New SG-3100
-
So I am looking to replace an old Soekris box that is just not handling the new 2.3.4.p1 code.
https://store.netgate.com/SG-3100.aspx
But I am confused by the wording of the guide a little - https://www.netgate.com/docs/sg-3100/io-ports.html
Today I have a WAN, LAN (172.16.20.0/24), and two other LAN Networks (DMZ) *172.20.100.0/24 & 172.20.200.0/24) configurations so four total ethernet ports –
Can I do this with the SG-3100 or are the four Switched Ethernet ports ports just a bridged lan.
WAN -- Comcast
OPT1 -- DMZ-1 172/20.100.0/24
Switch (Lan 1 -4 ) -- 172.16.20.1/24
?????? DMZ-2 172.20.200.0/24I see I might be able to dump a small netgear switch, but how do I get the second DMZ ?
I also have two VPNs to other sites, but this box looks more than capable of handling this --
TIA on the insight for this new hardware.
My alternative is the SG-2440 but this 3100 is much better priced and may fit the bill.
-
Great question.. I would hope you could vlan the ports off as their own interface(s) so all 4 in one network, or 4 different networks and then vlans on top of those as well just like you could with actual nic interface.
But this is great question, since this is first pfsense device that I am aware of that has a "switch" included. I did see that the uplink from this switch is 2.5gb to the soc.
-
This should be quite similar, even though it's about the smaller SG-1000
https://www.netgate.com/blog/ive-got-99-problems-but-a-switch-aint-one.html -
It will be possible on there to have port-based VLANs where you segment those ports off into different networks (e.g. making a new VLAN and then setting it untagged on a specific port), just like you would do on a switch.
-
Just remember that the 4-port switch is linked at 2.5 Gbps to the pfSense LAN interface… so you won't be able to use more than two switch ports to full capacity if you're going to have inter-VLAN routing going on.
-
Yes, but ports on the same VLAN will be handled in the switch without having to be handed off to the SoC. Silly things like bridging interfaces onto one "LAN" should be a thing of the past on the SG-3100.
-
Yes, but ports on the same VLAN will be handled in the switch without having to be handed off to the SoC. Silly things like bridging interfaces onto one "LAN" should be a thing of the past on the SG-3100.
True, though my thought was more if you have one VLAN on one port, another VLAN on another port, then routing between them would be handed back to the SoC, etc. But yes, same VLANs stay within the switch.
-
Good Morning,
Received an email that my order has been delayed due to the need for additional testing of a driver fix. I have no issue with this and as long as it ships in 2017 I am fine.
But for those in the know I am curious, since the note said driver issue, is this something in a FreeBSD module or a custom driver you all did for this device. If it's a base FreeBSD driver, is there a link to the issue you are addressing available ?
TIA….
-
Received an email that my order has been delayed due to the need for additional testing of a driver fix. I have no issue with this and as long as it ships in 2017 I am fine.
But for those in the know I am curious, since the note said driver issue, is this something in a FreeBSD module or a custom driver you all did for this device. If it's a base FreeBSD driver, is there a link to the issue you are addressing available ?
It's due to the length of the network interface driver name, it's causing problems with the way we currently name VLANs. Rather than rename the driver and maintain more technical debt, we are changing how the VLAN interfaces are named so they are not so long they overrun the FreeBSD name limit. That was a bigger change than we felt comfortable making for 2.4-RELEASE, so we're taking a week or so to implement and test that and a few other small fixes to roll into 2.4.1.
-
:) Sounds great. Thank you very much for the information.
I am replacing an older Soekris and small Switch.
So there is no rush from my side.
-
Received an email that my order has been delayed due to the need for additional testing of a driver fix. I have no issue with this and as long as it ships in 2017 I am fine.
But for those in the know I am curious, since the note said driver issue, is this something in a FreeBSD module or a custom driver you all did for this device. If it's a base FreeBSD driver, is there a link to the issue you are addressing available ?
