UniFi has different L2 features on the “Flex” vs “Ultra” vs “Lite” switches. What features will I need to accomplish a good home VLAN setup (see details below).
I’m looking to move to Unifi for home networking and intend to VLAN my network. I have a basic understanding of home networking.
My objective is security, keeping the following devices separate and controlling access to each other: work, family, kids, guests, IoT, etc. I want to easily control/govern access to the internet, bandwidth, DNS control (for kids to avoid inappropriate websites), etc.
I need small switches for behind several TVs, but they need at least 8 ports, so its either Ultra or Lite.
I was hoping to set up all my streaming devices on a VLAN separate from the phones we use to control them. That includes Apple TVs and Sonos speakers. My understanding is that this has been problematic in the past, due to Simple Services Discovery Protocol (SSDP)?
If I understand all of it, I’ll need to be able to have broadcast and multicast messages cross VLANS. I believe I will want to create firewall rules to only allow some devices to send and others to receive, all without creating any problems.
I want to confirm which unifi switches will allow me to control those features?
If you really want to avoid issues I recommend putting devices such as phones that control the Sonos & Apple TV’s on the same network. I don’t use either of those devices so I am not sure what protocol or rules they require to work across subnets.
mDNS, SSDP and maybe CoAP and LLMNR send with a hop count so that these datagrams are not being routed. That is why you need a repeater daemon on the router or fiddle with the hop count via firewall rules to be able to route these datagrams across VLANS.
I can confirm that you can effectively distribute these protocols across VLANs in practice. This needs a repeater software and appropriate firewall rules (SOLVED: SONOS across multiple VLANS).
There is nothing that the Unifi switches can do for you with that regard. There are L2 features regarding IGMP, but mDNS and SSDP are designed for local use over multicast and do not need IGMP.