Hello.
I am currently in the process of rebuilding my home network.
I managed to purchase two HP 5130 jg932a switches. The network diagram will be as follows: in the main rack there will be a router and a switch, another switch will be 3 floors (about 20 m below) in the multimedia cabinet.
There is an HA server in the network and plenty of smart devices operated via Lan or Wi-Fi. And about 10 IP cameras. And 2 Cisco c9120axe-e APs.
I currently have access to 2 routers and I am wondering which one will work better in this setup. RB5009 or CCR2004.
I would like to combine it as follows. 2x ISP with failover function -> Router and here my question arises: what option should I choose to connect everything?
Option 1: Connect the router to 1 switch using sfp+ sockets and a 10G DAC SFP+ cable and another switch to the first one using 10Gb sfp+ transceivers and a 20m LC/LC duplex OM3 patch cord?
Option 2: Connect both switches to the router, one with a DAC cable and the other with an Lc/Lc patch cord?
I'd love to hear your thoughts on this.
Re: Question about connection and choosing best router solution.
On router:
CCR2004 has quite a bit more power then RB5009.
But is also a lot more expensive. Budget decision.
Internal RB is limited to 10Gbs pipe, CCR has 2x 25Gbs.
May be a factor too if you plan on connecting further on with those switches and whatever is connected to those.
Daisy chaining switches is not my personal preference if direct connection is possible but others may have a different opinion there (and most likely they will).
Other argument: 2 separate 10gbs connections are possible with ccr2004. If you put those switches behind each other, only 1 stream.
CCR2004 has quite a bit more power then RB5009.
But is also a lot more expensive. Budget decision.
Internal RB is limited to 10Gbs pipe, CCR has 2x 25Gbs.
May be a factor too if you plan on connecting further on with those switches and whatever is connected to those.
Daisy chaining switches is not my personal preference if direct connection is possible but others may have a different opinion there (and most likely they will).
Other argument: 2 separate 10gbs connections are possible with ccr2004. If you put those switches behind each other, only 1 stream.
Re: Question about connection and choosing best router solution.
There are two CCR2004 models: CCR2004-1G-12S+2XS which @holvoetn is referring to and has all SFP+ ports connected to single switch (ether1 is meant for OOB management) and CCR2004-16G-2S+ which has SFP+ ports connected directly to CPU while RJ45 ports are handled by two distinct switch chips. The later model is thus not fit to be used as switch between both SFP+ ports. The former comes with a bit higher price tag.
Re: Question about connection and choosing best router solution.
The router i can get is CCR2004-16G-2S+PC
Re: Question about connection and choosing best router solution.
If you will setup LANs so that devices connected to both of your switches will communicate between each other (e.g. if you'll have a NAS connected to one of switches and clients connected to the other one), then I suggest you to connect switches directly and only connect the closest switch to router. This way you'll get highest LAN performance without hogging the router (and that's true for both RB and CCR which remain in the game). And if you will choose this kind of topology, then RB's internal capacity won't be such a hurdle.
Re: Question about connection and choosing best router solution.
thanks for the answer, so if the devices in my network are connected to both switches, the best option will be to connect the first switch directly to the router using DAC and the next switch to the previous one using sfp+, i.e. cascade? Will this answer change the fact that other smaller managed switches will also be connected to these 2 main HP SWITCHES using several LAG connections, using 2x RJ45 1gigabit for each?If you will setup LANs so that devices connected to both of your switches will communicate between each other (e.g. if you'll have a NAS connected to one of switches and clients connected to the other one), then I suggest you to connect switches directly and only connect the closest switch to router. This way you'll get highest LAN performance without hogging the router (and that's true for both RB and CCR which remain in the game). And if you will choose this kind of topology, then RB's internal capacity won't be such a hurdle.
Re: Question about connection and choosing best router solution.
It seems you like to complicate your network topology 
Since you're mentioning LAG ... additionally to have the both switches connected directly (i.e. cascade), you could connect both switches to main router and let RSTP do its job. If you can afford two connections between main rack and multimedia cabinet that is.
According to normal RSTP link priority, the normal route from multimedia cabinet to router will be across the main rack switch ... but if that switch decides to break, the backup (1Gbps) link will kick in. Just remember to set bridge priority on main router to something lower than default (which is 0x8000, setting it to e.g. 0x2000 should be fine) so that it'll win the root bridge election in RSTP topology.
And no, connecting secondary switches to one of main switches using LAG doesn't make any change, from router's point of view they will be behind one of switches. And if the two main switches will be "cascaded", this only means there will be one additional L2 hop between router and secondary switch (which will slightly increase latency but shouldn't affect the performance). If you're thinking about MLAG topology, then this should not affect the router-switch consideration either (because in this case both switches would have to be directly interconnected for MLAG functionality if not others).
Since you're mentioning LAG ... additionally to have the both switches connected directly (i.e. cascade), you could connect both switches to main router and let RSTP do its job. If you can afford two connections between main rack and multimedia cabinet that is.According to normal RSTP link priority, the normal route from multimedia cabinet to router will be across the main rack switch ... but if that switch decides to break, the backup (1Gbps) link will kick in. Just remember to set bridge priority on main router to something lower than default (which is 0x8000, setting it to e.g. 0x2000 should be fine) so that it'll win the root bridge election in RSTP topology.
