Everyone was kind enough to ram my brain chock full of knowledge about switches and I came away feeling like I can explain it to other people. (please don't test me on this, I'll fail)
But now I'm trying to figure out how I want my network to look and so it's best I ask the people smarter than me that actually understand what I'm trying to do.
My house is an average sized, end of terrace in a big city and so while I can get decent Internet speeds, I get lots of WiFi signal congestion with neighbours, buildings, etc.
In my present router, which I really need to replace, I have my NAS and cable box plugged in via Ethernet, everything else is connected via WiFi. That's a bunch of phones, a couple laptops, and a couple Raspberry Pi's (including my one with all my home services, like Home Assistant and my Pi-Hole).
The design I'm cooking up, is that my NAS would be on a virtual LAN with no direct access to the Internet, my Raspberry Pis would have Internet access. I don't need to worry about my smart home devices having Internet access since they're all Zigbee devices. But I plan to switch my cable box to an IPTV box and I'm also wanting to get a video doorbell and security camera for the garden, so that's at least three virtual local area networks. Four if I add a guest network.
My questions are really simple ones and you're probably gonna laugh at how stupid they are… can I do this all with a single switch? Do I need a separate access points for each VLAN or can I have multiple vLANs on a single AP? How many ports should I be looking at on my switch? Would four be enough for my set-up? Also managed is best right?
A cheaper alternative is to skip PoE for now and buy an 8-port managed switch now and a secondary PoE switch in the future if need be.
Draw up some plans beforehand, quick example where I forgot your video doorbell that would be on a separate SSID/VLAN through the APs if it uses WiFi. Which is kind of the point with drawing it up. It helps you find out what you missed.
edit: And that is just an example on how to draw it up. I imagine you want your security camera and doorbell to save video on the NAS, so then their vlan need to be able to communicate with the NAS vlan, as another example of missing stuff in the drawing.
This is such an epic post. I am super grateful. I was definitely thinking about a POE switch because it just makes sense to me that you'd have the network power what it can rather than have to monitor batteries.
Talking of which, I hope we get Power Over Thread coming to Matter 2.0. That would be glorious. It wouldn't even need a lot of power, just enough to keep motion sensors topped up.
Thank you so so much.
Here's my network as an example:
You have four switches?
Yep, it's not as overkill as it first seems.
One managed handles all the VLAN designations and most of the heavy lifting of the network,
One is just a virtual switch in my Proxmox server dealing with the virtual machines and containers.
And then a physical VLAN aware switch at each end of the house for all client devices on multiple VLANS, ie CCTV (no internet), Media VMs on VPN only VLAN, PC, laptop, phones etc on their own, and a management VLAN.
Would you recommend a separate POE switch for the cameras?
Is there anything you would change if you had to start all over again?
My main need of a separate POE is more logistical than networking, it's convenient to power a couple of cameras from a distant switch.
I think if I started over the only things I'd alter would be the number of ports on the main switch. 16 ports at least. I've used all 8 and still have things I would use more for.
Here's a physical diagram (not all clients are shown) that may help some more: