Managed switches are fantastic devices with a wealth of features to enhance your local area network (LAN). Most people can get by with a simple unmanaged switch, which handles traffic routing and that's about it. But if you wish to take your network game to the next level, a managed switch can bring with it virtual LAN (VLAN) support, which allows you to segment your network and keep various clients separate. This can be especially handy with a smart home and/or home lab.

As well as VLANs, which usually get all the attention, there are some other advanced features I always enable and configure on my managed switches.

Quality of Service

Creating priority queues

First up is Quality of Service (QoS). We're often sharing the same network connection as a few other people and devices, which can cause bottlenecks as the local hardware and your ISP's uplink attempt to handle the load. One way to ensure the right devices have the best connections is to set up QoS for specific IPs on the network. QoS manages and optimizes network traffic across the network so essential apps, games, and services are prioritized over other forms of traffic.

So long as your router or switch supports this feature, you should be able to create rules for QoS, though not everyone would technically need this feature to be enabled. Once your LAN (and Internet connection) surpasses 1Gb, you shouldn't encounter any issues that QoS can solve, unless you frequently move across heavier files. It's generally good practice to have it configured, especially if you foresee periods when the house becomes busier with network traffic.

Link Aggregation

Two for the price of one!

Link aggregation has been thrown around the networking and network-attached storage (NAS) worlds, but is it actually worth the trouble? That all depends on how you use your network and what will be transferred between devices. By enabling this feature on your managed switch, you can combine multiple Ethernet ports into a single logical link to increase bandwidth and provide a level of redundancy. It doesn't necessarily double your transfer rates, but it can help boost performance for high-volume data transfers.

There's also a lower probability that any additional connections to and from your NAS (or some other device) will slow down due to existing transfers taking place, allowing the network and hardware connected to it to handle more requests. That redundancy also means you won't lose connectivity should one link fail, which can be handy if you absolutely must have 100% uptime. I usually activate this feature between switches (when not using fibre links), NAS, and servers

Access Control Lists

Create a VIP list

 
Credit:  

An Access Control List (ACL) is precisely as the name implies. It acts as a means to control access through creating lists of MAC addresses that can either be allowed or blocked, depending on what your switch supports and how you'd prefer to manage access on the LAN. If a device connects to the LAN and the MAC address has been flagged as one to block, the switch will disallow any traffic from the blocked hardware. This can be especially useful if you have a separate guest VLAN.

I prefer to use a granted ACL where I have to manually approve all hardware connecting to the LAN, unless routing through the guest Wi-Fi VLAN. We don't often change hardware frequently, and it takes a few seconds to either change a MAC address listing or add a new rule on the switch itself. Switch ACLs can work in tandem with firewall rules to isolate specific parts of the network and provide greater means of control over what can go where.

Spanning Tree Protocol

Avoid creating a loop

Spanning Tree Protocol (STP) is only required if you have multiple switches on the network to prevent network loops with redundant links. This can occur when using more than a single switch and having each switch connect to another, not providing a clear root bridge. It's something I used to have running on switches, which was largely down to how the three-story townhouse was set up for cabling to be routed (without going through walls).

Since moving home and opting to use a single fibre link from a lead switch to other secondary switches, I've not needed to activate STP, but it's always something to bear in mind when expanding your network or reworking how everything is interconnected.

IGMP Snooping

Make your switch even smarter

Internet Group Management Protocol (IGMP) snooping allows the network switch to identify multicast groups through listening to network traffic. These groups consist of computers or devices that all receive the same network traffic. It enables switches to forward packets to the correct devices in their network instead of sending packets everywhere. This can help optimize bandwidth on the network by directing multicast traffic to where it needs to go, improving performance.

IGMP snoopping is particularly useful on networks where video streaming, online gaming, and video calls take place. Should you encounter bandwidth or speed issues with these tasks active on the network, activating IGMP on your managed switch could provide much-needed relief.

Not everyone needs a managed switch

Managed switches are great for playing around with, activating advanced features, and building out a powerful home network, but they're not for everyone. Unmanaged switches are usually good enough for most homes, but if you plan to move into the world of NAS, smart home tech, self-hosting, and the IoT, a managed switch can go a long way, especially with PoE and other handy features.