AMD X570 Chipset Blockdiagram Surfaces - Specs - PCIe 4.0 All The Way!

Joust said:
Man, you're describing a very complex home network. Some people use setups like this. Others say screw it, it's not worth all the hassle.
Click to expand...

Hell, I'm one of those 'others' now, but I also haven't yet infected my dwelling with a plethora of IoT. The thought chain, though, starts with basic security principles, and attempting to apply them to dozens of devices (and software!) that are themselves inherently insecure.

Smart homes and IoT are a security professional's nightmare :D
 
I like how this thread has progressed from X570 to PCI-E 5 to networking. Reminds me I need to get my ass in gear and get my CCNA :D
 
Joust said:
2.5 and 5gb in enterprise deployment? I'd disagree. Much more likely to have multiple 10- and 20-gig deployments using infiniband or similar.

10gig network is my desired next stop. I saturate my 1gig network at home with ease. I think I'll investigate lacp before taking the plunge, though, due to the switching cost.
Click to expand...
You can pick up 4 port 10Gbit switch (mikrotik) for $150. Not all that bad.
 
IdiotInCharge said:
It's 'cheap enough' for the motherboards, but switches are still at a huge premium over 1Gbit and generally CAT6 is needed over CAT5e, and CAT6a is needed for longer distance runs.

That, and there's very little real utility for 10Gbit outside of servers.
Click to expand...

Cat5e will do 10gb to 45m (cat6 does 55m); which is more than enough for home use. Cat 6A is only really needed for max length runs.
 
Zarathustra[H] said:
My recently acquired Aruba S2500-48T has Layer 3 capability, but I have no idea what I'd actually use it for in a home environment. Connecting various VLAN's with restricted access?
Click to expand...

I've had a guest wifi vlan on my DD-WRT setup for years. Lets me segregate untrusted devices from the rest of my network, and give visitors a more reasonable password than the 128 bits of diceword entropy I rolled for my main network.
 
DanNeely said:
Cat5e will do 10gb to 45m (cat6 does 55m); which is more than enough for home use. Cat 6A is only really needed for max length runs.
Click to expand...

Would you happen to have a reference? I've only ever seen 10Gbase-T spec'd to work over CAT6, and heard of it working over very short CAT5e runs.
 
DanNeely said:
I've had a guest wifi vlan on my DD-WRT setup for years. Lets me segregate untrusted devices from the rest of my network, and give visitors a more reasonable password than the 128 bits of diceword entropy I rolled for my main network.
Click to expand...

In theory, you'd want your less secure guest network dedicated to guests. Really don't wany weak access control for IoT devices such that they can spy on guests or vice versa. Further, you want different edge and local service access levels for IoT and for guests. In theory.
 
IdiotInCharge said:
Would you happen to have a reference? I've only ever seen 10Gbase-T spec'd to work over CAT6, and heard of it working over very short CAT5e runs.
Click to expand...

I've heard of folks here running moderate lengths of Cat5e at 10gps without loss or corruption. No source. I ran CAT6 in my house.
 
DanNeely said:
Cat5e will do 10gb to 45m (cat6 does 55m); which is more than enough for home use. Cat 6A is only really needed for max length runs.
Click to expand...
IdiotInCharge said:
Would you happen to have a reference? I've only ever seen 10Gbase-T spec'd to work over CAT6, and heard of it working over very short CAT5e runs.
Click to expand...
Joust said:
I've heard of folks here running moderate lengths of Cat5e at 10gps without loss or corruption. No source. I ran CAT6 in my house.
Click to expand...

My understanding is that the 10GBaseT standard does not mention Cat5e at all. It may work over short runs, but not officially. Devices I have used include specs for Cat 6 and Cat 6a (and even Cat 7) but I have never seen an official claim to Cat5e.

That doesn't mean it won't work over short runs, but it is one of those YMMV type of things, not guaranteed by the manufacturer.
 
IdiotInCharge said:
Well, theoretically, in an IoT-infested environment with both untrusted users (family members and guests) and provision for 'guest' internet access while providing significant local network services (NAS, steaming, surveilance hub, automation), you'd want something along the lines of seven or eight vlan / subnet pairs each with different levels of access to various services.

I'm still trying to really wrap my head around this as it's just one of the projects I work on at home, but it's also something that I expect consumer-oriented manufacturers to really start approaching and tackling.
Click to expand...

IdiotInCharge said:
Hell, I'm one of those 'others' now, but I also haven't yet infected my dwelling with a plethora of IoT. The thought chain, though, starts with basic security principles, and attempting to apply them to dozens of devices (and software!) that are themselves inherently insecure.

