Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Configure pfsense as a 10GbE switch, can it be done?

    L2/Switching/VLANs
    5
    9
    1.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      AllGamer
      last edited by

      So I've been using pfsense as a router / gateway for years, and love it.

      Recently I've started to upgrade my home lab from ancient old 1 GbE to 10 GbE, but as you know 10 GbE switches are still very expensive.

      That being said, Intel 540 T2/T4 and similar 10 GbE cards can be had for really affordable prices.

      I've got plenty of old motherboards / RAMs / quad core intel CPUs I can throw together and built a nice "Switch" with pfsense as the OS, just wasn't sure if anyone has done this before.

      I was thinking of going probably with 16 GB / 32 GB RAM, quad core, 4x intel 540 T2 (= 8 ports) or 4x intel 540 T4 (= 16 ports) the cost of the cards are way cheaper than buying any currently available 8 port / 16 port 10 GbE switches available in the market at the moment.

      Any reference would be great.

      J 1 Reply Last reply Reply Quote 0
      • J
        Jarhead @AllGamer
        last edited by

        @allgamer
        Short answer, No.
        But, it can be used as a bridge. Probably not gonna be what you want it to be though.
        A bridge is not a switch.

        A 1 Reply Last reply Reply Quote 1
        • A
          AllGamer @Jarhead
          last edited by

          @jarhead ahh... i see.
          so, doing it this way I'll lose the benefits of a real switch.
          It might be an "OK" compromise, as long as I can connect additional 10 GbE devices to the existing 10 GbE network that is already managed by actual 10 GbE smart switches.

          I was just trying to save on costs, because each of those 10 GbE switches are very steep, and all I really needed was just more 10 GbE ports to connect more devices.
          So using pfsense as a "Bridge / Repeater" might not be such a bad idea.

          Yes, I'm aware performance might not be so great as a real switch, but it's something worth considering. The cost saving is huge.

          R 1 Reply Last reply Reply Quote 0
          • R
            rcoleman-netgate Netgate @AllGamer
            last edited by rcoleman-netgate

            @allgamer said in Configure pfsense as a 10GbE switch, can it be done?:

            so, doing it this way I'll lose the benefits of a real switch.

            Like responsiveness, yes. Your firewall will likely slow to a crawl when dealing with WAN traffic and also switching traffic.

            Switch ICs are perfect for switching, and exist in... switches :)

            It might be an "OK" compromise, as long as I can connect additional 10 GbE devices to the existing 10 GbE network that is already managed by actual 10 GbE smart switches.

            I 100% disagree. I would never ever ask pfSense to do the job of a switch except for short periods of time in extremely rare situations. Every bridge I've ever made failed in one way or another under load.

            Ryan
            Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
            Requesting firmware for your Netgate device? https://go.netgate.com
            Switching: Mikrotik, Netgear, Extreme
            Wireless: Aruba, Ubiquiti

            chpalmerC 1 Reply Last reply Reply Quote 0
            • chpalmerC
              chpalmer @rcoleman-netgate
              last edited by

              Actually the cost of such equipment is coming down.. Ive been running a Dlink DGS-1510 with 10G SPF+ GBICs for a couple of years and remember that it was not to costly at the time..

              Can the interfaces of a TNSR machine be bridged? might be worth a look.. There is a series of videos on yootoob where the host used Vyos to do 10g switch duty.. several years old and Vyos is a bit costly now.

              Triggering snowflakes one by one..
              Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

              R 1 Reply Last reply Reply Quote 0
              • R
                rcoleman-netgate Netgate @chpalmer
                last edited by

                @chpalmer said in Configure pfsense as a 10GbE switch, can it be done?:

                Actually the cost of such equipment is coming down.. Ive been running a Dlink DGS-1510 with 10G SPF+ GBICs for a couple of years and remember that it was not to costly at the time..

                Not sure what part of my comment you're responding to... I am saying that using a pfSense to do the job of a switch is a horrible idea.

                As for tnsr questions... I would direct that to https://forum.netgate.com/category/69/tnsr

                Ryan
                Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
                Requesting firmware for your Netgate device? https://go.netgate.com
                Switching: Mikrotik, Netgear, Extreme
                Wireless: Aruba, Ubiquiti

                johnpozJ chpalmerC 2 Replies Last reply Reply Quote 1
                • johnpozJ
                  johnpoz LAYER 8 Global Moderator @rcoleman-netgate
                  last edited by

                  @rcoleman-netgate said in Configure pfsense as a 10GbE switch, can it be done?:

                  I am saying that using a pfSense to do the job of a switch is a horrible idea.

                  Concur completely. While a bridge of interfaces can somewhat mimic some functions of a switch.. And for sure can be useful in some use cases.. Just because I bridge some interfaces I sure wouldn't call it a switch, nor should it be an actual solution of using an actual switch if a switch is what should be used.

                  In a pinch I can use a rock to hammer in a nail, doesn't make a rock the proper tool for the job ;)

                  An intelligent man is sometimes forced to be drunk to spend time with his fools
                  If you get confused: Listen to the Music Play
                  Please don't Chat/PM me for help, unless mod related
                  SG-4860 24.11 | Lab VMs 2.7.2, 24.11

                  1 Reply Last reply Reply Quote 0
                  • chpalmerC
                    chpalmer @rcoleman-netgate
                    last edited by

                    @rcoleman-netgate Didn't mean to respond to you.. meant that post as a general reply to the thread..

                    I am saying that using a pfSense to do the job of a switch is a horrible idea.

                    Yep I agree. I offered another solution if the OP wants to continue to pursue the coarse he is on. Some people need to learn by doing.

                    https://youtu.be/p39mFz7ORco

                    Triggering snowflakes one by one..
                    Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

                    R 1 Reply Last reply Reply Quote 1
                    • R
                      rcoleman-netgate Netgate @chpalmer
                      last edited by

                      @chpalmer roger-roger 😄

                      Ryan
                      Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
                      Requesting firmware for your Netgate device? https://go.netgate.com
                      Switching: Mikrotik, Netgear, Extreme
                      Wireless: Aruba, Ubiquiti

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.