managed "smart" vs unmanaged switches

[tennisproha]

quick question. are there really any benefits to getting a managed switch over an unmanaged one? can't a router carry out all the fuctions a managed switch would've done? like QoS, port mirroring, IP management and so on…

I'm looking at the Netgear GS108 unmanaged vs smart. Also the TP-Link TL-SG108 unmanaged vs smart counter parts.

FYI. I'll have everything behind my router. router > switch > devices, including Mac, iOS, voip service, xbox. everything will initially be configured with the apple airport.

 

[cruisin]

A managed switch is used to make the router work less by doing some of the functions like QOS and monitoring and is most useful when there are a lot of devices. I doubt you will need it as you seem to have 5-10 devices or so and are unlikely to overload the router.

Keep in mind the airport router doesn't have QOS at all for some unknown reason. Also, every setting change needs a reboot to apply. This is for the AC model I use, but I believe it also applies for the earlier models as well.

 

[tennisproha]

A managed switch is used to make the router work less by doing some of the functions like QOS and monitoring and is most useful when there are a lot of devices. I doubt you will need it as you seem to have 5-10 devices or so and are unlikely to overload the router.

Okay. The QoS is what im most concerned about in relation to the VOIP service. The unmanaged ones state they have QoS built-in but cannot be configured while the managed have QoS that can be configured.

Also, I keep reading about managed switches being less secure because they have an assigned IP address vs unmanaged which dont have an IP address so are undetectable. The logic i think is since managed switches have an IP address they have a hacking potential. How does this play into a home network's security or in general?

Thanks!

 

[bkaus]

Okay. The QoS is what im most concerned about in relation to the VOIP service. The unmanaged ones state they have QoS built-in but cannot be configured while the managed have QoS that can be configured.

Also, I keep reading about managed switches being less secure because they have an assigned IP address vs unmanaged which dont have an IP address so are undetectable. The logic i think is since managed switches have an IP address they have a hacking potential. How does this play into a home network's security or in general?

Thanks!

For home use your better off unmanaged. It just works. No configuration, no open ports, no worries. IF you have lots of traffic between notes on your internal network, then maybe, just maybe a managed switch would provide some benefit.

A typical home network is going to be bottlenecked at the router/broadband interface and not the internal switch.

 

[tennisproha]

For home use your better off unmanaged. It just works. No configuration, no open ports, no worries. IF you have lots of traffic between notes on your internal network, then maybe, just maybe a managed switch would provide some benefit.

A typical home network is going to be bottlenecked at the router/broadband interface and not the internal switch.

I think I agree with you however the only sticking point I have is really QoS traffic prioritization. The switch models I listed on my OP are all 8 port managed or unmanaged. At any given point, I will probably utilize 4-5 ports max. Everything will be connected to the router via the router-to-switch connection. Therefore, I just don't want VOIP data to be bottlenecked at the switch and the router (Apple Airport).

For what its worth, the managed switches I'm looking at are "smart" switches so they are plug-n-play but offer some config like QoS if needed. Are these "smart" switches pesky little things as well?

 

[bkaus]

I think I agree with you however the only sticking point I have is really QoS traffic prioritization. The switch models I listed on my OP are all 8 port managed or unmanaged. At any given point, I will probably utilize 4-5 ports max. Everything will be connected to the router via the router-to-switch connection. Therefore, I just don't want VOIP data to be bottlenecked at the switch and the router (Apple Airport).

For what its worth, the managed switches I'm looking at are "smart" switches so they are plug-n-play but offer some config like QoS if needed. Are these "smart" switches pesky little things as well?

Your correct that the smart switches aren't as pesky to deal with as the bigger time programmable ones, and they may be a touch faster or even built better which may help more than QoS. So there may be some benefit.

What does your network look like? Are you experiencing problems?

If all of your inside machines pretty much only talk to the outside world, I would still argue that it doesn't matter. Your going to be limited by the bandwidth in the external connection so the QoS on the router is the only thing that will really matter (IMHO). The place a smart switch with QoS will help you is if you have an internal file server on one port and a computer on another port that are transferring lots of data between the two. Then you have your VoIP connection on the third port going to the outside world. The switch QoS will attempt to prioritize the VoIP <-> WAN over FileServer <-> computer.

My one time I have problems with my VoIP is when I saturate the upstream cable modem bandwidth. No matter what I try with QoS on the router helps the VoIP. Latency on the link goes to pieces. Cable company denies it and blames the router, but I can prove it with a simple ping test while doing an upstream FTP from a single computer directly plugged into the cable modem. Rant off 🙂

 

[tennisproha]

Your correct that the smart switches aren't as pesky to deal with as the bigger time programmable ones, and they may be a touch faster or even built better which may help more than QoS. So there may be some benefit.

