Question about pfSense setup/topology for home network



  • Hi guys,

    Hope I'm OK posting in this part of the forum. I've recently setup pfSense on my home network and I'm really enjoying it! Huge amount of functionality and learnt a huge amount setting it up by configuring vlans, NAT/firewall and playing around with a few packages.

    I have a question though about whether I should change the topology/setup of my network. I've made a little drawing here to help understand - https://goo.gl/9p3M6a (look for question marks - which option is better?)

    If you check the drawing, currently I have my esxi box connecting to my switch (trunk) and that box is then providing networking to all the VMs via whichever VLAN is assigned. It also provides networking to all other devices either directly or via the wireless router.

    Since I have another unused interface on the pfSense box, would it be better to use this for my esxi box? Would it provide better performance (throughput for trunk link) and would I still be able to have the VMs running on same VLANs as the other devices on my current LAN interface?

    Also, didn't include in screenshot - one of the VLANs is configured to only send/receive traffic via a VPN WAN interface.

    Appreciate any help or advice.


  • Netgate

    Use the switch. Otherwise you will have to use pfSense bridges to put nodes on the switch on the same VLAN as nodes on the ESXi host. And that is not what you want to do.

    If you want to increase performance between the firewall and the switch, you would do something like an LACP lagg to the switch and put the VLANs on that. But unless you have more than a gigabit to the internet, don't introduce the complexity.