Hello experts :)
I'm building a new gateway, and I was wondering if it is better* to use two interfaces for LAN + WAN or just one dual interface?
By "better" I'm thinking of max throughput, features, security, CPU usage, etc. so quite broad. Does it make any difference, or is it all just theoretical at best?
EDIT TO ADD:
Follow-up question: If using a dual NIC for two LANs, would internal switching etc. happen or does everything still need to leave the card? In other words, would the above matter with two LANs if not with WAN + LAN?
Obviously, one NIC for both WAN and LAN (aka router on a stick) requires VLANs and a switch to separate the WAN out. Also, the bandwidth is shared, meaning less speed in certain situations (i.e. with bi-directional traffic).
As for the follow-up: If you really have two separate LANs with different subnets, this would work if set up correctly for inter-LAN routing. However, if you want to use both LAN ports similar to a switch on the same subnet, you will have to set up a bridge as per instructions in the OpnSense documentation (https://docs.opnsense.org/manual/how-tos/lan_bridge.html).
@meyergru I read it as what is better two cards with one NIC only each, total 2 NICs, or one card with two NICs, still total of 2 NICs. Difference in the number of hardware interfaces to motherboard used, as in one PCIe or two.
Maybe I misread it though.
OP, if I read it as you meant it, just watch out for lanes used in each scenario, assuming both are same type and features.
If it was meant like that, then the short answer is that most dual-NIC PCIe cards are essentially two separate cards in one slot. This has both the advantage and disadvantage of shared PCIe lanes.
That depends on the situation: If you have few slots (or only some with one PCIe lane), you may have to go that way. As for old models with high bandwidth (e.g. X520-DA2), they use 8 PCIe 2.0 lanes in order to use the full added bandwidth. Although they do work with 4 lanes, this would limit the overall throughput.