pfSense 2.4 with a Cisco Layer 3 switch and VLANs

darryl.lawler · September 22, 2019, 1:56pm

My current setup is the following:

Comcast Internet Modem > pfSense 2.4.4 on a Qotom MiniPC with Intel i7-7500U (16GB RAM, 256GB SSD) > 2x Cisco SGE2000P switches (stacked) > devices

My question is whether I would have better throughput speeds if I configured and managed the VLANs from the pfSense box and put the SGE2000P stack in Layer 2 mode vs sending all traffic from pfSense to the SGE2000P stack in Layer 3 mode and letting the SGE2000P stack manage VLANs.

Thoughts?

jbredereck · September 22, 2019, 4:30pm

In my experience, nothing beats the performance of a good layer3 switch when it comes to routing between VLANs. So if it’s throughput speed you’re looking for, I would go with having the switches route your VLANs.

On the other hand: if you need to manage/shape and firewall the traffic between your VLANs, then pfSense ist your tool of choice since it’s much more flexible and feature rich than your average layer3-switch.

darryl.lawler · September 22, 2019, 5:04pm

Sounds good. Thank you for the feedback!