10G NAS directly to pfSense or switch?
-
Hi
I have a 10G pfsense box, switch and NAS. My NAS (TrueNAS) is on its own VLAN managed by pfSense.
My question is should I connect my NAS directly to one of the two 10G ports on my pfSense box? Or should I just connect it to my switch that would be connected to pfsense via 2x 10G (aggregated)?
Any comments and feedback on pros and cons of both solutions would be highly appreciated.
-
@runevn Why route your NAS traffic through pfSense?
Put it on the Switch so traffic doesn't need to go through your router.
-
@nogbadthebad Good question. My initial thought was to have the ability to put the VLAN behind the pfSense firewall so that I could manage access from my other VLANs and to specific ports.
My switch is a Ubiquitous EdgeSwitch 16 XG. I'm not sure if it will manage inter-vlan routing to and from specific VLANs.
But is this the "right"/best way to do it?
-
@runevn Looks like the switch supports VLANS:-
https://dl.ui.com/datasheets/edgemax/EdgeSwitch_ES-16-XG_DS.pdf
You'd create the layer 3 interfaces & VLANS on your pfSense LAN interface and then trunk.
My comment "Put it on the Switch so traffic doesn't need to go through your router" was based on your LAN and NAS being on different networks.
-
Mmm, going through the switch is a more flexible setup IMO. If you have a client that needs unrestricted access for example you can just change the VLAN it's on at the switch and that traffic is then direct without needing to go through pfSense.
Steve
-
@runevn said in 10G NAS directly to pfSense or switch?:
Any comments and feedback on pros and cons of both solutions would be highly appreciated.
Hi,
In the second case (fig.), pfS is just holding back the TrueNAS, which is why the more serious network topologies use independent storage switching networks...
in case you are feeding the NAS 10Gig anyway, from the fast switching chips you can get the performance you need, NIC PHY(s) cannot compete at this point...
-
@stephenw10 Thanks.
-
@daddygo Thanks for your reply. I will try setting up inter-vlan-routing.
-
Hello together,
I would say it all depends on what switch is here in usage!
If it is Layer 2 (only) and you work with VLANs someone
(pfSense) must route between the VLANs, it is like it is.If this will be a Small Layer3 Switch it can be route the entire VLAN traffic alone. So if this will be able connect the NAS to the Switch and the Switch to the pfSense or
get perhaps your hands on a "small" Layer3 Switch like
Cisco SG350 Series. -
@dobby_ Thanks for your reply. I have been looking into it and I think that my current switch can do basic inter vlan routing so I think I will try that. But thanks for your reply.
