-
I'm looking for network switch where I can specifically block a physical port from communicating to another physical port on the switch. For example, the library computers at the school might be plugged into ports 1 & 2. I don't want those ports talking to ports that, say, the financial computers in the admin office are plugged into. Is there such a thing? Is this a viable approach? Marc
People are just notoriously impossible. --DavidCrow
There's NO excuse for not commenting your code. -- John Simmons / outlaw programmer
People who say that they will refactor their code later to make it "good" don't understand refactoring, nor the art and craft of programming. -- Josh SmithNot exactly sure what this has to do with coding... but what the heck: You have two venues: 1. You can use VLANs, but then you'll have to configure VLAN trunks between your switches if you have several. Also note that there can be NO communication at layer 2 between VLANs, you have to connect the VLANs using a router or firewall if there are legitimate interoperability needs. VLANs are a logical equivalent of physically separated networks - two VLANs equals two switch structures and so on... The terminology you need to be aware of is: = VLAN: Virtual LAN = Egress: Outbound traffic from a port. = Ingress: Inbound ... Some switches (cheap HPs) mention "ingress filtering", meaning that packets not belonging to any of the configured VLANs will get dropped. = Access port: Port that send and receive only untagged packets, implicitly belonging to a specific VLAN. = Trunk port: Port that send and receive tagged packets, explicitly belonging to the VLAN they're tagged with. Can also send and receive untagged packets, implicitly belonging to the port's native (or default) VLAN. = Tagged: Packets on a "trunk port" extended with "tags" with a VLAN ID, telling the receiving device which VLANs the packets belong to. Tagged packets are only understood by VLAN-capable layer 2 devices and are normally stripped on ingress and added on egress. There are exceptions to this rule, and the most important one is fiber media converters. These are normally "VLAN transparent", meaning that they forward the VLAN tags unmodified. Beware of media converters that aren't - they will break your trunks. = Untagged: Normal packets with no VLAN information. Implicitly belongs to the native VLAN of the sending and receiving device (this may or may not be the same VLAN ID, although the latter is normally considered a misconfiguration). = Native VLAN: The VLAN that a port implicitly belongs to. Also called default VLAN sometimes, but this can be a bit confusing - see default VLAN. Some switches describes this by saying that a port "belongs" to a VLAN. = Default VLAN: VLAN number 1. This is the VLAN all ports initially have as native VLAN unless configured otherwise. = CDP or LLDP: Cisco Discovery Protocol or Link-Layer Discovery Protocol (the latter is a standardized evolution of CDP). Things that will bite you if two connected ports don't agree on native VLAN. Using this protocol, switches exchange basic configuration information in order to detect duplex/speed mismatches and VLAN mismatches. A VLAN mismatch normally results in a port
-
Um...why in the world? You do know you can buy a two hubs for next to nothing at a fraction of the cost of a switch instead and never have this problem at all? Un-necessary switches are rampant these days. The networking hardware companies must be laughing all the way to the bank.
"110%" - it's the new 70%
Both networks need access to the Internet, and there's a single point for entry to the Internet. If my understanding of hubs is correct, there is no blocking of communication at all. We currently have a switch (courtesy of the people who installed the network but may not really have gotten the right equipment). The switch supports VLANs, which looks like it'll do the job. Actually, do you know how hard it is to find a hub nowadays? Impossible. Routers are disappearing as well. All you can pretty much find are switches! Marc
People are just notoriously impossible. --DavidCrow
There's NO excuse for not commenting your code. -- John Simmons / outlaw programmer
People who say that they will refactor their code later to make it "good" don't understand refactoring, nor the art and craft of programming. -- Josh Smith -
the switch he has, has the vlan function he needs. why buy more switched when you can impliment it at the moment using an advanced feature of the existing switch?
I didn't say buy more switches I said buy a hub, you can get them for 20 bucks these days, if that doesn't make more sense than a complex and fragile setup on a much more expensive and unnecessary piece of equipment I'll eat my hat.
"110%" - it's the new 70%
-
Both networks need access to the Internet, and there's a single point for entry to the Internet. If my understanding of hubs is correct, there is no blocking of communication at all. We currently have a switch (courtesy of the people who installed the network but may not really have gotten the right equipment). The switch supports VLANs, which looks like it'll do the job. Actually, do you know how hard it is to find a hub nowadays? Impossible. Routers are disappearing as well. All you can pretty much find are switches! Marc
People are just notoriously impossible. --DavidCrow
There's NO excuse for not commenting your code. -- John Simmons / outlaw programmer
People who say that they will refactor their code later to make it "good" don't understand refactoring, nor the art and craft of programming. -- Josh SmithMarc Clifton wrote:
Both networks need access to the Internet,
Ahh..you didn't say that before, kind of a key detail. :)
Marc Clifton wrote:
Actually, do you know how hard it is to find a hub nowadays?
News to me, last time I checked they were dirt cheap and there were at least 5 different models of them in the office supply store a couple of months ago.
"110%" - it's the new 70%
-
I'm looking for network switch where I can specifically block a physical port from communicating to another physical port on the switch. For example, the library computers at the school might be plugged into ports 1 & 2. I don't want those ports talking to ports that, say, the financial computers in the admin office are plugged into. Is there such a thing? Is this a viable approach? Marc
People are just notoriously impossible. --DavidCrow
There's NO excuse for not commenting your code. -- John Simmons / outlaw programmer
People who say that they will refactor their code later to make it "good" don't understand refactoring, nor the art and craft of programming. -- Josh SmithFlash new firmware from http://openwrt.org/[^]. This will make your router extremely flexible - not only allowing you make VLANs ad ultimum, but also make it act as HTTP server and lots of other stuff. I am really satisfied with that.