Virtual Interface for VLAN'ing?

  • I apologize in advance if this is a dumb question, but I'm hoping to get some specific best practices on a couple questions I had about virtual interfaces, VLANs, and hardware tagging.

    Is it best practice, or ideal, to have a separate hardware NIC for each additional VLAN I want to create?  For example, one NIC & an associated interface for my Cisco CVO work router?  And, one NIC/interface for a guest wireless AP?

    I'm stuck with my current M350 mini-ITX enclosure/Intel D2500CCE motherboard as far as any expansion ports being utilized.  The only way I can think of putting my Cisco CVO and Guest wireless AP on segmented VLANs, yet have full WAN access on their own respectively different subnets is to create two virtual interfaces and leverage VLAN tagging on my Netgear GS724T smart switch.

    If my theory of virtual interfaces is OK and won't cause heartache down the road in pfSense, is there a search phrase here or via Google you can point me to?  I can find nothing specific enough in my searches to get my hardware to leverage VLANs successfully in the attempts that I've tried.

    Thanks in advance for any pointers!

  • The main reason for VLANs is to reduce the amount of hardware you need. You don't need more physical interfaces unless you need more bandwidth. It is good practice to have a separate NIC for a management interface, but that's more of an enterprise thing.

Log in to reply