Skip to content

Club Network Architecture: VLAN, Switch, NAS

Published: · IZI Team

Club Network Architecture: VLAN, Switch, NAS

Section titled “Club Network Architecture: VLAN, Switch, NAS”

A proper club network is not just “plug in the cables.” Three tasks need attention: isolate gaming traffic from guest Wi-Fi (otherwise guests on phones load the channel for players), ensure fast PC recovery via NAS (without it, each image reset means hours of downtime), and give cash registers stable CRM access independent of hall load.

This page is an architectural reference. Basic channel and hardware requirements are in IZI System Requirements, and minimal network setup is in Club Network: How to Configure for IZI.

It makes sense to build a club network in three layers:

Internet
Router (gateway, NAT, firewall, DHCP)
Managed switch (VLAN, QoS, trunk ports)
├── VLAN 10: hall gaming PCs
├── VLAN 20: cash registers and administration
├── VLAN 30: guest Wi-Fi
└── VLAN 40: NAS and server equipment

For small clubs (up to 15 PCs), a simplified scheme without a managed switch is sufficient — a router with guest Wi-Fi isolation support and an unmanaged Gigabit switch for the hall.

VLAN (Virtual Local Area Network) — logical separation of one physical network into multiple isolated segments. Devices in different VLANs cannot see each other directly; traffic between them only passes through the router.

VLANPurposeDevicesInternet Access
VLAN 10Gaming zoneHall gaming PCsFull
VLAN 20ManagementCash registers, admin PC, NASFull (restricted for NAS)
VLAN 30Guest Wi-FiClient phones and laptopsWith bandwidth limit
VLAN 40Payment terminalsPOS terminals, card processingHTTPS to payment gateways only

Minimum isolation without VLAN: a separate SSID for guests with “Client Isolation” on the access point. This prevents guests from accessing gaming PCs but doesn’t provide bandwidth control.

Conceptual order of steps (specific steps depend on switch manufacturer):

  1. Create VLANs in the switch console with the required IDs (10, 20, 30, 40).
  2. Assign ports: the router connection port — trunk (passes all VLANs with tags), gaming PC ports — access VLAN 10, cash register ports — access VLAN 20.
  3. On the router, create sub-interfaces for each VLAN with a separate subnet and DHCP.
  4. Configure inter-VLAN routing rules: gaming PCs should not access the cash register VLAN or payment VLAN.
Club ScaleSwitch TypeWhat to Look For
Up to 15 PCsUnmanaged Gigabit (8–16 ports)All ports Gigabit, metal chassis
15–40 PCsManaged L2 (24–48 ports)802.1Q VLAN support, QoS, PoE if needed
40+ PCsManaged L2/L3 (48+ ports)VLAN, QoS, Link Aggregation (LAG), redundant power

Key considerations:

  • All ports Gigabit — not just uplink. Full speed on every port is needed for IZI Boot and image restores.
  • PoE (Power over Ethernet) — convenient if using IP cameras or Wi-Fi access points without separate power.
  • Port count with margin — when the hall expands, you won’t need to replace the switch. For 20 PCs, get a 24–26-port model.
  • Passive vs Active cooling — important for server rack or enclosed cabinet. In open shelves — less critical.

IZI Boot deploys a reference disk image to PCs over the network. Deployment speed directly depends on where the image is stored.

Image StorageRecovery Speed (50 GB image)External Channel Load
NAS on local network (Gigabit)15–30 minutesNone
PC with SMB folder (Gigabit)20–40 minutesNone
Cloud (100 Mbps connection)1–2 hoursFull
  • Network: Gigabit Ethernet (1 Gbps) — mandatory. 100 Mbps multiplies recovery time by 3–5×.
  • Share protocol: SMB/CIFS (Windows-compatible) or NFS. IZI Boot supports both.
  • Capacity: image size × number of versions + 20% buffer.
  • Reliability: RAID 1 (mirroring) is desirable with a two-disk NAS. Not required for small clubs — the image can be recreated.

NAS Doesn’t Have to Be an Expensive Device

Section titled “NAS Doesn’t Have to Be an Expensive Device”

For a small club, the NAS role can be filled by:

  • An old PC with a hard drive and SMB enabled (Windows shared folder)
  • A Raspberry Pi 4 with a USB drive and Samba
  • Any device with Gigabit Ethernet and an SMB server

What matters: Gigabit Ethernet interface and stable operation without reboots.

