Today I have an Asus router connected to my ISPs media converter. That is then connected to my rack and other stuff.
In the rack and in my office I use 2x CRS326-24G-2S+RM, 1x CRS309-1G-8S+IN and I have a Mellanox SX switch hopefully coming soon to run the cluster over 40GbE.
The new house is bigger and in need of a few APs so I figure I’m going to throw out the Asus router and purchase one new router as well as the needed APs.
Since I’m happy with the switches I have and they’re normally plenty for my needs I’m hesitant to shell out 100’s of € just to purchase a big PoE switch to drive the APs, even if it’s a nice to have.
So what good options do I have that’ll route symmetrical gigabit internet as well as PoE powering APs plus more stuff?
RB5009UPr+S+IN (around 300€, but give me everything in one box)
Hex S (2025) + CSS610-8P-2S+IN (75€+200€ so cheaper but will probably draw more power and 8 gigabit ports is not enough to swap out my CRS326 in the rack)
Hex PoE RB960PGS (cheap at around 80€ but it has a pretty low power budget. Probably enough for two APs, but not much more. Does it handle routing symmetrical gigabit?)
Hex S (2025) only and run the APs with injectors (cheap and simple, but mgmt is worse and less flexible)
Hex S (2025) and sell the CRS326 and buy a CRS-24P-4S+RM instead (will probably cost 400-450€ in the end just for the switching of the switch plus the Hex, but the cleanest and most future proof)
Hex S (2025) and purchase another brand PoE switch….
As always, this is my homelab and I’m not looking to spend more than needed. Do you have any suggestions or advice?
Nice setup. The hex s - while a nice device - doesn't really fit in with your needs based on the other stuff you have. It does somewhere between 500 Mbps and 1 Gbps of routing if fasttrack (a kind of software-based acceleration) is not enabled. The same figure for the rb5009 is roughly 3 Gbps.
The rb5009 also gives you the option to link up at 10G speeds with your switches.
Your setup practically screams for one of these. It may not be the cheapest possible alternative, but you'll grow to appreciate its capabilities. E.g. if you want to properly filtered inter-vlan routing, you can selectively enable fasttrack for that, and in these scenarios it can max out the 10G port.
Whether you decide to get the poe version or resign yourself to a nice multiple-port injector is totally up to you. I personally would go for the latter, because I've been burnt by various buggy poe implementations many times, but that's just me.
It’s a really nice setup, I agree! I’ve manage to purchase all of it used and for a very good price so I’m happy. To be honest I’m not very knowledgeable in networks at the moment but I’m looking forward to learn in the homelab. That’s also why I’m trying to buy more enterprise oriented gear. Not that I will ever use this procured knowledge professionally, as I work in a totally different field, but it’s a fun hobby.
Funny thing is that last night, right after posting, I managed to find a used CSS610-8P-2S+IN locally for ~70€ so I bought it. I’m somewhat sceptic to the whole SwOS Lite approach but I still think it’s good enough for my needs.
This means I now will use that for anything PoE related, and if 802.3af/at isn’t a good fit for something I can just use a suitable PoE injector from a CRS326.
So I’m now looking at just the router side.
The seller of the CSS610 also might sell me a used hEX S (RB760iGS) so I might start with that.
Then if I can source a RB5009 or maybe a RB4011 I can upgrade if I actually feel the need. L009 also looks nice, but maybe isn’t that much of an upgrade from the hEX S if I’m looking at its speed test results.
A RB5009 (the NON PoE version) has a list price of 219 $, it can usually be found (new) for around 170 €. It is quite a bit of money, but you won't ever regret having spent them.
The Rb760iGS is a nice little machine, but it will likely be (it depends of course on the internet connection you have) a limiting factor now or in the future.
The L009 is a terrible router (but not that bad as a switch), unless you get one for free or for a few (and I mean few) euros, forget about it.
If you cannot afford a RB5009 now, you can use your old Asus until you can, spending now (I presume) 50-60 euros for a used Rb760iGS seem to me not a smart move.
Used RB4011 can be found at prices so high that it makes little sense to buy them, and buying one new doesn't make any, since it costs the same as a RB5009.
As a cheaper router, you would be better served by an Ax3 (with radios disabled) which runs circles around a Rb760.
I agree that if purchasing anything new the non-PoE RB5009 probably is the best option.
