4. Switch Vs Multi port NIC?

Switch Vs Multi port NIC?

  • B

    I have a small Lab build I am going to test I wanted to know if cost wasn't an option if it would be better to put in a few Multi-port NIC's or use a single NIC and a switch. waiting for parts so I haven't started the PFsense install yet but it seems to me you have more control with Multi-Port NICS then with a single interface and a switch.

    I assume I could as an example Set ports 1-8 to be Intranet Only and configure 9-12 for Internet?

    0
  • ?

    I have a small Lab build I am going to test I wanted to know if cost wasn't an option if it would be better to put in a few Multi-port NIC's or use a single NIC and a switch.

    I would prefer a few multi-port NICs over the single NIC variant.

    waiting for parts so I haven't started the PFsense install yet but it seems to me you have more control with Multi-Port NICS then with a single interface and a switch.

    A single NIC and much VLANs would be going to deliver less throughput if the traffic scales up.

    I assume I could as an example Set ports 1-8 to be Intranet Only and configure 9-12 for Internet?

    8 LAN ports and 4 WAN ports would be better then a single port with much VLANs on it.
    It all depends on what you want to realize, but based on your input I think you would be fine with
    load balancing and a fail over set up. There are thee main options to walk this road;

    • policy based routing
    • session based routing
    • service based routing

    To assign the rest of the network you will be also able to realize it in some different ways.

    Plain Routing:
    On each LAN port you are able to connect a dump unmanaged switch, but each LAN port holds his own
    network and subnet likes 192.168.1.0/24 (255.255.255.0) on re0 or vr0 and 192.168.2.0/24 on re1 or vr1.

    VLANs: (pfSense is routing)
    You might be also connecting on one LAN port to a Layer2 LAN switch that is then splitting the network in
    more single segments and each gets his own IP address range, but pfSense is routing between them.

    VLANs: (LAN switch is routing)
    You might be also able to connect one Layer3 or more (stacked) Switch(es) to one LAN port of the pfSense
    box and then the switch(es) is/are routing between the VLANs. Would be better on really huge installations.

    0
  • C

    @Belezeebub:

    I have a small Lab build I am going to test I wanted to know if cost wasn't an option if it would be better to put in a few Multi-port NIC's or use a single NIC and a switch. waiting for parts so I haven't started the PFsense install yet but it seems to me you have more control with Multi-Port NICS then with a single interface and a switch.

    You do get more control. But a multi-port firewall is not a switch. There is significant overhead in packet filtering, it's rarely desirable for performance reasons to use a multi-port firewall over a switch. Where more control is more important than high performance on the LAN, then a multi-port NIC can be a good option instead of a switch.

    0
  • K

    Simple:
    If you have one set of end points which you don't want to speak to the outside world, have them on a switch together.

    If you have one set of end points which you do want speaking to the outside world have them on a switch together and route them through a pfsense box on the way out.

    Don't overcomplicate this

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy