• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Same VLAN on Multiple Interfaces?

Scheduled Pinned Locked Moved L2/Switching/VLANs
6 Posts 4 Posters 2.9k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D
    DIYsense
    last edited by Jul 19, 2021, 2:08 AM

    My pfSense router (an industrial PC with 4 ports) has 4 interfaces:

    em0 = WAN, em1, em2, em3

    em1 is wired to my office for work and network admin
    em2 is wired to my living room for entertainment
    em3 is wired to my basement, for security cams & ZoneMinder NVR

    I want to create VLANS for IoT, Cams, and basically general use LAN.

    That said, can I create the same VLANS for each interface? So in essence: the same 3 VLANS x 3 parent interfaces.

    And if so, do I do DHCP or static IP for each OPT3, OPT4, etc?

    Here's a pic of what I doing but I don't know if I'm going down the right path

    V N 2 Replies Last reply Jul 19, 2021, 10:19 AM Reply Quote 0
    • V
      viragomann @DIYsense
      last edited by Jul 19, 2021, 10:19 AM

      @diynonsense said in Same VLAN on Multiple Interfaces?:

      That said, can I create the same VLANS for each interface? So in essence: the same 3 VLANS x 3 parent interfaces.

      Generally that should be possible, but why wants someone do that?

      This will not connected the VLANs with same IDs automatically.
      To connect both virtual network interfaces you have to bridge them anyway regardless if the VLAN IDs are the same or different.

      1 Reply Last reply Reply Quote 0
      • N
        NogBadTheBad @DIYsense
        last edited by NogBadTheBad Jul 19, 2021, 12:11 PM Jul 19, 2021, 12:06 PM

        @diynonsense Yes you can using bridges but why, pfSense isn't a switch ?

        Create a LAGG with the 3 interfaces and put the VLAN on the LAGG.

        Then create a LACP bond of the 3 interfaces on your switch.

        Personally I don't think you need 3 interfaces, you just need 3 vlans on em1.

        Also you can just drag the screenshot into the compose window :)

        Andy

        1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

        D 1 Reply Last reply Jul 21, 2021, 4:16 PM Reply Quote 0
        • D
          DIYsense @NogBadTheBad
          last edited by DIYsense Jul 21, 2021, 4:18 PM Jul 21, 2021, 4:16 PM

          Thanks

          I'm most concerned with security for the camera network - plus I will need a VPN for it as well. Would I be better off using subnets (IoT, CAMs/NVR, LAN) instead of VLAN's?

          J 1 Reply Last reply Jul 21, 2021, 4:21 PM Reply Quote 0
          • J
            johnpoz LAYER 8 Global Moderator @DIYsense
            last edited by johnpoz Jul 21, 2021, 4:24 PM Jul 21, 2021, 4:21 PM

            @diynonsense said in Same VLAN on Multiple Interfaces?:

            Would I be better off using subnets instead of VLAN's?

            So native untagged vs tagged.. Makes no difference really - how you isolate the layer 2 makes little difference be it you do it with vlans or physically..

            If you want network A on interface X and network B on interface Y on pfsense or you want both X and Y on the same interface and isolate them via tags (vlan)..

            I have both setup, where some networks run on their own interface on pfsense, and then where multiple networks run on the same interface (vlans). But even the networks on their own interfaces are still vlans on the switch.. Its just that pfsense doesn't know anything about these vlan tags because it never sees them.

            The networks/vlans that have the most inter network traffic have their own interface on pfsense and uplink from the switch. The networks that really don't talk to each other and don't use that much bandwidth anyway because they are wireless share an interface (uplink from switch to pfsense) and are vlans (tagged that pfsense sees)..

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.7.2, 24.11

            D 1 Reply Last reply Jul 21, 2021, 9:43 PM Reply Quote 1
            • D
              DIYsense @johnpoz
              last edited by Jul 21, 2021, 9:43 PM

              @johnpoz Thanks

              1 Reply Last reply Reply Quote 0
              6 out of 6
              • First post
                6/6
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                This community forum collects and processes your personal information.
                consent.not_received