Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [backplane switching] recommendation for performance switching between subnets

    Scheduled Pinned Locked Moved Hardware
    8 Posts 4 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      buivietha
      last edited by

      hi everyone,
      could you help me about build  a pfsense for : filtering,monitoring and switching as layer 3 switching.. i have a problem with that..i dont know pfsense suppport if rate switching about 3Gps or 1 million pps
      and help me in supporting Hardware recommendation or other method
      I m planning to use 4 NIC for each NIC have 1 Vlan
      the VLAN10 : 10 server ( web, sql, domain, dns etc…)
            VLAN20 : 100 user ( Lan internal)
            VLAN30 : Callcenter
            WAN : 60Mbps/60Mbps
      Thank you so much and sorry about my English 's not good .

      Thank you

      hascar87@gmail.com

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        Curious to hear other answers.  My gut says that if you don't need firewall rules between your VLANs, use a good, layer 3 switch.  You're going to need things like DHCP helpers, etc.  The proper domain of a switch.  Create a 4th VLAN going to pfSense and let it firewall your 60/60 WAN, at which it will excel.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • B
          buivietha
          last edited by

          thanks for your advice,
          so i want firewall between subnets for monitoring, filtering and bandwidth management, what should i do ?
          i have to approve some rules from subnets to Server
          i could use ACL and port minoring on switch layer 3 instead,is that ok ?

          thank you

          1 Reply Last reply Reply Quote 0
          • DerelictD
            Derelict LAYER 8 Netgate
            last edited by

            I don't know that pfSense won't do it.  You'll certainly have to throw some hardware at it.  One million pps?  Really?

            I'd wait for others to answer or call ESF/netgate.

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • B
              buivietha
              last edited by

              do you think about pf sense all in one ( routing, switching and firewall ) depend on hardware PC ??
              maybe i like sorfware more than hardware, some hardware device like cisco, juniper … with high price

              thank you for helping me

              1 Reply Last reply Reply Quote 0
              • J
                jasonlitka
                last edited by

                I've got posts around here somewhere that say I hit a single-stream wall at ~2.4Gbit/s through my pfSense boxes w/ Intel X520 NICs.  That was with 2.1.something though, not 2.2 which includes newer drivers and multi-threaded pf.  I'd expect better there.  With multiple connections I did better, I think 3.something Gbit/s but I can't remember.  I'll redo my tests once 2.2 goes gold.

                I can break anything.

                1 Reply Last reply Reply Quote 0
                • B
                  buivietha
                  last edited by

                  hi jason litka,
                  srr about my absent
                  could you hepl me this topo :https://forum.pfsense.org/index.php?topic=86714.0
                  and performance with my hardware i posted above link

                  im looking forward to hearing from u

                  thank you

                  hascar87@gmail.com
                  skype: buivietha6187

                  1 Reply Last reply Reply Quote 0
                  • stephenw10S
                    stephenw10 Netgate Administrator
                    last edited by

                    For reference it's worth reading through these threads:
                    https://forum.pfsense.org/index.php?topic=72142.0
                    https://forum.pfsense.org/index.php?topic=71949.0

                    Steve

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.