TNSR and PFSense or just TNSR?
After migration from a 1Gbps network to a mixed 1/10/25Gbps network i’m looking my options for increasing routing speed. My WAN connectivity is 1Gbps.
I’ve got a Netgear 5100 as the internet gateway and it handles all my VLANs/Firewall and routing needs. However it only has 1 Gbps interfaces for WAN and internal networks. This creates a bottleneck between highspeed networks that need to communicate.
I’m looking at using PFSense just for internet connectivity and HAProxy for exposing services to the internet. Then using TNSR for all local networks and routing internally.
However I could remove PFSense but I’m not sure i need to.
I have a layer 3 switch (Ubiquiti Enterprise XG 24) but it doesn’t support ACLs. So I think TNSR could be a (much better) solution for that.
I’m just sort of airing the idea as i’m on a train with a pen and pencil. So I can make a network diagram when i get home. But just want to get some feedback on the principle idea.
WAN — PFSense — TNSR — Local VLAN/Networks
Does this sound like a plausible solution?
A bit of a rotten post without much info. I’ll make a better write up after my vacation if need be. Any thoughts are appreciated.
- Reinstall PFSense
- Designate the native LAN as the “Management network”. Management IPs of my switches, TNSR (Management plane), Hypervisors and backup systems will be placed here.
- Create required VLANs on TNSR (Home, DMZ, Backend, Guest +/-)
- Build everything on those VLANs with TNSR as the router and PFSense for WAN access.
Most communication is confined to these VLANS and can be switched at layer 2, but there are certain cases where inter-vlan traffic is required.
Use a L3 capable switch and forget about TNSR.
TNSR is a high-performance software router. If you have a need for 10, 40, 100+ Gbps then TNSR may be the solution for you.
This overview video may help as well. You can see a list of features of TNSR here.
Against other options out there, we feel the price for performance can't be beaten.