What does your network look like? Are you experiencing problems?

If all of your inside machines pretty much only talk to the outside world, I would still argue that it doesn't matter. Your going to be limited by the bandwidth in the external connection so the QoS on the router is the only thing that will really matter (IMHO). The place a smart switch with QoS will help you is if you have an internal file server on one port and a computer on another port that are transferring lots of data between the two. Then you have your VoIP connection on the third port going to the outside world. The switch QoS will attempt to prioritize the VoIP <-> WAN over FileServer <-> computer.

My one time I have problems with my VoIP is when I saturate the upstream cable modem bandwidth. No matter what I try with QoS on the router helps the VoIP. Latency on the link goes to pieces. Cable company denies it and blames the router, but I can prove it with a simple ping test while doing an upstream FTP from a single computer directly plugged into the cable modem. Rant off 🙂

lol so I'm trying to avoid those frustrations to begin with!

No, no problems. I'm actually rewiring my home a little bit so that I have a proper wired network. While I'm at it, I wanna install an ideal switch that'll handle everything I might possibly throw at it in the near future.

I have: ISP homerun > modem > router > switch (the switch in question) > devices: Mac, VOIP (future), NAS (future), Apple TV (future), Xbox.
iOS devices connected to router. Router is Apple Airport. I'll eventually have the central network storage for all devices. switch is my single link to router. router will manage whole network.

I understand Apple Airport doesn't have configurable QoS options. So since everything will be run through the switch, I don't want VOIP to have upstream issues at the switch at least. The unmanaged and smart switches I've looked at both have QoS with smart having multi-configurable QoS while unmanaged just have QoS WRR I think (QoS is confusing) so... idk.

I've been researching this every evening for the past few days and I cant make heads or tails of it! Models I'm considering just fyi: Cisco SG 100D-08, Netgear GS108 or GS108e (smart), and TP-Link TL-SG108 or TL-SG108e (smart).

Thanks! I appreciate the help.

 

[bkaus]

Honestly, I don't think you will go wrong with any of those switches for your configuration. At quick glance, they all can support switching bandwidth of completely full ports. They are also metal cases which dissipate heat better and are pretty low wattage.

At work -

I have the SG108 on one sub-network - mostly because I didn't get a large enough main switch. AT&T provided it with our DSL modem and haven't had problems with it.

My main switch is an SG300 - which is fully managed. Works great, but I have mis-configured it a few times locking myself out of everything. Now that I think about it, the first one had one port DOA which Cisco quickly RMAed. I wouldn't go this route for home, I have it because I need the security features at the office to keep people from switching out hardware on the network ports. Also use the VLAN to isolate phones from everything else for the router to handle.

At Home -

I have a free unix based firewall/router running on my own server, a no frills 48 port 3COM unmanaged switch. I guess I do miss the ability to remotely login and see port status, but not needed very frequently. NAS, AppleTv, 3 laptops, two desktops, 4 VoIP phones, and iphones/ipads. WiFi provided by AirPort Extreme but I disabled all of its routing features.


I am still not convinced that QoS means much in your situation (or mine at home for that matter). But the price of the smart features isn't much more and after a quick read I don't think you can get yourself in much trouble with them.

 

[brentsg]

I agree that it's pretty likely QoS isn't going to be important for your configuration. Most people over estimate the need in a home setting.

 

[hallux]

If QoS for VOIP is a MAJOR concern, place the VOIP box BEFORE the router. Yes, you'll need a switch in that spot as well, but you should have no worries about internal (device to device) traffic causing problems with your phone. I wouldn't be terribly concerned about the VOIP box not having the protection of the router and most ISPs will give you 3 external IP addresses (this setup will require 2).

 

[tennisproha]

Thanks for the help guys. From what im understanding it seems the QoS functionality of these unmanaged ones basically treat all data equally unless it receives a QoS priority tag with the packet itself. This would mean the router or VoIP device would attach the tag to the packet and the switch basically honors it in throughput… dont take my word on this though lol.

But anyway thanks for the feedback. It means alot to me. I was thinking the Cisco ones might be more robust since they are small business switches but idk they've got some weird model name mismatch issues going on with the 100 series switches.

 

[tennisproha]

If QoS for VOIP is a MAJOR concern, place the VOIP box BEFORE the router. Yes, you'll need a switch in that spot as well, but you should have no worries about internal (device to device) traffic causing problems with your phone. I wouldn't be terribly concerned about the VOIP box not having the protection of the router and most ISPs will give you 3 external IP addresses (this setup will require 2).

Ive yet to buy my VoIP so this is a bit premature lol. Ive got a cable ISP so what you're saying is I would go modem > switch > router and VoIP > router to 2nd switch. Wouldn't this get a bit complicated if the router is managing the network? The router cant issue a DHCP upstream to the VoIP can it? Otherwise, idk if the modem would branch off 2 IPs for router and VoIP each.

