Multiple NICs or Managed Switch?
-
So I am in the drafting stage of building a pfSense router. I have been looking through guide and other tutorials on building pfSense routers and I noticed the trend was to put in multiple multiport NICs rather than a 2 port NIC that connects to like a 24 port switch or something.
I was considering going the switch route as I may wire the house with Ethernet wall jacks that all connect to the switch. However, are there any benefits to going the multiple NIC route rather than a switch?
-
Your choice. In cases where I have the right switch and the hardware resources to do it, I like to use a LAGG with 2 or more physical NICs as a single virtual NIC and hang my VLANs off of that. So em0 and em1 become lagg0 and then my actual interfaces are lagg0_vlan2, lagg0_vlan3, etc.
-
However, are there any benefits to going the multiple NIC route rather than a switch?
If what you want/need are switch ports, not really any benefit at all. A layer 2 bridge implemented in software will pretty much never perform as well at forwarding frames as even the cheapest switch.
-
There are plenty of advantages to having router with multiple nics - none of which has anything to do with switch ports. But having multiple nics allow you to run multiple networks be native or tagged without having to hairpin connections.
If all you have is 1 lan side nic in your firewall then depending on how many networks you have and how much traffic you do intervlan your all sharing the bandwidth of that 1 nic via your vlans. I you have multiple nics you can spread your multiple networks across multiple nics and do it in such a fashion so that the segments that talk the most to each other do not have to hairpin over the same physical connection, etc.
Multiple nics are where this comes into play - also allow for expansion of multiple wan networks, etc.
But as Derelict points out if what you wan tis multiple devices in the same layer 2 then what you need is a switch.. The cheapest of the cheapest switches would be heads and tails faster than creating a bridge between your nics on your router.
Multiple nics are great for more network segments on your router, switches are what you use for more ports in a network segment.
-
However, are there any benefits to going the multiple NIC route rather than a switch?
If what you want/need are switch ports, not really any benefit at all. A layer 2 bridge implemented in software will pretty much never perform as well at forwarding frames as even the cheapest switch.
I took this to mean that OP was asking whether to use a NIC per lan segment vs using a managed switch (as the title suggests) and VLANs. Guess some clarification is necessary.
