 Tom here for more systems and we're going to talk about Managed and unmanaged switches and layer 3 networking when you need these different components in your network And part of it has to do of course with scale But there's a little bit more details that we want to dive into on this if you want to learn more about me or my company However, Lawrence systems calm if you'd like to hire us for a project There's a hires button at the top of our website if you want to participate in our forums and reach out and just have a Say hi to us. That's a great place to do it and below if you want to support the channel in other ways Are lots of links to different affiliate products and affiliate services They give you a lot of discounts too, and it'd be appreciated if you want to click on any of those if you see something you like So networking start off with flat networks, which is this crappy old d-link box And you know, this is probably still lots of these floating around in people's houses. Undoubtedly internet comes in It's an integrated switch wireless routing all-in-one box and starts your most basic level of networking Right away people start wanting to upgrade and get something a little bit better But this doesn't offer any type of network segmentation and this will be our flat network example And we'll going be spending very brief amount of time on that. Don't worry This represents a more complex network of even multiple switches here of different brands and of PF sense firewall So I do a lot of videos on this topic And I wanted to have some reference for when I say, you know This type of switch or VLAN and things like that and this basic explainer video So you have something to reference or I have something to reference and reply to people asking about well Do I need a layer 3 switch? You said that one supports VLANs, but doesn't support layer 3. What does that mean? So we're gonna make some assumptions and this is the layout I'm about to show you that's all gonna be done in diagrams, but I figured hey, let's talk about the physical part We are going to be assigning Two different VLAN IDs plus a native off of one physical port And that's the idea of virtual lands is you encapsulate Multiple virtual networks inside of one physical cable This is done because you maybe have a physical cable that goes from here to the other side of my building And then there's a more computers over there And I need different types of traffic to get over there for different networks Maybe you have a network for accounting and network for design, etc And you don't want them on the same network or you have your IOT network is separate And you don't want that on there and especially in the industrial world We see industrial controllers that we need to separate it on different networks But we only have one what we may refer to as a backhaul line that gets to the back of the factory where that side It is and we don't have Well, the customer didn't really want to run all individual lines VLANs help facilitate that free If they're actually very efficient way to use a single cable, but that does require Managed switches to do that's where we're gonna start So we have this one port coming in and this is gonna have all and then it's gonna go to a This edge switch which does support VLANs and such but does not support layer 3 routing Then we have this meeker tick switch which does support both VLANs and layer 3 routing So these are just some examples. We're not gonna dive deep into it. This is more of an overview So you understand how they work not necessarily how you set up inter VLAN routing on a meeker tick So let's look at the diagrams here and start breaking things down Now, this is the basic flat unmanaged network with an unmanaged switch unmanaged switch like its namesake Means there's nothing you really have to do to the switch everything you plug into it just starts talking to everything else Is plugged into it. There's nothing else that really needs to be done They're don't need to be configured out of the box. They just make these two boxes talk to each other So we have 192 168 3.9 and 3.10 in the unmanaged switch They can easily ping and talk to each other and if they can't find something on the 3.0 slash 24 network here it routes out to the internet and a router firewall takes care of it from there Really basic really simple This is how a lot of people's home networks are set up and then although this switch and firewall are integrated into d-link Essentially, that's what the d-link's doing behind the scenes. There's not really any management on the switch side of it When we get to something a little bit more extensive We have this here So the native VLAN ID tag of 1 so the base without any VLANs is going to be 192 168 3.1 And this is our router firewall represented at the beginning of the video like I said with a pf sense firewall just for example And it's going to be passing with a single cable all the traffic over to manage switch one Which manage switch one is going to talk to manage which to and pass all the traffic all the VLANs everything across and Manage switch to to manage is three all the traffic all the VLANs all across so Anything I define in here and as long as I've programmed these switches to define VLAN 1 3 3 7 and VLAN 69 They will carry all the traffic over someone may like to point out that some unmanaged switches will not parse But pass VLAN traffic the difference is some do some don't I don't have a list of them But someone may point out that you could put an