Edit: I just looked into this and it seems they allow one IP per account. If i need more than one they require business account. Not 100% certain though. BTW, I have Comcast. 50 Mb down, 5 Mb up.

 

[cruisin]

IP addresses (the classic IPv4 ones) are becoming scarce now so it's probable that they want you to pay for a second one.

Your router would not manage anything above itself. The ISP would give your VoIP box the IP address it needs (if you had one available).

Before you buy a second IP address maybe try everything to see if it works well. You might be fine as is.

 

[monokakata]

I needed a couple of switches for a network that included 2 NAS units and a bunch of other stuff. I'd been reading about managed vs unmanaged (I had unmanaged oldish Netgears).

I went for the Netgear Prosafe GS108T because you can run it out of the box unmanaged, or you can dig in there and manage it. Being able to have both modes seemed like a good idea to me.

I got them for something like $80 each. Not expensive for 8 ports gigabit.

At first I had trouble managing them using Firefox on my Mac, and feared that I was going to have to do a Bootcamp thing to manage them with Windows apps. But I was doing something wrong, and when I figured out what it was I had no trouble managing them with OS X Firefox.

I'm satisfied.

 

[tennisproha]

So it turns out VoIP doesn't necessarily use the 802.1P QoS protocol (which is what these smart switches support). Instead it seems VoIP uses the DiffServ, aka DSCP, QoS protocol. QoS 802.1P is a Data Layer (L2) tag on the packet whereas the QoS DSCP tag is a layer above, on the Network Layer (L3). QoS DSCP is tagged automatically via the VoIP device thus requiring no user config. My only question is since these are L2 switches, does the L3 QoS tag just get discarded at the switch or is the switch aware of Network Layer (L3) tags?

I think you guys are probably right, it shouldn't make any difference as long as the switches bandwidth is not maxed out. How the router decides to process these packets will probably be of bigger consequence. But it would be good to know how L2 switches process DSCP for the sake of knowledge if someone knows about it. This is quite fascinating but the complexity of networking makes me wonder how we even get through sending emails lol. 😀

 

[mrichmon]

So it turns out VoIP doesn't necessarily use the 802.1P QoS protocol (which is what these smart switches support). Instead it seems VoIP uses the DiffServ, aka DSCP, QoS protocol. QoS 802.1P is a Data Layer (L2) tag on the packet whereas the QoS DSCP tag is a layer above, on the Network Layer (L3). QoS DSCP is tagged automatically via the VoIP device thus requiring no user config. My only question is since these are L2 switches, does the L3 QoS tag just get discarded at the switch or is the switch aware of Network Layer (L3) tags?

A Layer 2 switch only looks at/handles the Layer 1 and Layer 2 headers. Any tags or data in the Layer 3 header is invisible to the switch.

Layer 3 switches need more memory and CPU to operate at a given throughput than a comparable Layer 2 switch. This is because the Layer 3 switch needs to unpack and process the Layer 3 header in addition to processing the Layer 2 header, and the Layer 1 Ethernet frame header.

Whereas a Layer 2 switch is only processing the Layer 2 header, and the Layer 1 Ethernet frame header.

If the target throughput as measured in packets switched per second then more work needs to be done by the L3 switch to maintain the same throughput rate as the L2 switch.

 

[brentsg]

So it turns out VoIP doesn't necessarily use the 802.1P QoS protocol (which is what these smart switches support). Instead it seems VoIP uses the DiffServ, aka DSCP, QoS protocol.

Just keep in mind that VoIP is a concept that is implemented in a number of different ways.

 

[hallux]

Ive yet to buy my VoIP so this is a bit premature lol. Ive got a cable ISP so what you're saying is I would go modem > switch > router and VoIP > router to 2nd switch. Wouldn't this get a bit complicated if the router is managing the network? The router cant issue a DHCP upstream to the VoIP can it? Otherwise, idk if the modem would branch off 2 IPs for router and VoIP each.

Edit: I just looked into this and it seems they allow one IP per account. If i need more than one they require business account. Not 100% certain though. BTW, I have Comcast. 50 Mb down, 5 Mb up.

However, if the VIOP box is between the modem and router, the router isn't managing it. Too bad Comcast only gives you one IP address. As I noted in my previous post, if the VIOP box is between the modem and router there is no need for the router/switch to handle QoS as the VIOP box will not see the internal network traffic since it's going straight to the internet.

 

[tennisproha]

A Layer 2 switch only looks at/handles the Layer 1 and Layer 2 headers. Any tags or data in the Layer 3 header is invisible to the switch.

