Computers & Electronics

Managed switches that allow you to group by mac address or ip address of device and not port #

  • Last Updated:
  • Sep 1st, 2020 5:56 pm
[OP]
Sr. Member
Aug 19, 2012
911 posts
136 upvotes

Managed switches that allow you to group by mac address or ip address of device and not port #

I have ethernet ports in each room in my house which are used to connect routers, switches, and devices. I have a closet which basically serves as a "server room" where I have a router connected to an unmanaged switch which provides connections to each room. I want to upgrade to a managed switch so I can create multiple networks. I can't create different network groups based on ports because 1 port may have X number of devices connected to it by another switch or router. Are there any switches out there that allow you to group by the IP address or MAC address of each device connected to the network? Is there a name for this feature I can search for?

I want four separate networks for my devices, iot devices, guest network, and ip camera network.

I'm new to networking, is what I'm trying to do create multiple VLANs?
Last edited by derrickrose on Aug 29th, 2020 3:53 pm, edited 1 time in total.
12 replies
Sr. Member
Nov 6, 2014
675 posts
1009 upvotes
Woodbridge, ON
Why do you need to do this? Why not just put them on different subnets and route between them if you need to.
[OP]
Sr. Member
Aug 19, 2012
911 posts
136 upvotes
fordmaple wrote: Why do you need to do this? Why not just put them on different subnets and route between them if you need to.
Because I want four separate networks for ip cameras, iot devices, my devices, and a guest network. I also want to throttle bandwidth to two of the networks.
Sr. Member
Nov 6, 2014
675 posts
1009 upvotes
Woodbridge, ON
You'll need at the very least a managed switch that supports VLANs and QOS.
[OP]
Sr. Member
Aug 19, 2012
911 posts
136 upvotes
fordmaple wrote: You'll need at the very least a managed switch that supports VLANs and QOS.
Thanks, I'm looking for specific product recommendations. Not all switches that support VLAN allow you to group by the devices mac address or ip address. I bought and returned a Netgear GSE108 that only supports VLAN grouping by port
Deal Addict
User avatar
Oct 19, 2007
1268 posts
277 upvotes
45.467253°N, 75.5123…
derrickrose wrote: I have ethernet ports in each room in my house which are used to connect routers, switches, and devices. I have a closet which basically serves as a "server room" where I have a router connected to an unmanaged switch which provides connections to each room. I want to upgrade to a managed switch so I can create multiple networks. I can't create different network groups based on ports because 1 port may have X number of devices connected to it by another switch or router. Are there any switches out there that allow you to group by the IP address or MAC address of each device connected to the network? Is there a name for this feature I can search for?

I want four separate networks for my devices, iot devices, guest network, and ip camera network.

I'm new to networking, is what I'm trying to do create multiple VLANs?

I don't think you need to group by IP or MAC... Once you connect the main switch (managed) to another managed switch that has devices assigned to VLANs by port #, this connection becomes a "trunk" which can carry multiple VLANs

In other words you create the device assignment to the VLAN at the farthest point from your main switch, and then treat all uplink connections to the main switch as "trunks" - your VLANs will happily coexist within the trunks. Of course you'll have to configure the main switch to treat incoming links as "trunks", make the link to the router a trunk too with all VLANs attached to it
[OP]
Sr. Member
Aug 19, 2012
911 posts
136 upvotes
wally_walrus wrote: I don't think you need to group by IP or MAC... Once you connect the main switch (managed) to another managed switch that has devices assigned to VLANs by port #, this connection becomes a "trunk" which can carry multiple VLANs

In other words you create the device assignment to the VLAN at the farthest point from your main switch, and then treat all uplink connections to the main switch as "trunks" - your VLANs will happily coexist within the trunks. Of course you'll have to configure the main switch to treat incoming links as "trunks", make the link to the router a trunk too with all VLANs attached to it
I've thought about that and I would have to buy multiple managed switches and configure them all instead of buying one central switch
Deal Addict
Jun 8, 2004
1479 posts
397 upvotes
Oakville
You need all switches to support vlans. All devices on the same dumb switch can still talk to each and a central managed switch won't stop that unless all drives on the dumb are going to be part of just one vlan which is unlikely.