Smart homes and IoT are a security professional's nightmare :D
Click to expand...

DanNeely said:
I've had a guest wifi vlan on my DD-WRT setup for years. Lets me segregate untrusted devices from the rest of my network, and give visitors a more reasonable password than the 128 bits of diceword entropy I rolled for my main network.
Click to expand...

So, I personally try to avoid IoT, but I didn't have religion about this years ago when they were just coming on the market. It's been a stance I have taken over time.

While I don't have a TON of IoT, I have a few items. Two Nest Thermostats, a Chromecast Audio, a Denon HT Receiver and two Smart TV's.

The Smart TV's remain unplugged and disconnected from any network on principle. I would have preferred to buy just a high end screen without any smart capability, but apparently they don't sell those anymore. I have custom built HTPC Kodi boxes delivering all the content to my TV's.

The problem is, this gets complicated in a hurry.

The Nest Thermostats utilize the network to help determine when I am home so if they don't see mine or my fiance's mobile device on the local network, and none of us walk in front of the motion sensors for a while, it may incorrectly assume we are not home and put the thermostats in away mode, which would be a bummer.

I guess I could use some special layer 3 routing and firewall rules to just let them see what they need and nothing else, but the detailed design of their network communication architecture is not available, so I'm not quite sure what they need in order to function right, so I'm left with, separate them from the main network and lose some functionality or leave them as is.

The Chromecast audio and Denon HT receiver are similar. If I want to stream music to them from my phone, my phone needs to either be on the same subnet, or be routed to it. What rules would I use to both make sure my devices can reach them, and it can't reach the broader network at the same time? Complicated.

I have considered using a separate VLAN for guest WiFi access. My Unifi AP's certainly support this, but honestly, I rarely have guests these days, and often guests are my step sons friends who want to connect their mobile devices and play games with eachother, requiring them to be on the same network for many titles. (though there is less of this these days with cloud based official game servers, so maybe it's a moot point) At this point I just don't have a guest WiFi access set up.

I'm not sure if its worth isolating my regular home WiFi from my wired home LAN. Or my Servers on a separate subnet/VLAN. Same problem exists. I control many of the VM's on my servers from my phone. Clients on my LAN also need to access the servers regularly.

I mean, most of this can be solved with clever routing and firewalling, but with every exception and routing you put in place you incrementally weaken the value of the separate subnets/VLAN's.

I feel like I could spend a lifetime configuring this shit, need to set static IP controls for lots of stuff in order to limit it down as much as possible, and still not gain my by doing so. I'd also imagine it being a constant maintenance nightmare.
 
Last edited:
Stay on topic, please. Networking and Cat5e posts go over in the Networking & Security forum.
 
As an eBay Associate, HardForum may earn from qualifying purchases.
As an eBay Associate, HardForum may earn from qualifying purchases.
Joust said:
I got a Dell 24-port for like $25. I dont even know how they shipped it for that.
Click to expand...

I really don't either - they probably bought all this crap by weight and delivered on the back of a semi truck so getting rid of this may just be gravy - even if it's $5 that they make.
 
Zarathustra[H] said:
I wonder what the point of this switch is. What can you possibly accomplish with only four ports?
Click to expand...

With Mikrotik- it's a lot of niche use cases. Their product lineup is pretty wild, if you have time for a tangent to look into it. For a commercial application I don't really know what the switch would be good for, but for home and SMB, it could fill the 'top of rack' distribution switch role for hooking up a few access switches and perhaps some form of NAS.

Of course, it's a hard sell for us / me as their interfaces are quirky as hell vs. say the Arubas that more or less are a blend of Cisco and Linux.
 
Zarathustra[H] said:
You'd need PCIe Bifurcation support for that. It doesn't exist on older boards, and even on newer boards it's usually an undocumented hit or miss feature (like ECC or VT-d on Intel boards)

You can still do it, but you need an active adapter with a PLX or similar chip on it. Most of these are expensive ($400-$500) but in another thread I was recently discussing this in Thevoid230 suggested this Addonics board which is only $155. The specs say nothing g about which switching chip it uses (but there is clearly something hiding under that heatsink. No idea of it is any good.
Click to expand...

If anyone is curious, I contacted Addonics to ask them to confirm that it has a PCIe Switching chip, and what chip it used.

The answer I got was:

"This controller does have a PCIe switching chip on board. We do not know what chip it uses."

A little odd that they don't know what chip their own product uses, but at $150, it is so much cheaper than the PLX boards, that I'd give it a chance.
 
You must log in or register to reply here.
Back
Top