Extending ethernet ports on SBC with a managed switch

Hello,

I had a bunch of SBCs lying around. Most of them have only one ethernet port, which makes it useless to function as a wired router and USB ethernet isn't always the answer.

But their CPU capabilities are much superior compared to routers within the same price range, hyperthreaded multi-core, AES-NI support, this made me wonder if there's any way to extend the ethernet ports.

I looked online and found a wiki on OpenWrt itself, I wanted to know how this network configuration will work with a 100/100Mbps WAN connection.

The main reason for sticking with SBCs is OpenVPN performance, I'll have another VLAN for the VPN connection.

How will the routing performance vary? Wil the addition of more VLANs affect the bandwidth?

I don't want to get those mini-pc from AliExpress with 2-6 ethernet ports, as it will be a waste of money for me, I have better hardware lying around.
If this is a better alternative I'll get the TP-Link switch for $30.

Please share your views, any comments/improvements will be of much help.
Thanks.

I have the same setup at home with one vlan for my lan and a second for guests

No need, the VPN tunnel will use the vlan3 automatically to connect. (if I understood properly you want to make a tunnel over the internet)

Hard to say. Adding more vlans makes the single interface shared, hence all the vlans will compete for the total bandwidth. But since it is gigabit, I doubt you'll have a problem.

what are your using for the main router and the switch?
mind sharing your /etc/config/network?

Carambola2 and TP-link TL-SG108PE

config interface 'guest'
        option proto 'static'
        option ifname 'eth0.2'
        option ipaddr '172.16.0.1'
        option netmask '255.255.255.0'
        option delegate '0'
        option force_link '0'

config interface 'lan'
        option ifname 'eth0'
        option proto 'static'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'
        option dns '192.168.1.2 192.168.1.3'
        option ip6assign '64'
        option ip6ifaceid '::1'
        option force_link '0'

Vlan1 is native, so no tagging needed.

Unless it uses the kind of architecture that the Raspberry Pi series does, where the throughput is limited by USB 2 (as I recall) connection of the on-board Ethernet chip, even if it is a GigE chip.

https://www.jeffgeerling.com/blogs/jeff-geerling/getting-gigabit-networking

https://www.pidramble.com/wiki/benchmarks/networking

This would be an excellent architecture for that network. Look out for what @jeff said, the RPi series have a poor choice of bus architecture, if you've got an SBC with a gigabit port that can actually pass a gigabit or close between the CPU and the port that's a good idea (like an ODROID or some such thing). I'm working on an espressobin as a hot-spare router at the moment, my network is gigabit so it's a bit too fast to make the espressobin a primary router, but when my primary PC based router goes down like in a power outage or because I'm stupid and screwed up the config etc, I'd still like to have several hours of internet at several hundred Mbps. I figure I can probably do about 200-300Mbps with shaping on the espressobin.

I am not quite a fan of Raspberry Pi, they cost a bit more here $50 for the 3B+, I have the 2 and the 3B with the 100M port, definitely not a good choice.

Orange Pi/Banana Pi are my best alternatives, and most of the boards have native Gigabit ports.

The ODROID doesn't support OpenWrt yet. There's a board on AliExpress from OrangePi,

link: http://www.orangepi.org/OrangePiZeroPlus/
openwrt: https://openwrt.org/toh/hwdata/xunlong/xunlong_orange_pi_zero_plus

with a gigabit ethernet port for $15.

That's' it. I'm getting myself the TP-Link switch.

I have the TP-Link C1200, Netgear R6220, two WR841v11s, and an ADSL wifi router. I don't know what purpose they will serve now. The C1200 alone will cover the wireless in my home.