Hi all…
busy with some upgrades.
Please see below.
I like 3A as it will show me on unify network manager which lives as a container on my TrueNAS both the USW switches/interconnected.
With 3B it will show it, but it will hang in the air… Would have loved if i was able to show on unify network manager my pfSense.
comment please.
Looks great. 3A is OK as everything on the Max24 is 1 Gbps anyway. The slightly better performance of 3B won’t be tangible.
… all that had me wondering… all my FW rules etc sit on the pfSense…
so for 3B is’ device switch FW and back down, where as 3A it’s 2 hops.
But then the devices in question prob wont feel/care anyhow.
vlan10 is all physically connected machines.
vLan20 is all general purpose Wifi
vLan30 is LAB
vLan100 is IoT/SmartHome/Sonoff’s.
… I might buy an addition i226 and patch the Game Station into the MAX at 2.5GbE.
I might start with the TrueNAS plugged into the MAX… move that card to the GameStation and replace it with the FiberCard…
Got gifted a box of Dell SFP+'s…
Wondering if they will work on the Unifi USW’s
the reservation i’d have is depending on how dispersed the VMs are over VLANs your pfsense hardware maybe maxed out and becoming a bottleneck. If the VMs the communicate with each other sit in the same VLAN it is all good. You want to make sure that the traffic between the hypervisors and truenas are not routed, just switched.
The TrueNAS is as you can guess big storage which will be used by the ProxMox cluster.
the TrueNAS also hosts Plex which is access through all Wifi devices and TV.
Alternate might be to loose vLan30 and simply put the pMoxX on vLan0
G
if you have a lot of traffic between vlan0 on both switches, got for 3A.
Plex is NOT your problem if you look at network performance
to be honest i’d have a separate VLAN for storage and another for VM hot migration. the devices in each of these 2 VLANs should talk directly to each other, not over the router. You wouldn’t even need to configure those VLANs on the router.
agree… routing Plex back to the aggregation and down the max onto the wired AppleTV is light weight…
the heavy lifting will be the pMOX cluster and the storage used on the TrueNAS.
the new pfSense has a nice beefy 16Gb RAM, Intel U300E CPU, some great single thread performance… about 10x current device.
I’ve upped my internet link and start seeing “stuttering” realising the current pfSense can’t handle the volume.
G
ye…
will need to see how much work will be involved to move TrueNAS to say vLan 30.
G
from all I have ssen recently on pfsense single stream/single thread, you won’t be able to to get awesomw performance. what it can do is a lot of simultaneous streams if you give it 8 cores or more. This is the only way you can saturate the 10G link.
or… might duel expose TrueNAS… give/use the current 1GbE onto vLan0 via MAX for general traffic and expose onto vLan30 via the 10GbE SFP’s.
making it pretty much local to both…
remember: each interface can have multiple VLANs, if you dont have as many VLANs as you have interfaces…
it is a 8 core processor.
the U300E is a pretty new 2024 released.
I see you got it concerning the TrueNAS! congrats
again, on your router you may saturate the link with multiple streams. Single stream speed may be capped! for hypervisor storage traffic between hypervisors and truenas, as well as vm migration traffic between hypervisors- NEVER route.
i’m thinking 3A, with the TrueNAS dual exposed. on vLan0 (2.5GbE i226’) where it is currently and then vLan30 via Fiber for Storage access by the pmox cluster.
My MBP sits on vLan20 and I store/access allot there… but then thats Wifi Unifi AP’s (6’s) anyhow so whichever network it sits on also won’t much difference.
that way the pmox is local… but wondering… as the rules for and access sits on the pfSense, will it go all the way up to make sure pmox is allowed to talk to TN,
traffic will only hit your router when it crossses the subnets/VLANs. and that is how you want it.
If you positively want to filter certain traffic, ensure that those endpoints sit on different VLANs.
with then mean if i dual home the TN on both vLan0 and vLan30 I keep all traffic local. I might even use the i226 to give the TN a vLan0 and vLan20 address and then use the Fiber card for a vLan30 local to the lab… as you say it’s just vLan’s.
the lab is a data analytics lab… accessing TB’s of data on MinIO
G
i`d ensure that VLAN 30 is the only VLAN on a physical interface of TN to esnure max performance for the hypervisors. Everything else is kind of uninteresting as the clients are just on 1Gbps or even Wifi. For all these VLANs altogether (excluding VLAN 30) you can use a 1Gbps, 2.5Gbps or a 10GBps interface. the VLAN30 should be on the aggregation switch. where you put the other interface with the other VLANs (on Max or Agg) doesn’t matter.
so we’d say 3A is da winner… chicken dinner… as it’s best for the heavy workload… but still work for everything else.
G
