OPNsense Forum

English Forums => Hardware and Performance => Topic started by: N0_Klu3 on March 17, 2021, 11:56:05 am

Title: Separate LAN's or use VLANs?
Post by: N0_Klu3 on March 17, 2021, 11:56:05 am

So here is my setup:
Router with 4x 1gbe LAN ports split like:
1x WAN
1x LAN
1x IoT
1x Guest

Now my Shield TV and other bits are on IoT, and my server is on LAN.
Which works well, but I see a lot of traffic especially when playing 4k passing between IoT and LAN networks...

I have fully managed Unifi switches so can setup VLAN's better.
I'm wondering if it would be better to keep then physically separate ie each VLAN has its own physical NIC or to use LAGG and do like 2x NIC's to Switch.
My internet is atm only 45mb down, so I dont need LAGG from Router to Switch.
I do hope to get 1gb up/down in the next 6 months.

I'm just curious to all those proper network people if my setup is good or not.
Physically separate networks or to utilise VLANs better?
If its better to make use of VLANs, is it worth setting up LAGG and say 2x NICs to Switch?
Or just stick with 1x WAN and 1x LAN/IOT/Guest?

EDIT: I also want to point out that I set it up like this as it was simple.
I didnt have much setup to do it just kinda works.
On the Unifi switch I set 3 ports to their specific networks. So it matches the 3x LAN/IoT/Guest networks I have.

Title: Re: Separate LAN's or use VLANs?
Post by: bartjsmit on March 18, 2021, 07:43:57 am

Just considering the router-switch connection, I would use two cables with a LAGG and VLAN's because:

- your resilience is higher (neither port failure nor cable failure will cause an outage)
- you halve the number of cables
- the Unifi switch gains two free ports
- you can add more VLAN's without adding cables (e.g. keep your TV and IoT separate)

Bart...

Title: Re: Separate LAN's or use VLANs?
Post by: N0_Klu3 on March 19, 2021, 07:11:58 pm

Hey Bart,

Thanks for the reply.
I was leaning to the same thing. I got VLANS setup, albeit right now via a single cable.
Will do LAGG later on.

Title: Re: Separate LAN's or use VLANs?
Post by: bartjsmit on March 20, 2021, 09:40:56 am

To be honest, from a system perspective the LAGG may be icing on the cake  ;)

Even with gigabit WAN you're unlikely to saturate a single link and unless you set up a UPS, CARP, stacked switches and dual WAN, you'll always have SPOF somewhere.

Bart...

Title: Re: Separate LAN's or use VLANs?
Post by: N0_Klu3 on March 20, 2021, 07:35:36 pm

Yeah its always a eek our a bit extra here or there and testing and tuning each little aspect of it.
Best part to be honest :)