As others have said you just need to define the end port with the correct vlan and use tagged trunks between managed switches to separate and isolate your 4 networks.
Deal Expert
Aug 22, 2011
34505 posts
20540 upvotes
Center of Universe
IIRC, Cisco's managed meraki switches can support what you want to achieve, albeit $$$.
Deal Expert
Aug 22, 2006
27311 posts
12975 upvotes
derrickrose wrote: Netgear GSE108 that only supports VLAN grouping by port
GS108E supports 802.1Q aka tagging just fine, albeit only 32, but this is probably fine for home users.

Source: Docs and the fact that I have a half dozen of them.

The better question is how much money you want to throw at the problem. An 8 port GS108E is like $50 on sale and $80 regularly making it $6-10/port.
You're not going to find a MAC based system for any less than that.

The only downside is that if you have more than one device per ethernet port you'll a switch at each port, but it sounds like you're doing this already.
Tagging traffic at each remote switch then dealing with it in your server room is the easier way of doing things.

Technically speaking subnets would be an easier way of doing things, but if you want a segregated network this isn't a solution.
802.1Q is gonna be the easiest, cheapest, and most universal way of doing things.
[OP]
Sr. Member
Aug 19, 2012
911 posts
136 upvotes
death_hawk wrote: GS108E supports 802.1Q aka tagging just fine, albeit only 32, but this is probably fine for home users.

Source: Docs and the fact that I have a half dozen of them.

The better question is how much money you want to throw at the problem. An 8 port GS108E is like $50 on sale and $80 regularly making it $6-10/port.
You're not going to find a MAC based system for any less than that.

The only downside is that if you have more than one device per ethernet port you'll a switch at each port, but it sounds like you're doing this already.
Tagging traffic at each remote switch then dealing with it in your server room is the easier way of doing things.

Technically speaking subnets would be an easier way of doing things, but if you want a segregated network this isn't a solution.
802.1Q is gonna be the easiest, cheapest, and most universal way of doing things.
Thanks. I wouldn't mind spending ~$300 as long as it can do everything I require.
The only downside is that if you have more than one device per ethernet port you'll a switch at each port


I do have more than one device per ethernet port. For example server room router ==> family room ==> unmanaged switch ==> tv, xbox, apple tv, etc. Do you mean I will need a switch per port on the remote switch?

The GS108E only allows me to do it by port I dont see any options to do it by mac address of device even under the 802.1Q settings
Deal Expert
Aug 22, 2006
27311 posts
12975 upvotes
derrickrose wrote:

I do have more than one device per ethernet port. For example server room router ==> family room ==> unmanaged switch ==> tv, xbox, apple tv, etc. Do you mean I will need a switch per port on the remote switch?
Assuming GS108E, you'd drop in replace your family room switch with a GS108E.
Anything connected to each port will be tagged by the switch for your other managed switch (maybe another GS108E or a GS116E depending on number of runs you have) to deal with.
This is only true if you want things on a separate VLAN. If for example, your entire family room can sit on one network, an unmanaged switch will do just fine.
Your managed switch in the server room will take the "untagged" traffic from your unmanaged and stick it on whatever VLAN you want. But you won't be able to separate out any devices on this branch.

The GS108E only allows me to do it by port I dont see any options to do it by mac address of device even under the 802.1Q settings
That's because it can't. Your options are by port or by 802.1Q.
There's very few reasons to ever do it by MAC or by IP which is why you're having difficulty finding what you need.

802.1Q was literally designed for your use case. If anything it's actually better because any VLAN aware devices can set their own tags.

Top