VLANs instead of multiple ports, good idea?
-
I have a thin client with a 6th gen Core i5, plenty of power for pfSense. It's only got one LAN port though, so I was planning to add a second one using a free M.2 slot. I can get an Intel I225 NIC for the M.2 slot. My WAN connection is 1000/1000.
Since I will only have one LAN port, I was thinking of using a managed switch with VLAN support to separate networks. Is that okay? I've not used VLANs before. I expect to have one private network that will want the full 1000/1000 through the router (okay 950/950 with overhead) and then a second WiFi network, and third IoT network. The speed on the WiFi and IoT sides are not too important.
The switch will probably be 1Gbps only, even though the NIC support 2.5Gbps.
Will all that over a single port with VLAN be okay? Is there any downside to doing it this way?
-
@kuro68k the only time you really run into a problem with multiple vlans on single physical interface for speed, is when you try and exceed the capabilities of the physical interface in intervlan traffic that is on the same physical interface.
You will see multiple vlans run on the same physical interface all the time.. It normally is not a problem.. But sure if you have multiple vlans on the physical interface all wanting to talk to each other at the same time, you will be limited by the physical speed of the interface.
I do split out some of my network to their own physical interface, mostly because I have the ports both on my router and my switch. But I do run multiple vlans on 1 physical interface for some of my networks. Wireless as you mention, because these vlans don't actually really ever talk to each other, and if they did they would be sub gig anyway.. So the likely hood of the physical interface being the bottle neck is slim.
But its good that your thinking about it as a possible problem.
-
@johnpoz Ah right, that makes sense. The various VLANs won't talk to each other much, just a little bit of traffic between LAN/Wifi and IoT, but not much. I might have a look for a switch with a 2.5G uplink, but I was going to get a used one off eBay cheap so probably won't splash out.
Thanks, that's very helpful.
-
@kuro68k said in VLANs instead of multiple ports, good idea?:
for a switch with a 2.5G uplink
Has always been good practice to have uplinks faster than clients connection.. Back from the days of 10/100 speeds even..
When you had multiple switches chained, you would normally have the uplink from the switch at 100, while the clients on the switch were only set to 10..
Lagg or lacp could be used as well for your uplinks. Only problem with just creating say a 2x1ge lagg and throwing your vlans on that, is you don't really have control over what traffic will go over which physical link.. But when you have lots of clients etc. all talking to different stuff it another solution.
-
@johnpoz I was reading that I225 seems to be working well now, is that the case? It's a long thread but it seems like it should be fine.
-
@kuro68k I haven't been following that thread - sorry. I don't have a i225, so no idea.
