Hacker News new | past | comments | ask | show | jobs | submit login


A dedicated offline switch is so much simpler than VLANs, both to configure, use and understand.

I'd use the same software stack on either a linux machine that's on that LAN, or just use a raspberry pi. I'd basically run the entire network part with dnsmasq.. You don't need anything else for DHCP and DNS. You don't even need to mess with iptables since you don't want packets leaving that LAN.

If you use VLANs in the simplest form, it shouldn't be too hard to configure. Basically, this means: 1) each port is only on a single VLAN 2) no tagging, all ports are in access mode 3) no trunking 4) no layer 3 / routing between VLANs on the switch

If someone else is runnignthe physical wires and plugging them in, then VLANs and managed switches are a godsend; I'm sure.

If you're running the wires (and how many wires are we talking here? 24 or less i bet) ... then the simplicity is worth much more IMO.

True! Networking is fun to play with and learn about though.

Indeed.. Having a box that I know is the offline LAN is just mentally simpler for me, and it does not hurt that dumb access switches are dirt cheap.

Applications are open for YC Winter 2023

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact