Inter VLAN Routing - Internet Access

asterix

@Derelict:

Do yourself a favor and watch for Brocade ICX-6450s too. Cisco 3750s can be had as well, though they will likely only be 100M with gig uplinks.

You want an IPv6 L3 switch and don't want to spend any money? Really?

I am not looking to buy overpriced switches. My current switch does have IPv6 L3 functionality but it's hidden and can only be enabled with an IPv6 license which will cost somewhere over the $450 price range. Hence I am looking for better options as I am not willing to pay that exorbitant price for un-hiding something already there.

Derelict

You can easily get a new L3 switch for under $450. A brand new SG300-52 costs about that.

If you need the functionality they offer they are not overpriced.

asterix

Yup looking into them. Now do any of these cisco switches need additional licensing? Or have to pay yearly fees for functionality? the SG300 does IPv6 vlan routing right?

johnpoz

Yes the sg300 does ipv6 routing, and no you don't need to by any extra licensing for it..  I would look to the sg350 though, the sg300 is end of life..

http://www.cisco.com/c/en/us/products/collateral/switches/small-business-stackable-managed-switches/eos-eol-notice-c51-733213.pdf
The one I would be worried about is the end of sw support.. Which this doc says was april of 2015, but they just released

Sx300 Firmware Version 1.4.7.05 09-DEC-2016

Which I am running on mine.. I currently do not run my sg300 in L3, I have no use for it on my network as of yet.  While I do have in works upgrade to my pfsense, its currently running on old HP microsever as a vm and can not route at gig..  Can only seem to get about 400-500mbps between segments.  But for me that is fine..  I have all the devices I really need full gig between on the same network.

While you might be able to find some sg300 a few bucks cheaper..  They currently have announced end of software maint.. So you may never see another update that is not for a major security fix, etc.  For example I would love to see it support chacha20 for its ssh.. But I don't think that is going to happen..

asterix

hmm end of software maint is not good. The sg350 is still pretty expensive. I will keep an eye on eBay for sg350, sg300 and sg500. I may get one if the price is hard to beat or will wait for the sg350 to drop in price.

johnpoz

What port density are you looking for?  I saw and listed a sg350 for <200 on amazon.

johnpoz

Ah - your looking for 48 ports, yeah that can get a bit pricey.. You sure you can not just use a smaller port density L3 as your core/distribution layer to handle your routing and then a simple L2 switch for your port density?  You can use uplinks per vlan to your L3 switch to your L2 so you do not hairpin or have to share bandwidth on interfaces for intervlan traffic.

"They advertised it but never added the feature. Expected sometime after sept 2017."

Keep in mind what specific switch your looking at with unifi, there are the "unifi" switches and then their are the edgeswitches and then teh edgeswitches-lite

From my understanding the ES have L3, but the unifi switches as of yet do not.. The unifi switches are cheaper per port density.  But the edgeswitch lite 48 port lists for $400 and clearly its states L3 support on the product page.. If that is not the case they really should adjust their datasheet and product page..

asterix

https://community.ubnt.com/t5/EdgeSwitch/EdgeSwitch-L3-IPv6-Routing/m-p/1609932/highlight/true#M8056

Their current platform has no L3 IPv6 routing functionality.

johnpoz

Well that is show stopper then.. ;)  They really should update their DS to state ipv4 routing only..

richley

How did you setup your transit in the end? Trying to do the same and it isn't working. Currently using management as my transit. Are you able to describe how you setup the transit as I have contacted netgear and they don't seem to have a concept of a transit vlan and are asking me to create a vlan on pfsense for it.

Pfsense:
Pfsense lan default gateway 192.168.10.246

Created gateway 192.168.10.1 Inc static routes etc on pfsense under routing.

Switch:

Created management vlan (15) 192.168.15.0

Ip: 192.168.15.2
Default gateway: 192.168.15.1 but it won't let me set it and defaults to 0.0.0.0

Static route also changes to 192.168.15.1 rarther than 192.168.10.246

Created vlan (10) 192.168.10.0

Default gateway 192.168.10.1

Untagged a port for all vlans and set its pvid to 10. Plugged the pfsense lan port into this switch port (transit link)

I'm clearly not doing it right please help.