Hardware for using pfsense as a managed switch?
-
J9783A HP 2530-8
J9780A HP 2530-8-POE+Great, those have 8x 10/100 Base-TX Ports and 2x 10/100/1000 Base-TX.
Who buys FastEthernet in 2017 if you don't need a zillion ports cheap? -
J9783A HP 2530-8
J9780A HP 2530-8-POE+Great, those have 8x 10/100 Base-TX Ports and 2x 10/100/1000 Base-TX.
Who buys FastEthernet in 2017 if you don't need a zillion ports cheap?I don't know who wants FE , and i did corect the links & prod names to the -G version before i saw your post.
-
A CLI is probably not particularly useful for a home network.
-
A CLI is probably not particularly useful for a home network.
What does a CLI have to do with home networking ?
I'd prefer a CLI anytime, but that's a user preference , not where it's used.But the learningcurve for using the CLI could be challenging for some.
/Bingo
-
I'd take a CLI any day. Sure, it must not be a shitty CLI, but that goes for any interface.
-
A CLI is probably not particularly useful for a home network.
What does a CLI have to do with home networking ?
I'd prefer a CLI anytime, but that's a user preference , not where it's used.But the learningcurve for using the CLI could be challenging for some.
/Bingo
Cha ching !!
I'd prefer working in the CLI too. Most times I go the CLI route even if a GUI is available. Not because I am contrarian, but only because I feel more comfortable in doing what I am doing. Man pages and help options explain much more in detail than a tooltip in the GUI ever would.
-
A CLI is probably not particularly useful for a home network.
What does a CLI have to do with home networking ?
I'd prefer a CLI anytime, but that's a user preference , not where it's used.But the learningcurve for using the CLI could be challenging for some.
/Bingo
Cha ching !!
I'd prefer working in the CLI too. Most times I go the CLI route even if a GUI is available. Not because I am contrarian, but only because I feel more comfortable in doing what I am doing. Man pages and help options explain much more in detail than a tooltip in the GUI ever would.
On top of that, the 'interface' doesn't hide as much on the command line as text has to be either there or not there, it isn't graphically styled in some ambiguous way leaving it up to the user to figure out what it's supposed to do.
-
Sorry, let me correct my statement.
I was speaking from the point of view of your average home users who does not already know a switch CLI particularly well.
But I didn't specify that at all.For someone who doesn't already know it probably isn't useful for a home because they will likely spend 20-30 minutes setting it up on a GUI once then never or rarely touch it again.
CLI would be very valuable and worth learning even for the uninitiated if you had even a small to medium network compromising a number of switches where you would be spending a notable amount of time managing them.
In that case it would be miserable to repeatedly make changes via the GUI.I do agree that for anyone who is already comfortable with switching CLI, it's a very valuable feature.
The zyxel I recommended earlier operates primarily off web GUI, however there is a CLI you can access via either telnet or ssh (don't remember which) and a console header you can utilize if you're so inclined.
I think it strikes a very attractive balance commercial and home user. -
For a new basic managed switch for home use, the ZyXel works fine indeed. But if you want to go bigger, used HP switches (or new) are a fine choice.
-
I am searching for a cheap stackable switch for the WAN Side.
I have a HA CARP Setup with Multiwan (through AVM Fritzbox Routers).Any suggestions?
-
Are cheap and stackable the only requirements?
(Note that those terms are usually mutually-exclusive. You might also need to define the term cheap)
-
This discussion has gone far from the topic starter's question, hasn't it?
-
They always morph into "what should I do instead.?"
-
I need it on the WAN side to connect 3 VDSL Router. The existing VDSL Router have built in switches, actually directly connected to a Firebox, but it seems like they are causing trouble with the CARP failover. So, VLAN and spanning Tree, configurable ARP timer would be good. Did I forgot something? Do I need anything for CARP/VRRP support?
Are cheap and stackable the only requirements?
(Note that those terms are usually mutually-exclusive. You might also need to define the term cheap)
-
I think getting a bridged modem is a better option. CARP/VRRP is problematic if it happens too often since most providers do MAC throttling to prevent draining the lease pool too quickly.
-
CARP on WAN generally does not play nice with residential-type WAN connections.
You need a static /29 there. You can usually get away with a static /32 on the secondary WAN but it is sub-optimal.
-
@johnkeates:
I think getting a bridged modem is a better option. CARP/VRRP is problematic if it happens too often since most providers do MAC throttling to prevent draining the lease pool too quickly.
A CARP failover happens very seldom, maybe once a month, but it has to work.
What do you mean with bridged modem? PPPoE? Does this play with CARP?
Actually, I am using a private IP net only as transfer net between the PFSense und the router, doing double NAT (in the PFSense as well as in the router) . No, I am not using SIP ;-)
Would probably a OpenWRT routers (without an extra switch) work better, as far as I know, you can configure ARP timeout with OpenWRT? -
CARP on WAN generally does not play nice with residential-type WAN connections.
You need a static /29 there. You can usually get away with a static /32 on the secondary WAN but it is sub-optimal.
I know that´s sub optimal, but that is the use case. We are replacing expensive company Internet lines with low cost residential VDSL lines, plus adding additional HA with LTE lines (LTE is not available together with public IP in Germany).
So I am doing double NAT, with a private IP net between pfsense and the router. Shouldn't that work, it is pretty much the same as on the LAN side?
-
Yes. If you want to do double NAT and put a bunch of potential points of failure in front of the firewalls it will work fine.
As long as both primary and secondary can access the internet while the CARP VIPs are in the BACKUP state it should work.
-
Hello all.
I'm not sure how practical this is. I am looking for a managed switch for vlans and such and was wondering if pfsense could do this? I'm already using pfsense in a routing capasity but baught a prebuilt hardware solution for that. This time i'd like to build my own.
The questions i have are this.
1, is it a practical use of pfsense to use it as a managed switch OS?
2, if so, what would you guys recommend for an 8 port box? It should be future proofed for updates and be under $200 if possible.
The switch will be on the lan side so should have full gigabit speeds.Thoughts?
At first get a switch that owns 8 GB LAN Ports! And if you need Layer3 Routing, VLANs, LAGs (LACP)
CLI and a real serial console port get a Cisco SG300-10 or Cisco SG350-10. They are often able to
get at amazon.com for ~$110 (SG300-10) or ~$200 (SG350-10) if more ports and other things such
SFP/SFP+ Ports or 10 GBit/s abillity is another point you will be fine with a D-Link DGS1510-20 for
around ~$270 but with much more power and ports. They are also other solutions out!Netgear Layer2
Netgear GS108E
Netgear GS108Tv2
Netgear GS110TCisco Layer2 & Layer3
Cisco SG200-08
Cisco SG300-10
Cisco SG350-10Layer3 more ports
D-link DGS1510-20
