Looking for L3 network switch.

[Sir Asvald]

As mentioned in the title, looking for a for L3 network switch. Only need 8 ports, ideally a managed switch. I've currently got a L2 switch in my lab and I want to redesign my network side. 

 

My budget is £150, any recommendations?

[brwainer]

For that price you're either looking at completely untrustworthy randomly named brands, or a Mikrotik which will technically have L3 features but doesn't do L3 at line rate, or buying used. 

 

What are you intending to set up with a L3 switch? 

[Sir Asvald]

1 minute ago, brwainer said:

For that price you're either looking at completely untrustworthy randomly named brands, or a Mikrotik which will technically have L3 features but doesn't do L3 at line rate, or buying used. 

 

What are you intending to set up with a L3 switch? 

For static routing. I do have pfsense, although it's Virtual, I am having issues with speeds between my lab and my dedicated server. 

 

My internet speeds are 1gb up/down

[brwainer]

Having a L3 switch won’t speed things up unless A) the traffic is going between different VLANs/subnets, and B) the router you have now can’t route (and do whatever else is configured like traffic inspections) at full speed. If you’re already getting 1Gbps speeds (or really anything greater than 850Mbps) then to get faster you need to upgrade your lab, server, and switch to 2.5Gb, 5Gb, or 10Gb.

 

What does your routing topology look like, what router do you have now, and what speeds are you getting? Is your dedicated server and lab in the same building?

[Sir Asvald]

4 hours ago, brwainer said:

Having a L3 switch won’t speed things up unless A) the traffic is going between different VLANs/subnets, and B) the router you have now can’t route (and do whatever else is configured like traffic inspections) at full speed. If you’re already getting 1Gbps speeds (or really anything greater than 850Mbps) then to get faster you need to upgrade your lab, server, and switch to 2.5Gb, 5Gb, or 10Gb.

 

What does your routing topology look like, what router do you have now, and what speeds are you getting? Is your dedicated server and lab in the same building?

I have multiple VLANs and subnets. 

 

I am currently simulating a private network at home. 

 

All my Pfsense are virtualised both sites. Internet is FTTP got a GPO then -> ethernet to the router, which is a Linksys.

 

So I have the following:

 

I am double natting - cant change it. At home.

 

Site A - Subnets: 192.168.1.250/24 (WAN) - LAN 10.1.70.0/24, 10.1.20.0/24. 10.1.182.X which is for IPSec to site B - has a pfsense IPSec s2s to my dedicate server which is not at home and not mine. Also has 10.1.183.X which is for IPSec to the dedicated server

 

Site B - an Edge Router, Core Router & site Router. 

 

Edge Router - has the following - 192.168.1.65/24 (WAN), 172.16.1.1/24 -  10.1.182.X which is for IPSec to site B

 

Core Router  - WAN is 172.16.1.2/24, LAN, is 172.16.2.1

 

Site Router -  WAN is 172.16.2.2/24 LAN is 10.1.6.0/24

 

 

---- not at home ----

Dedicated Server running VMware and have a pfsense VM - has a public IP 102.X.X.X, LAN is 10.1.110.0/24 has a IPSec to Site A 10.1.183.X which is for IPSec

 

 

 

[brwainer]

1 hour ago, Sir Asvald said:

I have multiple VLANs and subnets. 

 

I am currently simulating a private network at home. 

 

All my Pfsense are virtualised both sites. Internet is FTTP got a GPO then -> ethernet to the router, which is a Linksys.

 

So I have the following:

 

I am double natting - cant change it. At home.

 

Site A - Subnets: 192.168.1.250/24 (WAN) - LAN 10.1.70.0/24, 10.1.20.0/24. 10.1.182.X which is for IPSec to site B - has a pfsense IPSec s2s to my dedicate server which is not at home and not mine. Also has 10.1.183.X which is for IPSec to the dedicated server

 

Site B - an Edge Router, Core Router & site Router. 

 

Edge Router - has the following - 192.168.1.65/24 (WAN), 172.16.1.1/24 -  10.1.182.X which is for IPSec to site B

 

Core Router  - WAN is 172.16.1.2/24, LAN, is 172.16.2.1

 

Site Router -  WAN is 172.16.2.2/24 LAN is 10.1.6.0/24

 

 

---- not at home ----

Dedicated Server running VMware and have a pfsense VM - has a public IP 102.X.X.X, LAN is 10.1.110.0/24 has a IPSec to Site A 10.1.183.X which is for IPSec

 

 

 

OK so sounds like you understand routing fairly well…. But I’m not seeing a place whether you’re bottlenecked by an underperforming router that a L3 switch will improve things. But there is also always the learning aspect, that’s what a lab is for. Anyway, as I said before at your budget there aren’t any good options so you’ll have to look at the used market. I don’t know what brands are going to be readily available in the UK, but there’s always Cisco. For something Cisco-Like you could try to find a Dell S4xxx switch like an S4112 or S4128. The homelab scene values Ruckus/Brocade ICX switches, they’re easy to enable L3 on without paying the license fee if the one you get didn’t have it, but they have very different CLI which could be good or bad depending on what you want to focus on learning. HPE/Aruba is another big brand, for them I’d look for a 2930F as a starting point - Aruba is also a rather different CLI but most people pick it up faster than ICX.

[DraconisMaximus]

The price point is going to be your issue. Partly becaure most Layer-3 switches have far more that 8 ports.

As a point of reference, Ubiquiti's "cheapest" Layer-3 Switch is the Pro Max 16 / USW-Pro-Max-16.
It retails for $279.00 / 250.00 €.

It's a great switch, especially if you need PoE, but it'll cost you. Unifi also doesn't always play well with other brands either.

https://store.ui.com/us/en/category/switching-professional-max-xg/products/usw-pro-max-16
https://eu.store.ui.com/eu/en/category/switching-professional-max-xg/products/usw-pro-max-16