Explaining VLANs
Explaining VLANs
Hello, I saw you checking the networking options but didn’t find what you were looking for. You’re using a Netgear GS724TPv2 24-port POE switch and want to organize your devices into VLANs—like separating PCs, security cameras, etc. I tried watching some tutorials and reading guides, but it’s still unclear how to set up VLANs on this model. Could someone help clarify the process? Thanks!
The guide suggests starting with a basic LAN layout: treat each network as a separate switch and connect a router between them. Plan your VLAN settings on the switch before assigning ports. Avoid tagging unless necessary, and ensure devices in one VLAN can communicate across others. Begin with simple examples—like adding cameras to their own VLANs—so you can verify functionality before expanding. Once everything runs smoothly within its own VLAN, integrate inter-VLAN routing by linking the switches. The example provided outlines assigning IPs, configuring virtual interfaces, and setting up routes for devices like PCs and cameras. Keep configurations manageable initially, then gradually increase complexity while maintaining clear segmentation.
First set up the IP configurations on the devices within the desired VLAN before assigning them IP addresses.
Your device may connect straight to a VLAN without knowing its configuration—this happens when the switchport is in UNTAGGED mode. Alternatively, you can switch the port to TAGGED mode, requiring the connected device to support VLAN identification, which most devices lack, leaving you with UNTAGGED VLANs on the ports. For environments like Hyper-V or ESX, you can create VLANs at the VM or virtual switch level and keep the port in TAGGED state, allowing multiple VLANs per port.
It's not crucial, but since you're starting from scratch, completing all the IP configurations first ensures everything functions correctly without needing further switch adjustments. This helps confirm your earlier steps were accurate before proceeding to VLAN settings.
Why? Do H265 packets not get along with SMB packets or something? I'm just curious as somebody who's found 99.99% of VLANs to be utter pointless and offer no security benefit...vertical network segmentation doesn't do that. So, please explain technically why H265 traffic might interfere with a file server. If the goal here is security you need to focus on locking those devices off the internet, which is most easily accomplished with a firewall. Creating VLANs and then creating ACL lists to allow devices to talk to your PC defeats the purpose, right? It's like installing a steel security door on your house and putting a 2foot hole in the middle of it. Using a VLAN to segregate types of network traffic went out in 1998 along with NetBEUI. There's no need to do this, but it's still pushed by CISCO heads who need to justify over priced switches and their CCNA. Segmenting devices into traffic types doesn't decrease traffic. It doesn't make NIC cards work better.
LOL, that's about the dumbest thing I've ever heard. EVERYONE (Juniper, Cisco, Arista, Broadcom, Nvidia, etc.) uses VLANs to more easily segment the network and reduce broadcast domains and they are just one of many tools as a means to an end. If you think for a second VLANs are dumb I've got a bridge to nowhere to sell you. A single flat network is the stupid thing to push and there is a reason no SMB, enterprise, or hyperscaler does it. Are VLANs dumb in most home environments? Sure Beyond that? Hell no. Edit: To further clarify, VLANs shouldn't be used to segment traffic types, they are used to segment devices based on what they need access to. If OP is doing it just to segment traffic types, that's not the right approach.
What I meant was mainly for the typical buyer, so I could be more precise about that. Not everyone with networking skills or the ability to categorize things is the same—there’s definitely a role even at home (I have a couple myself), but I’m not the average user and I doubt you are either.