unmanaged switch sometimes in between and as long as it forwards And doesn't strip any of the traffic out of that VLAN. Yes, it will forward it But an unmanaged switch is not ideal and many times when I'm doing troubleshooting for people finding one of these in the Mixed of here where someone thought to plug one in because they thought they were being helpful Causes confusion because you'll just have missing VLANs down here It'll only forward VLAN 1 traffic because that's all it was designed to do But occasionally maybe it's because of the chipsets they use it will forward some of the other traffic But not going to dive deep into that just little note and something of note So when these devices we have VLAN ID 69 172 16 69 dot 1 network slash 24 This is what these are the assignments that the router would have As it's LAN IP if you will and each one of these lands so VLAN ID of 1337 has 10 dot 13 37 dot 1 slash 24 So things on the slash 24 means it can talk to anything as long as that last octet right here Is 1 to 254 it's able to talk to any of those devices So well one being the routers you can't reuse that one would you get the idea? This means that's going to be on that subnet so now here we have VLAN ID 69 So it's defined up here. We've programmed our switches and I have a port and we assign it to VLAN 69 And it's given this box 172 16 69 22 Also plugged into this switch is VLAN ID 69 172 69 23 their neighbors plugged in the same switch So when these two devices want to talk to each other, they just go through the switch That's that's simple. They get whatever the full speed of the switches So let's assume this is a gigabit switch. They can talk to each other at gigabit No problem because they're on the same switch segment. What about this one over here? Well, it can talk to it too, but when VLAN ID 69 is pulled off of main switch or switching between and then this switch This is going to go. Let's say we had a packet originating from here It's going to go from here to here to here then over to here So now sharing the bandwidth assuming there's one wire between switch with any of the other traffic that's traversing across here Same thing with this VLAN ID 1337 10 13 37 66 plugged into managed switch here Can talk to this one, but it's got to traverse all of these Now, what about this guy here 192 1683.9? How does it handle its routing? If it wanted to get over to VLAN ID 69 or over to this well Because this isn't a local segment. It's got to go from 192 1683.9 All the way over here. Actually, I just realized I have a typo This has to be a different IP address. Just in case someone calls me out on it It has to go from here 192 1683.9 through managed switch three two one All the way up here to the firewall, which hands off a rule because it says, okay, you're looking for the VLAN 69 network Then it redirects or to switch one which says nope. I don't have it. Nope. I don't have it I don't have it but you want to get here So in order for this to work, it's going through here one two three four five six seven back over here So you can see there's a lot of traversal going on. It happens really fast It's going to happen at the line speed But if each of these is also doing things that also have to traverse all these switches You can start to end up with a bit of a problem where congestion happens You've just got so much traffic going through all these switches Now someone may point out why isn't this more in a star design? Why are you showing switches across isn't normally one core switch? And then everything kind of goes out in a wheel spoke hub spoke Style well, yes, but the real world sometimes doesn't let you do that Ideally if you had your ability to design it and it was going to be implemented that way Yes, that's the most ideal So you're always trying to reduce the number of switches in between That is always the goal Sometimes it's just not as feasible when you're running wires or the way the buildings are laid out When you're setting things up But this is where layer three switching kicks in So layer three switching would allow us to go from right here to right here This would have to be a layer three capable switch But that also means a couple other things You have to build the rule sets for that Maybe you want it just to automatically connect the two subnets together no problem That's something very common with layer switches What if you had specific rules that I only needed a very specific machine To talk to a very specific other machine on this network, but not all of them So now I have some really specific packet filtering rules that are going to go in between as well Well in that case, that's nice, but it becomes another platform you have to manage So this is one of the reasons you'll see people settle on a single platform And try to really keep it that way with all their switches Because they'll build these rules They'll copy and paste them between all the different switches Uploading the same config So they're very uniformly done Or whatever platform they're using may have a management platform that allows them to see all the rules Because this sometimes has created problems when we've gone out and helped companies with networks That we didn't have pass rates to and had to start reverse engineering things Because we don't have any information about the network from the people who set it up originally And you'll find that you're like, well, it seems like this should route this way But every time someone tries to get out of a network, it just goes somewhere