Thanks Tom.  Like my customer's other facility, the POS system (private) uses static IP. VOIP is a first for me.  Public would require DHCP.  I also need wireless.  The reason I started this thread in the SWITCH area is because apparently Comcast will not allow you to put their router in bridge mode.  They claim they cannot do any remote troubleshooting.  Ideally, if I could just use the Comcast equipment for the modem, I assume I could then move to one of the RV wireless routers and be done.  Perhaps another Comcast business customer will chime in with their experience but scanning DSL Reports forum, it looks like Comcast is pretty strict about how you use the SMC equipment.

The problem I see, would be if I need DHCP on the private wireless side.  I thought the idea of a managed switch was the ability to have mutliple DHCP.  Am I wrong?  I just don't want to go down the path of using multiple routers like I am at the other facilities, although I'm only using 1 DHCP.

Another thing that I'm not clear on with respect to VLANs was that I thought in researching, it said each VLAN had to be on it's own switch.  That will not be practical for me as the facility is old and I have to consolidate network runs in a couple separate places.  I would have a switch in each consolidation area and then go from the switch back to the router.

Continuing, I thought I read where to enable the separate VLANs to access the internet, you would set up a VLAN just for the internet and have all the other VLANs "belong" to that port.  Then you just plut the SMC into that port.  Unfortunately, I didn't bookmark the articles I'm referring to so I may have misunderstood.

So should I try to pursue trying to use the SMC modem/router as just a modem and by a router with the ability to have multiple DHCP with an integrated managed switch or use the SMC as delivered and get a managed swich?

Thanks again for your help.

Ken

Hi Terp,

For ease of deployment and management I always feel it is better to have a router that compliments the switch.

When you are using a router that does not support vlans, subinterfaces, multiple subnet functions, etc, it makes separating traffic somewhat difficult. The reason being, if the router does not support any features, the only way to accomplish multiple subnets/vlans is with another layer 3 device and using static routes on the router to tell those subnets how to route to the correct place.  This is also why routing protocols were invented.

For ease of management and equipment overhead, I think it is also agreeable that it is very nice to have a router that will support vlan dhcp. Reason being, setting up a DHCP server or maintaing the extra equipment just for this functionality seems impractical for a basic deployment.

-Tom
Please mark answered for helpful posts

So given that you would recommend...

Thanks Tom.

Ken

Below is a crude drawing of my infrastructure.  It's very similar to my other locations primarily because I cater to the restaurant business.  Up to now, I've simply been using 2 cheap routers to create 2 subnets.  I'd like to step up in this new facility to some better suited equipment. My dilemma as explained above is that this is an old building so home runs to a single location is not possible.  The term "CONS" means consolidation. I basically have 3 consolidation points.  In these locations will be runs from PC workstations and IP cameras.  On the public side, the BOILER CONS exists as well as the 3 WAPs and the hardwired jacks.

What I don't understand with respect to VLANs and managed switches is will every switch in the footprint need to be a managed switch.  I guess I thought if I used port based VLANs in the router/switch, anything I plugged into that port (another basic switch) would by default be in that VLAN.  I'm not sure I want to purchase 4 managed switches along with a router with a managed switch.  That's getting pretty expensive and I'd probably go back to the 2 subnet solution.

Thanks for your help.

Ken

Terp, cool drawing. That looks pretty good.

You are right if you use a port base vlan, whatever connecting to the manage switchport will only be that vlan member.

So if you have your main switch at BAR CONS with a vlan 10 untagged connecting to an unmanaged switch at OFFICE CONS the OFFICE CONS will be only vlan 10 subnet member.

The real concern isn't necessarily the lay out. The concern is the manage switch interacting to the router. Which is where my original post expresses concerns.

If you have some generic router box that does not support vlans, subinterfaces, etc then the manage switch must be a layer 3 device. When this happens, the generic router box will require a static route to be pointed at the manage switch's vlan interfaces to allow all other vlans to get out to the internet.

If you have a router that supports vlans like a RV180 or RV220 then its just as simple as to create the vlan ID, verify the DHCP scope then assign a trunk link with all vlans assigned to the link on the manage switch side and router side.

-Tom
Please mark answered for helpful posts

Thanks Tom.  Comcast told me we could buy a Motorola Sufrboard modem or I could disable DHCP and firewall in the SMC.  I would then buy a RV router.  I'd like the wireless version but only if I could assign the wireless to the public VLAN only.  Is that a capability of the RV?  What are the primary differences between the 180 and 220?

So if I purchase a RV180 or 220, I can basically use the SF100D in each of the 4 locations that I show SWITCH?  I only have one internet connection, problem?  Lastly, since there are no permanent PCs on the PUBLIC side, how do I manage the APs?

Thanks again.

Ken