Might also build a opnsense router out of some Lenovo M720q or M920q that I already have laying around. Probably the cheapest option but not the Mikrotik way (that I’d like to try out fully)…
I’ll have to think about this and keep a lookout for good deals. I still need to upgrade/build out the physical network cabling in the house before deploying everything in “production”. This part of the job is way less fun than purchasing everything.
Since I now have PoE 802.3af/at capabilities in the CSS610, and most likely not in the router, I’m thinking of how to power the fiber media converter with a UPS. It’s not located in the same part of the house as the server rack and neither is it easy to move.
Using a non-PoE router I have three options:
Purchasing a separate UPS for the fiber media converter only.
Using a PoE injector on the cable from the router and a PoE splitter at the fiber media converter. The router and the injector will be powered by the UPS in the rack.
Using a port on the CSS610 to connect to the fiber media converter. Somehow VLAN pass through the traffic to the router, without it being accessible on the other ports on the CSS610. Also connecting the router back to the switch again. Of course this option also needs a PoE splitter to power the fiber media converter.
Option 3 might require more cables (?) as well as creating some complexity, but other than it being a bit unconventional I think it should work though I’m not sure how to set it up. Option 2 feels like my second choice and option 1 my last choice. It would be nice to utilize the UPS I already have and it would clutter up the room where the incoming fiber is located the least.
How would I go about setting up option 3, both physically and in the CSS610 SwOS lite?
In this scenario I’m thinking of the router being a Lenovo M720q with a dual SFP+ NIC.
If I connect like this:
Fiber media converter <-> PoE+ splitter <-> 1GbE (PoE+) <-> CSS610 eth8 <-> CSS610 SFP+1 <-> SFP+ DAC <-> M720q SFP+1
Can I use the DAC between the router and switch for the traffic both ways using VLANs? So that I don’t have to connect the router to the switch using another DAC/1GbE cable. If it’s possible with VLANs, how would I set that up in the CSS610 SwOS lite?
Perhaps I should create a separate topic for this pass through challenge?
Note: I’m not well versed in VLANs in particular, nor networking in general.
Well there is also option 0) leave the media converter plugged normally on mains.
No, seriously, do you have in your location such unstable mains power to actually need to have it under UPS?
It may depends on models, but usually those are supplied by ISP, are pretty robust and in 99.99% of installs they are simply plugged in a mains socket, and they are quite fast as reboot.
In any case, option 0.5), there are plain, simple (no inverter), low voltage UPS for low power devices, routers or similar, that are essentially a li-ion charger and a bunch of 18650's.
They should be available for around 40 or 50€ (less if you can provide yourself the 18650 batteries), but for a media converter you can probably get away with one of those intended for cameras, usually 12 V/ 2 A, some 15€ or less.
Haha! Now you’re just being reasonable and thinking logical… Sooo boring!
You’re 100% right though, it’s all a bit overkill.
To be frank I don’t NEED, more or less, anything in my homelab but it’s nice to have and fun to play with.
Yes, this is a normally mains driven media converter.
Actually, since moving to this new house, that’s in a much more rural area, I’ve had power outages more frequently. In my last house I think I had 1 or 2 outages in 8 years.
I’m thinking of getting a few surveillance cameras put up so it would be nice if those and the connection stayed up during the outage as well.
Plus, I’m eager to learn more networking and VLAN. I do think this setup should work, after reading up some more. Need to setup a test bench and see how I need to configure it on both the router and the switch.
If it is for the fun of it (and learning new, strange things), by all means go for it.
Options 1) and 2) (with all due respect) are still "conventional" and "boring".
Option 3) doesn't really need more cables, you have one ethernet cable (carrying PoE) from the CSS610 to the media converter, with a PoE splitter to power the media converter.
Then you have another ethernet cable (or a DAC) between the CSS610 and the router.
The easiest (but not necessarily the best, and soon someone will post about it being the wrong, obsolete way) would be to make a second, bridge on the CSS610 with in it only the two ports going to the router and to the media converter, leaving a "main" bridge with all all the other ports in it separated.
VLANs may between media converter and router may be not be possible (it depends on which features the media converter has and the level of access the ISP allows you to have on it), but usually the ethernet connection to them is without VLAN.
Probably you could have a single bridge (on default VLAN) with all ports on it having only the router and media converter untagged and tag VLAN's on all the other ports, but this would imply VLAN's "everywhere" (which may or may not be possible).
