Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3653
Views
5
Helpful
2
Replies

How to set-up SG300-10

LeoTech01
Level 1
Level 1

‎11-17-2015 10:22 AM

Hi,

I have just got a SG300-10 switch for a home setup and I'm not sure how to set it up. I've read quite a bit on various forums but most of it seems to be quite a few years out of date. For example, I spent a while trying to get a serial connection to work as I had read that you could only switch from layer 2 to layer 3 via the serial menu system. But I found that is no longer the case and the "menu" command no longer seems to exist.... or I'm doing something massively wrong!!!

So I hope someone can answer some questions for me?

Firstly, I should explain that the SG300 will be in my study where my router, network printer and main PC's reside. There are multiple devices in the rest of the house including a number of music/video players. These are connected via powerline. I also have a couple of servers that are in another room (due to noise) and these are also connected via powerline. Lastly, I have an VOIP phone in my study as well as an access point that is only switched on when I use my iPad or other such wifi devices.

My current router is well past it's best and needs to be replaced. I have been looking for a small PC to run pfsense but haven't yet found one so I may end up running that on an old PC.

The questions:

1. I had planned to creat vlans for the different types of traffic. So separate vlans for VOIP, wifi, music/video traffic and my main PC's. However, I'm not sure how to do this given my powerline network. For example, my main PC accesses one of the servers quite frequently and that is connected via the powerline network. My music/video players access the same server. Any suggestions?

2. It was my plan to set static IP addresses for many of my devices using the DHCP server on the SG300-10 and to put the switch into layer3 mode so that all routing is done via the switch. Some of the forums I have seen say it is necessary to define static routes on the SG300 and it is better to use DHCP on the router. No one has explained why this is better! I thought the whole point of the SG300 was to do all routing on it and avoid traffic going to the router. I realise that a static route needs to be defined to the router so that traffic can access the Internet, but once used does the SG300 not then remember it? I'm obviously not understanding something!!!

3. It seems as if pfsense (and other router software) support vlans and I don't understand the relationship between vlans on different devices. Also, if I run out of ports on the SG300 and need to add another switch what does this mean in terms of vlans? 

4. I would like to be able to monitor my network traffic, both internally and externally, but I'm not sure how to go about this. I'm interested in what communications my devices are having with the Internet but I'm also interested in what communications my music players are having with the server. I understand that I need a program like wireshark to look at the traffic but how do I configure the SG300 for this and will it put a great deal of load on the switch?

I hope these questions make some sort of sense and I'd appreciate any advice/guidance.

Many thanks,

Leo

Labels:
0 Helpful
2 Replies 2

devils_advocate
Level 7
Level 7

‎11-18-2015 08:05 AM

Hey Leo

To start with, the SG300 is a Layer 2 switch by default meaning you can setup seperate Vlans but left in its default L2 mode, the SG300 is not able to be the default gateway for them and will not be able to route between them. If you turn the SG300 into Layer 3 mode, not only will you be able to setup multiple Vlans, you will be able to do routing. Bear in mind, changing modes on the SG300 resets the WHOLE config back to factory default.

To answer your questions....

1. I had planned to creat vlans for the different types of traffic. So separate vlans for VOIP, wifi, music/video traffic and my main PC's. However, I'm not sure how to do this given my powerline network. For example, my main PC accesses one of the servers quite frequently and that is connected via the powerline network. My music/video players access the same server. Any suggestions?

Hmmmm, this could be a challenge as presumably all your devices are connected to a 'ring' in terms of the Powerline? What I mean by this, is that each end host device does not have a dedicated powerline adapter at the switch end. I suspect each host plugs into a powerline and then you have a single 'master' powerline which plugs into the switch? If this is the case, you won't be able to do Vlans.

2. It was my plan to set static IP addresses for many of my devices using the DHCP server on the SG300-10 and to put the switch into layer3 mode so that all routing is done via the switch. Some of the forums I have seen say it is necessary to define static routes on the SG300 and it is better to use DHCP on the router. No one has explained why this is better! I thought the whole point of the SG300 was to do all routing on it and avoid traffic going to the router. I realise that a static route needs to be defined to the router so that traffic can access the Internet, but once used does the SG300 not then remember it? I'm obviously not understanding something!!!

Assuming you put the SG300 into layer 3 mode, create your Vlans and then create an SVI for each vlan (interface vlan X) then you do not need static routes between those subnets. If the SG300 acts as the default gateway for each of your vlans then it will see each subnet as directly connected so no static routes needed. You will however need a default route (0.0.0.0/0) pointing towards your router. You also need static routes on the router to point back to the SG300 to it can return traffic for each of your vlans. 

DHCP is much of a muchness, personally I think its easier to manage on a server but it works fine on a switch. Its down to personal preference, especially on a home network.

3. It seems as if pfsense (and other router software) support vlans and I don't understand the relationship between vlans on different devices. Also, if I run out of ports on the SG300 and need to add another switch what does this mean in terms of vlans? 

A Vlan is simply a seperate Layer 2 broadcast domain. The easiest way to think about it is that home routers typically have a single 'vlan' which has a single IP range (typically 192.168.1.0/24). Say you wanted to use this IP range and also another (192.168.2.0/24). You would create a second vlan which uses this IP range and create a default gateway for the hosts.  If you add a second switch, you can configure one of the ports on the SG300 to be a 'Trunk port', create the exact same Vlans on the new switch (and a Trunk port) and connect them together. The second switch can remain Layer2 as the main SG300 will be doing the Layer 3 routing.

4. I would like to be able to monitor my network traffic, both internally and externally, but I'm not sure how to go about this. I'm interested in what communications my devices are having with the Internet but I'm also interested in what communications my music players are having with the server. I understand that I need a program like wireshark to look at the traffic but how do I configure the SG300 for this and will it put a great deal of load on the switch?

I believe the SG300's do port mirroring (also called SPAN) whereby you configure a source port (i.e the uplink to your router) and a destination port (a port plugged into your device running wireshark). The switch would 'copy' all packets going in and out of the source port and mirror them to the destination.

Some good Guides....

Setting up Routing between Vlans

Port Mirroring

Hope this helps

LeoTech01
Level 1
Level 1
In response to devils_advocate

‎11-19-2015 01:02 PM

Hi,

Thanks for your reply. At the moment I have been hit again with RSI so I can't actually use my computer without major pain. So, I'll read your reply properly when it gets a little better, but thanks again for taking the time.

Leo

P.S. I love your sign-in name - wish I'd thought of that!

0 Helpful
Customers Also Viewed These Support Documents