It's due to the length of the network interface driver name, it's causing problems with the way we currently name VLANs. Rather than rename the driver and maintain more technical debt, we are changing how the VLAN interfaces are named so they are not so long they overrun the FreeBSD name limit. That was a bigger change than we felt comfortable making for 2.4-RELEASE, so we're taking a week or so to implement and test that and a few other small fixes to roll into 2.4.1.
Do you think the SG-3100 will start shipping Friday as planned? I pre-ordered. My other question is, can I restore my current configuration to the SG-3100? I am currently running on an older small form factor desktop which has been great but looking to move to the new device. Since having this I have it just how I like it.
-
Do you think the SG-3100 will start shipping Friday as planned? I pre-ordered.
Unless something else comes up in the meantime, it should still be Friday, or potentially Monday/early next week depending on how large the backorder queue is.
My other question is, can I restore my current configuration to the SG-3100? I am currently running on an older small form factor desktop which has been great but looking to move to the new device. Since having this I have it just how I like it.
Yes, you'll need to point it at the new interface names but otherwise the configuration will carry over fine.
-
Do you think the SG-3100 will start shipping Friday as planned? I pre-ordered.
Unless something else comes up in the meantime, it should still be Friday, or potentially Monday/early next week depending on how large the backorder queue is.
My other question is, can I restore my current configuration to the SG-3100? I am currently running on an older small form factor desktop which has been great but looking to move to the new device. Since having this I have it just how I like it.
Yes, you'll need to point it at the new interface names but otherwise the configuration will carry over fine.
Thank you, understand, and looking forward to it.
-
Do you think the SG-3100 will start shipping Friday as planned? I pre-ordered.
Unless something else comes up in the meantime, it should still be Friday, or potentially Monday/early next week depending on how large the backorder queue is.
My other question is, can I restore my current configuration to the SG-3100? I am currently running on an older small form factor desktop which has been great but looking to move to the new device. Since having this I have it just how I like it.
Yes, you'll need to point it at the new interface names but otherwise the configuration will carry over fine.
Maybe this is a dumb question but will I be able to access the web interface after the restore if the interface names are wrong in order to correct them? If not, would it be best to modify the xml to correct the interface names prior to the restore? Hope that makes sense.
-
Maybe this is a dumb question but will I be able to access the web interface after the restore if the interface names are wrong in order to correct them? If not, would it be best to modify the xml to correct the interface names prior to the restore? Hope that makes sense.
You can do it either way. After restore it will take you to a page to reassign the interfaces if you want to do it that way. You can edit into the config before restore if you like, too. I prefer to edit them in, but either way works.
-
Maybe this is a dumb question but will I be able to access the web interface after the restore if the interface names are wrong in order to correct them? If not, would it be best to modify the xml to correct the interface names prior to the restore? Hope that makes sense.
You can do it either way. After restore it will take you to a page to reassign the interfaces if you want to do it that way. You can edit into the config before restore if you like, too. I prefer to edit them in, but either way works.
Thanks again. mvneta1 for WAN and mvneta2 for LAN based on the user manual page. Easy enough.
-
That may not have been updated right yet, WAN is mvneta2, LAN is mvneta1, OPT1 is mvneta0
-
Received an email that my order has been delayed due to the need for additional testing of a driver fix. I have no issue with this and as long as it ships in 2017 I am fine.
But for those in the know I am curious, since the note said driver issue, is this something in a FreeBSD module or a custom driver you all did for this device. If it's a base FreeBSD driver, is there a link to the issue you are addressing available ?
It's due to the length of the network interface driver name, it's causing problems with the way we currently name VLANs. Rather than rename the driver and maintain more technical debt, we are changing how the VLAN interfaces are named so they are not so long they overrun the FreeBSD name limit. That was a bigger change than we felt comfortable making for 2.4-RELEASE, so we're taking a week or so to implement and test that and a few other small fixes to roll into 2.4.1.
Will the SG-3100 ship with 2.4.1?
-
-
Finally a device that can replace a Linksys! I can retire my parent's DD-WRT device now. 802.11n is good enough.
