Comment on Basic networking/subnetting question.
non_burglar@lemmy.world 1 day agoen.m.wikipedia.org/wiki/IEEE_802.1X
802.1x are a set of protocols that allow port access to be locked to specific devices, which would preclude your need for multiple subnets. You would likely need a few extra physical ports on your white box router, the unmanaged switch could later become overwhelmed passing traffic in a more complicated setup, and you would still need to keep trusted and untrusted traffic separate at the gateway subnet.
Your use case is exactly why vlans were invented.
However, I suspect from your other answers that you are actually looking for an open source managed switch so your entire networking stack is auditable.
There are a few solutions like opx, but hardware supporting opx is prohibitively expensive and it is almost always cheaper to build a beige box and use Linux or get a 2nd hand supported device and use openwrt.
marauding_gibberish142@lemmy.dbzer0.com 1 day ago
Ah, is that something like sticky ports?
Indeed, I would like to run a switch with a FOSS OS, and I don’t see any viable way of doing that. Unfortunate, but whitebox router + switch it is then
non_burglar@lemmy.world 1 day ago
The effect is similar to sticky ports, but sticky ports is just filtering based on Mac address, which can be spoofed.
802.11x allows traffic from a device only if they also have the correct EAP certificate.
marauding_gibberish142@lemmy.dbzer0.com 1 day ago
I see. I didn’t know about this. I have saved your comment, I’ll come back to this in a bit