And no, connecting secondary switches to one of main switches using LAG doesn't make any change, from router's point of view they will be behind one of switches. And if the two main switches will be "cascaded", this only means there will be one additional L2 hop between router and secondary switch (which will slightly increase latency but shouldn't affect the performance). If you're thinking about MLAG topology, then this should not affect the router-switch consideration either (because in this case both switches would have to be directly interconnected for MLAG functionality if not others).
Re: Question about connection and choosing best router solution.
I think we didn't understand each other I'll try to make it more clear.It seems you like to complicate your network topology
According to normal RSTP link priority, the normal route from multimedia cabinet to router will be across the main rack switch ... but if that switch decides to break, the backup (1Gbps) link will kick in. Just remember to set bridge priority on main router to something lower than default (which is 0x8000, setting it to e.g. 0x2000 should be fine) so that it'll win the root bridge election in RSTP topology.
And no, connecting secondary switches to one of main switches using LAG doesn't make any change, from router's point of view they will be behind one of switches. And if the two main switches will be "cascaded", this only means there will be one additional L2 hop between router and secondary switch (which will slightly increase latency but shouldn't affect the performance). If you're thinking about MLAG topology, then this should not affect the router-switch consideration either (because in this case both switches would have to be directly interconnected for MLAG functionality if not others).
1.ISP ----> ROUTER
2. ROUTER--DAC-->HP SW1
3.HP SW1--SFP+-->HP SW2
3a. HP SW1 5x LAG connections using 10x rj45 [ 2 for ea LAG ]1gigabit to other smaller management switches (TP Link smart series)
4.HP SW2 another 4/5 LAG to another small management switches (TP Link smart series)
On the end of small switches there are client pc / ip cams etc etc
Re: Question about connection and choosing best router solution.
I understood you just fine (the only "dangling" issue was if you'd combine 3a and 4 to have MLAG but you clarified that this was not planned) ... So the RSTP thing I was mentioning would be "5. ROUTER-RJ45 --> HP SW2" which would be normally blocked (by RSTP processes on both HP SW2 and router) but would kick in life if the HP SW1 <--> HP SW2 link would get disconnected or if HP SW1 would drop dead ... so the mentioned RJ45 link would be "hot stand by connection" for connection between multimedia cabinet and main router.
Re: Question about connection and choosing best router solution.
Thank you very much for your help, I didn't even think about this type of securityI understood you just fine (the only "dangling" issue was if you'd combine 3a and 4 to have MLAG but you clarified that this was not planned) ... So the RSTP thing I was mentioning would be "5. ROUTER-RJ45 --> HP SW2" which would be normally blocked (by RSTP processes on both HP SW2 and router) but would kick in life if the HP SW1 <--> HP SW2 link would get disconnected or if HP SW1 would drop dead ... so the mentioned RJ45 link would be "hot stand by connection" for connection between multimedia cabinet and main router.
but what you write makes sense and logic thank you very much again. Let me ask you if you think that separating the IP cameras with a separate vlan from the rest makes sense? I would like only the recorder to have access to them, the cameras themselves do not have to have access to the Internet, what is important is that the recorder communicates with them and is connected to the Internet to have online viewing.Re: Question about connection and choosing best router solution.
Creating different VLANs for different classes of devices makes lots of sense. The control over what they can do with regard to connections towards other networks (internet included) is a pretty big bonus. So I'm all for it.
In particular: it would probably be easier to place recorder into same VLAN as cameras so you'd only have to allow access to/from recorder in the firewall.
In particular: it would probably be easier to place recorder into same VLAN as cameras so you'd only have to allow access to/from recorder in the firewall.
Re: Question about connection and choosing best router solution.
I understand, so in your opinion it would be better to leave the vlan support to the router (I decided on RB5009) or the switch, because no matter how you look at it, the HPE 5130 JG932A model is already Enterprise class
Re: Question about connection and choosing best router solution.
All of the devices (at least router and "core" switches) will have to deal with VLANs ... but IMO when going the VLAN path it's best to go all the way down to edge ports (i.e. ports to which the VLAN-ignorant devices are connected), which then includes also the small access switches.
The only thing remaining is then where does inter-vlan routing happen. IMO main router is the way to go as it will also run firewall which will give you much better control over traffic flows. You could use one of core switches to do the inter-VLAN routing if you don't plan to do fine-grain flow control (so that switch ACLs would be enough to do the job) - assuming these are L3 switches (I don't know that). Which might be the way to go if you expect high-throughput inter-VLAN connections (which might hog the RB5009 while proper L3 switch wouldn't sweat at all) with caveat I already wrote.
The only thing remaining is then where does inter-vlan routing happen. IMO main router is the way to go as it will also run firewall which will give you much better control over traffic flows. You could use one of core switches to do the inter-VLAN routing if you don't plan to do fine-grain flow control (so that switch ACLs would be enough to do the job) - assuming these are L3 switches (I don't know that). Which might be the way to go if you expect high-throughput inter-VLAN connections (which might hog the RB5009 while proper L3 switch wouldn't sweat at all) with caveat I already wrote.
Who is online
Users browsing this forum: Google [Bot] and 5 guests