In my current upgrading of my local net, and in anticipation of my new ISP business account, which gives me a /28 segment of public IPs (16 adresses, of which 13 useable), I had to get VLAN capable switches to replace the cheapo Netgear Gigabit dumb switches I had. That way I can place my router/firewall anywhere I want without pulling a truckload of cables everywhere. I can also dedicate a public IP to a segment leading directly to a victim machine or virtual machine across a VLAN, for malware studies, and other little experiments.
After a lot of soulsearching and getting up to speed on lightly managed L2 switches, I settled for two HP Procurve 1810G with 24 ports each. I’ll probably get another 1810G 8 port unit, too.
So, I put one in the office and the other in the back room. First and foremost, these little buggers are fan-free. No moving parts. Lifetime warranty, low power (8 W or so). The totally silent part was my absolutely major requirement.
This unit allows setting up using a browser and has trunking, VLANs, measurements and not least, monitoring ports. That is, I can hook into any other port and send that output through a selectable monitoring port. Ideal for sniffing on whatever port you desire.
Another totally unexpected boon was that I was able to read the entire manual and learn it all. This is the first time in maybe ten years I’ve ever been able to learn all the features of a non-trivial piece of equipment. And that feels so good.
Oh, and I discovered that OSX Snow Leopard, both server and client, has a super simple graphic UI for setting up virtual interfaces matching VLANs. All I need now is a router/firewall with a couple of connectors, a number of zones, and ability to match zones to interfaces and VLANs.