I have tested raspberry pi 5 with usb to Ethernet adapter (which is set as wan port with PPoE) and tested speed. I get ISP promised 400Mbps upload and download.
I saw some video in internet that, if you have a managed switch, you can use one of the port in the switch for WAN and no need to have a usb to ethernet adapter in Pi.
Is above doable easy?
Any instructions I can read about it?
Technically, this approach should have a better wan port than usb to Ethernet right?
Thanks.
yes if the switch is hardened for the internet such as a Mikrotik switch running routerOS or openwrt. Using just any LAN managed switch and exposing it to the internet is not advisable.
The switch I have is Planet GS-4210-8P2T2S
Will this be an appropriate one?
No. These switches are designed to be exposed to the internet.
Thank you. So I believe sticking with usb to ethernet adapter on Pi as WAN port is the best option
I also have an Aruba AP-303H access point, which also have 4 ethernet ports on it. I believe that support VLANs as well.
Will that be a good option for this purpose?
running stock firmware no. But if you flash it with openwrt then you could have it setup as a router for your internet.
Can you please elaborate the hardened part and its connection to specific firmware?
There are two major issues that you might find on some managed switches:
during boot-up of the switch, it is possible that all ports will be assigned the same VLAN, basically as if it was just an unmanaged switch. Once the system is booted, it will apply the VLAN configuration to the ports as is expected. This 'unmanaged' boot-up is not common on switches, but may still happen in some low end models (it is also seen in a few all-in-one wifi routers where the wan port is part of the same switch as the lan).
Some low end switches such as the TP-Link TL-SG1xxE series does not have a way to specify the management VLAN. This means that the switch can and will take an address from any DHCP server (including that of an ISP if wan exposed) when in DHCP client mode. Further, the switch's management interface is reachable from any VLAN which drastically reduces the security posture of the device.
While what you want to do is possible, and it is a valuable approach in some specific situations (such as when there are cabling limitations and the like), I think you're best served by continuing to use the USB ethernet adapter you already have.
You know it'll max out at around 3MB/s doing routing, right ?
I think the OP is not looking to route on the managed switch, but rather use it to setup VLANs so that the wan and lan can traverse the same physical link on the router.
Hopefully, since the Planet doesn't seem to be supported... 
If you are comfortable with vlans yes.
https://openwrt.org/docs/guide-user/network/vlan/switch_configuration
If you're not using a bridge you just define for example eth0.3 and eth0.4 on the raspi as wan and lan.
Then you also have to do the switch config which I can't help you with.
But the TL;DR is you put wan as an ingress port. tagged/untagged/whatever your ISP needs.
It depends on the reliability of your USB to ethernet adapter. As long as you're using USB3 it should be fine?
I'd rather independent interfaces unless you have rate limiting per vlan on your switch.
400mbps times two is under 1gb, but it's pushing it as it's "router on a stick".
Plus you also have the issue of more things in the way, long switch boot time. A switch failure or reboot also takes out your internet connection. Hard for remote maintenance unless you also have an OOB network.