• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Model decisions, is the Netgate 2100 the right choice?

Scheduled Pinned Locked Moved Hardware
14 Posts 4 Posters 1.9k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • C
    CreationGuy @stephenw10
    last edited by CreationGuy Sep 29, 2021, 5:56 PM Sep 29, 2021, 5:52 PM

    @stephenw10
    When you say pulling data, do you mean any kind such as video files or streaming of a video feed? And if so, is that because of certain packages I listed or just due to the switch?

    edit:
    Also, what about traffic on the same VLAN? 1Gb?

    1 Reply Last reply Reply Quote 0
    • S
      stephenw10 Netgate Administrator
      last edited by Sep 30, 2021, 11:47 AM

      Any traffic between VLANs has to be routed through pfSense and that means you can filter it. But it also means you have to route and filter it. The 2100 will not pass that at Gigabit line rate. I would expect to see at least 500Mbps though depending on the traffic type. If you are regularly moving huge files between those VLANs that might present an issue for you.
      Traffic between devices in the same VLAN does not go through the firewall so never sees that restriction.

      Steve

      C 1 Reply Last reply Sep 30, 2021, 1:00 PM Reply Quote 0
      • C
        CreationGuy @stephenw10
        last edited by Sep 30, 2021, 1:00 PM

        @stephenw10 said in Model decisions, is the Netgate 2100 the right choice?:

        Any traffic between VLANs has to be routed through pfSense and that means you can filter it. But it also means you have to route and filter it. The 2100 will not pass that at Gigabit line rate. I would expect to see at least 500Mbps though depending on the traffic type. If you are regularly moving huge files between those VLANs that might present an issue for you.
        Traffic between devices in the same VLAN does not go through the firewall so never sees that restriction.

        Steve

        OK, that's because of the routing rules? The VLANs would be on the same switch as would the devices.

        Couple of questions as I'm learning:

        1. If devices on VLAN3 are on same switch sending data back and forth does the data stay on that switch or does it go through the netgate as well? If so, that port is going to be busy! I think that you answered that but wanted to confirm. :)
        2. Does that 881Mbps limit occur if I only have 50~ ACLs? I saw that it said 10k ACLs. If so, assuming that the 3100 would be a better fit. Is that model soon to be replaced?
        1 Reply Last reply Reply Quote 0
        • S
          stephenw10 Netgate Administrator
          last edited by Sep 30, 2021, 2:55 PM

          VLANs exist to separate devices. All the hosts and VLANs can exist on the same switch but, unless that's a layer 3 switch, traffic will not be able to go between different VLANs without going via a router. pfSense in that case. Traffic between different hosts on the same VLAN (same subnet) does not have to be routed so just goes directly between the hosts via the switch.

          C 1 Reply Last reply Sep 30, 2021, 4:59 PM Reply Quote 0
          • C
            CreationGuy @stephenw10
            last edited by Sep 30, 2021, 4:59 PM

            @stephenw10
            The Switch is EnGenius EWS7928P which has Layer 2 support. I'm also looking at the Unify USW-Pro-24 which supports Layer 3 for $20 more.

            Would the EnGenius be enough as it is layer 2 and VLAN support? If not, the USW-Pro-24 would work. Would the 2100 be sufficient for 1Gb routing since the switch would handle that via Layer 3?

            I'm sorry for all of the questions, just want to buy the right products.

            1 Reply Last reply Reply Quote 0
            • S
              stephenw10 Netgate Administrator
              last edited by Sep 30, 2021, 10:38 PM

              The SG-2100 will not route and filter at 1Gbps. If you have a layer 3 switch you can route between the VLANs using that so the SG-2100 doesn't have to. But that also means any filtering of traffic between the VLANs has to be done in the switch and it's often a lot less flexible there.
              That does leave the SG-2100 routing only the WAN traffic which at 100Mbps is no problem.

              Do you actually need 1Gbps between different VLANs?

              Steve

              C 1 Reply Last reply Sep 30, 2021, 10:59 PM Reply Quote 0
              • C
                CreationGuy @stephenw10
                last edited by Sep 30, 2021, 10:59 PM

                @stephenw10 I'm not sure... I would be transferring exported video clips from VLAN3 to VLAN1 from time to time.

                1 Reply Last reply Reply Quote 0
                • S
                  stephenw10 Netgate Administrator
                  last edited by Oct 1, 2021, 11:06 AM

                  Ok, so unless those are 100s of Gigabytes you probably don't actually need it.

                  If you were moving files that large regularly you'd probably be looking at 10GbE. 😉

                  But really only you can answer that.

                  C 1 Reply Last reply Oct 1, 2021, 1:03 PM Reply Quote 0
                  • C
                    CreationGuy @stephenw10
                    last edited by Oct 1, 2021, 1:03 PM

                    @stephenw10 For my set up, I would not be transferring large quantities of large exported videos. They range from 100MB to 1GB and I export 5-10 a month. Those would be in the future, crossing VLANs.

                    As long as the data on the standard VLAN stays on the switch and is transferring at 1Gb I am fine with that.

                    In your opinion, with all of that said, would the 2100 or 3100 be best considering the hardware, age, etc.

                    W 1 Reply Last reply Oct 2, 2021, 5:22 AM Reply Quote 0
                    • W
                      whosmatt @CreationGuy
                      last edited by Oct 2, 2021, 5:22 AM

                      @prtonguy77 My vote would be size your pfSense for the WAN connection and then if you need faster internal routing spend the money on L3 switches. From everything you've posted the 2100 should be fine.

                      1 Reply Last reply Reply Quote 0
                      • S
                        stephenw10 Netgate Administrator
                        last edited by Oct 2, 2021, 9:41 PM

                        Yes, I would go with the 2100 given that WAN bandwidth.

                        Steve

                        1 Reply Last reply Reply Quote 0
                        14 out of 14
                        • First post
                          14/14
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                          This community forum collects and processes your personal information.
                          consent.not_received