this post was submitted on 13 Nov 2023
1 points (100.0% liked)

Home Networking

11 readers
1 users here now

A community to help people learn, install, set up or troubleshoot their home network equipment and solutions.

Rules

founded 1 year ago
MODERATORS
 

Right now, I am in the process of redesigning my network and I had the Idea to connect my two main switches and my FW with a ring like topology. I know that in a typical home network with a 50/10 WAN connection this is absolutely unnecessary. I want to do this anyway, for learning and bragging purpose.

Assuming that I have several VLANs and on each switch at least one device in each VLAN. All Connections between the two switches and the FW are trunk routes for all VLANs. The Omada Controller is running virtualized on a server connected to one of the switches.

My Goal is to distribute traffic over all connections to avoid bottlenecks. I don't want traffic for devices within the same subnet to flow through FW and I don't want Internet traffic flow through the connection between switches.

I first read the LACP documentation for omada and OPNsense, but it is mostly intended for two or more lines between two devices and not for a ring topology like I want.

I then read the (R)STP documentation and couldn't find an option that doesn't simply cut one connection, but "directs" traffic base on the shortest route.

Did I miss something in the documentation, should I look at another protocol/option, or is this something prosumer hardware like I use simply isn't capable of?

top 8 comments
sorted by: hot top controversial new old
[–] bchiodini@alien.top 1 points 1 year ago

It depends on the capabilities of your switches. This Cisco article has some foundational info.

Depending on the number of switches, VLANs and trunks, this could get exponentially complicated.

Getting it to work would definitely earn you bragging rights.

[–] waka324@alien.top 1 points 1 year ago

Spanning tree protocol will kill any concept of "ring topology" and quickly for good reason. You'd end up with broadcast storms overloading and killing your network very quickly.

Pick up a networking fundamentals book. As usual, Oreilly is good for this (https://www.amazon.com/TCP-Network-Administration-OReilly-Networking/dp/0596002971?ref=d6k_applink_bb_dls&dplnkId=3456f4a6-4e65-40ac-a6fb-9a05e4796c1b#customerReviews)

Anything on the same vlan and subnet will be able to access eachother without additional routing. Only upon crossing vlans and subnets will you need routing.

If you are wanting to increase capacity between switches, use multi-gig backhaul links, and leverage LACP if needed. Male sure that the switches you are using are capable of switching the throughput you need.

I'd be very surprised if you are saturating 10g/40g links, or hitting switch max throughput numbers though.

[–] ElevenNotes@alien.top 1 points 1 year ago

You got something wrong. Inter VLAN routing must take place on a L3 device, since you have only one L3 device, your router, all traffic will always flow to your router, to be, well routed to other networks (VLAN`s). RSTP neither LACP will help you here. If you don’t want to route all traffic back to your router, you need to use L3 switches and set the inter VLAN routing directly on the switch instead of your router. LACP is not load balancing by default, but fault tolerance. You are approaching this wrong. If you want to brag, just create a normal multi VLAN network on your router and brag about that your IoT devices are on their own VLAN to be safe and secure if they ever have issues or get hacked via their cloud connection.

[–] Exotic-Grape8743@alien.top 1 points 1 year ago (2 children)

Ring like topology is anathema to Ethernet networking. If you really somehow create a ring in your network it will cause problems. Most commonly your switches will detect a ring through spanning tree protocol (STP) and shut a link in the ring down. You always want to have a star topology in Ethernet networks. If you want more bandwidth or redundancy in critical links, use LAG connections.

[–] ElevenNotes@alien.top 1 points 1 year ago (1 children)

Not to be the stick in the mud but LACP does not really give you more bandwidth per se. This is something people really should internalize and understand. It can give you more bandwidth for multiple clients, but not a single client (not a single point to point connection). In todays world LACP (except MLAG) also has almost no place anymore because if you need bandwidth you just upgrade from 1G, to 10G, to 100G, to 200G, to 400G and so on.

[–] Exotic-Grape8743@alien.top 1 points 1 year ago (1 children)

Absolutely correct but from the context of the OP’s post it seemed they were trying to get more bandwidth for when multiple clients need it at the same time. Exactly what LAG connections can help you with. Of course it is much better to just use higher speed links but LAG connections certainly still have their place when you just can’t simply upgrade the connection speed at a reasonable cost.

[–] TheEthyr@alien.top 1 points 1 year ago

LAG only works well when there is a sufficient diversity of traffic flows that can be distributed equitably across the child links. Since many LAG implementations hash only on MAC and/or IP addresses, the distribution can often be poor when there are only a few clients, as is often the case in a home network. This can possibly be finessed by careful assignment of IP addresses, but the point is LAG doesn't guarantee access to the entire aggregate throughput of the child links.

For this reason, I believe LAG is seldom worthwhile in a home network.

[–] AlexisColoun@alien.top 1 points 1 year ago

Not exactly what I wanted to achieve with my idea, but it seems that my idea is not feasible. But thank you, for your answer.