else That's because of the routing rules that are defined in here This is something that when you're scoping out or re-engineering and taking over networks You have to make sure all these rules aren't there Or you'll say, hey, I think I secured and separated your two separate networks And next thing you know, two different networks can talk to each other Because of some rule in some switch, somewhere So it does create a little bit more complexity in terms of management But in the situation where I want these things to talk to each other Without hopping back through each time It's definitely a really good thing to have when you want the Layer 3 Let's talk about this Mikrotik CRS305, 1GaG4S and 1Review 4Port must have 10GaG Switch I agree, serve the home did a great article They dive deep on the topic of this switch I just did a review of it myself And it does support Layer 3 This though is one of the things At this $130 price performance Which I agree with them completely It's a great buy if you need 10 gigs But as you can see As you start to add features like IP filters and small packet sizes The switch goes to sub 1GaG speeds So this is an important aspect of when you're thinking about this That can the device, the Layer 3 device you're looking at handle the speeds So it's not just a matter now One more piece to the equation when you're trying to buy a switch Is hey, this switch does 10 gig between ports That means it should route at 10 gig That is different It doesn't necessarily do that So when you're trying to decide When you're doing a larger scale infrastructure network You then have to dive deeper into the capabilities of switch And maybe that's fine Because you only need a little bit of traffic Like a printer I need a printer And I need the routing on these So the printer hops don't go all the way through the switches Printers are generally low bandwidth devices You can put them on a separate network You can create very specific rules for them And I'm okay if printers have a lower bandwidth Depending on the print volume, of course But generally speaking, printers aren't something high bandwidth Same with some of your miscellany small IoT devices Maybe you want a limited amount of access across the VLANs And inter-VLAN routing would maybe work for that Where you have a very specific rule But they're low bandwidth Because it just needs to send something If you pack it's over to kick something off Like turn on a light So just one more piece of the equation So do you need a layer 3 switch? Not that often until you start getting into the larger network With multiple hops on there Because of the other challenges And once you go into a higher end layer 3 switch Because, like I said Once you offload some of the packet filtering stuff on there It has to be fast enough to do it Or you didn't really move the bar And accomplish what you wanted to do Of solving the hops problem and solving the bandwidth You just moved where the problem is It's really dependent on your network needs Now, I encourage all these people with the homelabs And the one who I really need this Go ahead and buy it It's a great way to learn It's a great way to start plugging in Because there's a lot too setting up a layer 3 switch For example, you know, it goes out of scope of this talk But routing rules that have to be in To pass off the routes Because just because you put the layer 3 rules in here You have to make sure the devices have the proper Routing tables to make sure they understand how to get there And there's a whole different level of steps Required to do that Not something that's, like I said, undual But I don't want to make these things sound insurmountable But they're all the considerations you have to have When you're building these out So hopefully this clears up the layer 3 question That I get a lot Does it do layer 3? And that's where even things like this edge switch become kind of a Not every edge switch does layer 3 And in Unify, I've covered numerous of their switches And I know the new line doesn't have it yet But are supposed to be getting some layer 3 functionality On their Pro series Of the new Unify Gen 2 Pro series So I'll be doing more videos on that I don't have that many Actually I don't think I have any current layer 3 demos For any of the edge switches But also do note Not every edge switch such as this one here The EdgeWish 10X even has that capability So something to consider Something to think about And thank you Continue the discussion over on the forums And or leave some comments And I try to reply to all of them on here But I definitely reply to them on the forums Thanks And thank you for making it to the end of the video If you like this video, please give it a thumbs up If you'd like to see more content from the channel Hit the subscribe button And hit the bell icon If you'd like YouTube to notify you When new videos come out If you'd like to hire us Head over to laurancesystems.com Fill out our contact page And let us know what we can help you with And what projects you'd like us to work together on If you want to carry on the discussion Head over to forums.laurancesystems.com Where we can carry on the discussion About this video, other videos, or other tech topics In general, even suggestions for new videos They're accepted right there on our forums Which are free Also, if you'd like to help the channel In other ways, head over to our affiliate page We have a lot of great tech offers for you And once again, thanks for watching And see you next time