Layer 3 switches need more memory and CPU to operate at a given throughput than a comparable Layer 2 switch. This is because the Layer 3 switch needs to unpack and process the Layer 3 header in addition to processing the Layer 2 header, and the Layer 1 Ethernet frame header.

Whereas a Layer 2 switch is only processing the Layer 2 header, and the Layer 1 Ethernet frame header.

If the target throughput as measured in packets switched per second then more work needs to be done by the L3 switch to maintain the same throughput rate as the L2 switch.

Ah okay. Thanks for explaining that. Well correct me if I'm wrong, but since Layer 3 data is invisible to a Layer 2 switch, the L3 header would simply get forwarded through to the next point of process right, and not get discarded at the L2 switch like I originally read somewhere. Well I guess since it can't read it, it doesn't know its there, hence it can't drop something it cant see I guess...

So there is this Netgear ProSafe GS108T smart switch that supports DSCP based QoS which is inherently a Layer 3 function. However, as far as I can figure, this is a Layer 2 switch so how can this be? It seems to support other L3 functions as well.

 

[tennisproha]

My main switch is an SG300 - which is fully managed. Works great, but I have mis-configured it a few times locking myself out of everything. ... I wouldn't go this route for home, I have it because I need the security features at the office to keep people from switching out hardware on the network ports. Also use the VLAN to isolate phones from everything else for the router to handle.

I came across this Cisco SG300-10 switch, which is what it seems you are referring to here. It fits what I'm looking for in a switch, however I know and understand its major overkill for my network lol. I probably won't ever use the full bandwidth of any 8 port switch to warrant implementing QoS or buying a managed switch.

I should probably listen to you guys and buy an unmanaged one, since I know now that QoS will probably be a non-issue. However, my logic is, since I'm implementing this network for the first time, I might as well install a device that I can configure if the need ever arises. I also like that I can put the VoIP on a Voice VLAN since it looks like Comcast will only give me one IP so my VoIP will have to be behind the router. (Since my current router can't process L3 and such, idk how much of a difference it'll make). But if not a fully managed one, at least a smart one. I'm looking at that Cisco SG300-10 (it might not fit in my panel lol) or the Netgear ProSafe SG108T. It seems both are 'smart' managed. Thoughts welcome. 🙂

----------

Just keep in mind that VoIP is a concept that is implemented in a number of different ways.

Well stated. I didn't know this when I initially started this thread and am just learning more about it now. I was thinking QoS was a sort of protocol.

 

[monokakata]

I'm looking at that Cisco SG300-10 (it might not fit in my panel lol) or the Netgear ProSafe SG108T. It seems both are 'smart' managed. Thoughts welcome. 🙂

I'm still pushing the GS108T because you can put it to work right out of the box as unmanaged, and move to managing it later. True, maybe the Cisco is the same.

 

[bkaus]

The SG300 works out of the box as well. If your using it out of the box configuration, its a hefty price premium for something that will work no different.

I don't recall if there were default passwords that open a security risk.

With the cost of these things always coming down, I would personally purchase what you need in the next year and not worry about what-if forever down the road.

 

[tennisproha]

I'm still pushing the GS108T because you can put it to work right out of the box as unmanaged, and move to managing it later. True, maybe the Cisco is the same.

The SG300 works out of the box as well. If your using it out of the box configuration, its a hefty price premium for something that will work no different....

...With the cost of these things always coming down, I would personally purchase what you need in the next year and not worry about what-if forever down the road.

The GS108T is great bang-for-your-buck with PoE PD and all. And the SG300 is def a powerful switch plus with SFP (I wonder if Google Fiber can route through it, if they ever come my way lol). However, you're right in stating that I shouldn't worry about future proofing it. These models have also been out for some time so they might be due for an upgrade.

So I'm gonna make a decision soon but one last thing I want to ask is, is there a big quality difference between Cisco and Netgear? I know Cisco is THE business standard but idk if they trade more on brand recognition or if they are substantially better quality. For Netgear I've read that their unmanaged are great but the more complex the switch gets, the worse their product becomes. I have noticed documentation-wise, the Cisco product guides are way more detailed and with better grammar than the Netgear guides... And the Cisco Web GUI looks prettier lol...

Mainly for my short term needs I firstly need a quality gigabit connection since I will be doing LAN transfers between gigabit devices. Hence I need something that throughput's pretty close to gigabit speeds. And it probably won't matter much but secondly I'd like QoS options for VoIP VLAN.

There's also the Cisco SG200-08, which is a 'smart' managed or just go with a Cisco unmanaged for now and forget about organizing it...

 

[brentsg]

Is this just for your home? If so you're definitely overthinking it.

 

[SlCKB0Y]

This is also a good unmanaged switch for the home:
http://www.amazon.com/HP-Procurve-Ethernet-J9559A-ABA/dp/B003N1ZTC2