Hardware for using pfsense as a managed switch?
-
I'd suggest looking for a second hand HP ProCurve switch. They are cheap, very easy to get, and do most of the just Just Right. There are web-only versions (SNMP RO) but there are telnet/serial/web/SNMP RW models too, mostly the more expensive ones.
-
@johnkeates:
I'd suggest looking for a second hand HP ProCurve switch. They are cheap, very easy to get, and do most of the just Just Right. There are web-only versions (SNMP RO) but there are telnet/serial/web/SNMP RW models too, mostly the more expensive ones.
The HP (Now Aruba) 2530-8G series is fanless (Just the 8-port) , both the PoE & NonPoe
Still lifelong Warranty i think (for first owner).
https://www.amazon.com/HP-J9777A-2530-8G-Ethernet-Switch/dp/B00EAF7QRG/
https://www.amazon.com/HP-J9774A-2530-8G-PoE-Ethernet-Switch/dp/B00G2DLRUQ/That's a neat switch en'par w. most Cisco catalysts , & full CLI
I have a new customers that use this one , but it's outside my budget.But a nice switch.
Note it's a 1U height unit , might not fit in anywhere.
Make sure to get the 8G (Gigabit version) , as there is an 8' version too (Non Gb).
The Jxxxxx numbers are neat to use for searching, and matches both HPE & Aruba switches.HP 2530-8G (J9777A)
HP 2530-8G-PoE+ (J9774A)/Bingo
-
J9783AĀ HP 2530-8
J9780AĀ HP 2530-8-POE+Great, those have 8x 10/100 Base-TX Ports and 2x 10/100/1000 Base-TX.
Who buys FastEthernet in 2017 if you don't need a zillion ports cheap? -
J9783AĀ HP 2530-8
J9780AĀ HP 2530-8-POE+Great, those have 8x 10/100 Base-TX Ports and 2x 10/100/1000 Base-TX.
Who buys FastEthernet in 2017 if you don't need a zillion ports cheap?I don't know who wants FE , and i did corect the links & prod names to the -G version before i saw your post.
-
A CLI is probably not particularly useful for a home network.
-
A CLI is probably not particularly useful for a home network.
What does a CLI have to do with home networking ?
I'd prefer a CLI anytime, but that's a user preference , not where it's used.But the learningcurve for using the CLI could be challenging for some.
/Bingo
-
I'd take a CLI any day. Sure, it must not be a shitty CLI, but that goes for any interface.
-
A CLI is probably not particularly useful for a home network.
What does a CLI have to do with home networking ?
I'd prefer a CLI anytime, but that's a user preference , not where it's used.But the learningcurve for using the CLI could be challenging for some.
/Bingo
Cha ching !!
I'd prefer working in the CLI too. Most times I go the CLI route even if a GUI is available. Not because I am contrarian, but only because I feel more comfortable in doing what I am doing. Man pages and help options explain much more in detail than a tooltip in the GUI ever would.
-
A CLI is probably not particularly useful for a home network.
What does a CLI have to do with home networking ?
I'd prefer a CLI anytime, but that's a user preference , not where it's used.But the learningcurve for using the CLI could be challenging for some.
/Bingo
Cha ching !!
I'd prefer working in the CLI too. Most times I go the CLI route even if a GUI is available. Not because I am contrarian, but only because I feel more comfortable in doing what I am doing. Man pages and help options explain much more in detail than a tooltip in the GUI ever would.
On top of that, the 'interface' doesn't hide as much on the command line as text has to be either there or not there, it isn't graphically styled in some ambiguous way leaving it up to the user to figure out what it's supposed to do.
-
Sorry, let me correct my statement.
I was speaking from the point of view of your average home users who does not already know a switch CLI particularly well.
But I didn't specify that at all.For someone who doesn't already know it probably isn't useful for a home because they will likely spend 20-30 minutes setting it up on a GUI once then never or rarely touch it again.
CLI would be very valuable and worth learning even for the uninitiated if you had even a small to medium network compromising a number of switches where you would be spending a notable amount of time managing them.
In that case it would be miserable to repeatedly make changes via the GUI.I do agree that for anyone who is already comfortable with switching CLI, it's a very valuable feature.
The zyxel I recommended earlier operates primarily off web GUI, however there is a CLI you can access via either telnet or ssh (don't remember which) and a console header you can utilize if you're so inclined.
I think it strikes a very attractive balance commercial and home user. -
For a new basic managed switch for home use, the ZyXel works fine indeed. But if you want to go bigger, used HP switches (or new) are a fine choice.
-
I am searching for a cheap stackable switch for the WAN Side.
I have a HA CARP Setup with Multiwan (through AVM Fritzbox Routers).Any suggestions?
-
Are cheap and stackable the only requirements?
(Note that those terms are usually mutually-exclusive. You might also need to define the term cheap)
-
This discussion has gone far from the topic starter's question, hasn't it?
-
They always morph into "what should I do instead.?"
-
I need it on the WAN side to connect 3 VDSL Router. The existing VDSL Router have built in switches, actually directly connected to a Firebox, but it seems like they are causing trouble with the CARP failover. So, VLAN and spanning Tree, configurable ARP timer would be good. Did I forgot something? Do I need anything for CARP/VRRP support?
Are cheap and stackable the only requirements?
(Note that those terms are usually mutually-exclusive. You might also need to define the term cheap)
-
I think getting a bridged modem is a better option. CARP/VRRP is problematic if it happens too often since most providers do MAC throttling to prevent draining the lease pool too quickly.
-
CARP on WAN generally does not play nice with residential-type WAN connections.
You need a static /29 there. You can usually get away with a static /32 on the secondary WAN but it is sub-optimal.
-
@johnkeates:
I think getting a bridged modem is a better option. CARP/VRRP is problematic if it happens too often since most providers do MAC throttling to prevent draining the lease pool too quickly.
A CARP failover happens very seldom, maybe once a month, but it has to work.
What do you mean with bridged modem? PPPoE? Does this play with CARP?
Actually, I am using a private IP net only as transfer net between the PFSense und the router, doing double NAT (in the PFSense as well as in the router) . No, I am not using SIP ;-)
Would probably a OpenWRT routers (without an extra switch) work better, as far as I know, you can configure ARP timeout with OpenWRT? -
CARP on WAN generally does not play nice with residential-type WAN connections.
You need a static /29 there. You can usually get away with a static /32 on the secondary WAN but it is sub-optimal.
I know thatĀ“s sub optimal, but that is the use case. We are replacing expensive company Internet lines with low cost residential VDSL lines, plus adding additional HA with LTE lines (LTE is not available together with public IP in Germany).
So I am doing double NAT, with a private IP net between pfsense and the router. Shouldn't that work, it is pretty much the same as on the LAN side?