The NAS should be connected to the same VLAN or segment as the gaming PCs (VLAN 10 or VLAN 20 if management and gaming PCs are in the same segment). This ensures direct Gigabit connectivity without routing through the gateway.

QoS (Quality of Service) allows guaranteeing bandwidth for critical traffic at the expense of less critical traffic.

Two scenarios are relevant for a club:

Guest Wi-Fi vs gaming PCs. Without QoS, a guest watching 4K video on their phone competes with gaming traffic. With QoS — gaming PCs get priority, guest Wi-Fi gets the remainder.

Patch day. When Steam starts updating games on all PCs simultaneously — channel load can hit the ceiling. QoS allows limiting bandwidth for Steam downloads, leaving the remainder for active session gaming traffic.

Basic QoS setup: on the router, set a rule giving priority to traffic from VLAN 10 (gaming PCs) over VLAN 30 (guest Wi-Fi) when the channel is loaded.

Formula for gaming traffic:

Required bandwidth = N × 10 Mbps × 1.5

Where N is the number of simultaneously active gaming seats, 1.5 is the buffer for peak loads.

Guest Wi-Fi is calculated separately: allow 5–10 Mbps per user and limit via QoS or access point settings.

ConfigurationCalculationRecommended Channel
10 gaming PCs + 20 guest Wi-Fi10×10×1.5 + 20×5 = 250 Mbps300 Mbps
30 gaming PCs + 50 guest Wi-Fi30×10×1.5 + 50×5 = 700 Mbps750–1000 Mbps
50 gaming PCs + 100 guest Wi-Fi50×10×1.5 + 100×5 = 1250 Mbps1.5 Gbps

Common Mistakes When Building a Club Network

Section titled “Common Mistakes When Building a Club Network”
MistakeConsequenceSolution
Wi-Fi for gaming PCsUnstable ping, packet lossWired Ethernet to every PC
Single segment for all devicesGuest traffic interferes with gamingIsolation via VLAN or separate router port
Dynamic IPs on gaming PCsIZI client may not come up after resetDHCP reservation or static IP
Image on cloud without NASHours of downtime during recoveryNAS on the local network
100 Mbps switchBottleneck during image restoresGigabit on all ports

Frequently asked questions

Is a managed switch required?

For clubs up to 15–20 PCs without complex segmentation — an unmanaged Gigabit switch is sufficient. A managed switch is needed when: you want to isolate a guest network via VLAN, need QoS for gaming traffic prioritization, or have multiple zones with different policies.

What is a VLAN and why does a club need one?

VLAN (Virtual Local Area Network) — a virtual isolated network within a single physical switch. In a club, VLAN separates traffic: gaming PCs on one segment, guest Wi-Fi on another, cash registers on a third. Traffic between segments only flows through the router, providing isolation and bandwidth control.

Is a NAS needed if I only have 5 PCs?

Not necessarily. With 5 PCs you can store the IZI Boot image on one PC with a shared SMB folder. A NAS justifies itself at 10+ machines: parallel restoration of multiple PCs, reliability, storage separate from gaming PCs.

How much disk space is needed on the NAS?

A typical image is 30–80 GB. To store two versions of an image for one configuration type and zone, allow 2–3× the image size plus a 20% buffer. Example: two images at 50 GB = 100 GB + 20 GB buffer = minimum 120 GB free space.

Can Wi-Fi be used for gaming PCs?

Not recommended. Wi-Fi in a dense environment (many devices, metal PC cases, walls) is unstable: latency spikes, packet loss. For gaming PCs — wired Gigabit Ethernet only. Wi-Fi is only for the guest zone for clients with phones.

Is a dedicated server needed for DHCP and DNS in a club?

No. For most clubs, the DHCP and DNS built into the router is sufficient. A dedicated server is justified at 50+ PCs or in a multi-club network with centralized management.

How to protect the payment terminal from the gaming network?

The payment terminal should be placed in a separate VLAN along with cash register stations. Internet access — only on necessary ports (HTTPS to the payment gateway). Gaming PCs should have no access to this segment.