OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 21.1 Legacy Series »
  • VLAN performance
« previous next »
  • Print
Pages: [1]

Author Topic: VLAN performance  (Read 3120 times)

verasense

  • Newbie
  • *
  • Posts: 41
  • Karma: 1
    • View Profile
VLAN performance
« on: March 18, 2021, 02:46:32 am »
I have an opnsense with a WAN and a LAN connection. The LAN has 3 VLANs and is connected to a switch.

I am a bit concerned about performance, so taking advantage I recently got a second switch I am thinking on an improvement. Since the 3 VLANs share the same network cable, it seems reasonable to me that this could cause performance issues, if the three VLANs move a lot of data at the same time. So I am considering two scenarios:

A) Spliting the VLANs, placing VLAN 1 (the most important) on its own cable and VLAN2 and 3 on another. The second switch will also have some VLAN 2 devices that will be routed through the main switch.

B) Just connecting the new switch to the main one. Opnsense will manage the 3 VLANs on a single cable as before.

So, out of these two options (A and B, as shown in the image). What is more "correct"?
(Note: maybe there is another option that I am not contemplating)
Logged

mimugmail

  • Hero Member
  • *****
  • Posts: 6767
  • Karma: 494
    • View Profile
Re: VLAN performance
« Reply #1 on: March 18, 2021, 06:17:27 am »
It heavily depends on your traffic. I'd go for 1, as I so this always for customers with 10G.
Logged
WWW: www.routerperformance.net
Support plans: https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German): https://opnsense.max-it.de/

verasense

  • Newbie
  • *
  • Posts: 41
  • Karma: 1
    • View Profile
Re: VLAN performance
« Reply #2 on: March 19, 2021, 02:25:17 pm »
The performance lag might be unappreciated but I have implemented 1 (A) as you suggested. I think it is better to isolate VLAN 1 from the main switch
Logged

tryllz

  • Full Member
  • ***
  • Posts: 101
  • Karma: 0
    • View Profile
Re: VLAN performance
« Reply #3 on: March 19, 2021, 06:14:26 pm »
Sorry not hijacking the topic, just simple questions.

My VLAN's can't ping their own gateway and beyond.

1 - For VLANs to be able to ping their own gateway, do I have to enable the Parent VLAN and assign an IP to it ?

2 - Do I have to enable DHCP for devices in the VLAN, I know sounds foolish but just checking as all videos I found regarding this on OPNSense show as DHCP enabled which I'm not using.

All rules are allowed on all interfaces, and I'm not using any physical switch, this is a VMware Workstation setup, I have a Windows VM and OPNsense VM.

Thanks..
« Last Edit: March 19, 2021, 06:23:20 pm by tryllz »
Logged

verasense

  • Newbie
  • *
  • Posts: 41
  • Karma: 1
    • View Profile
Re: VLAN performance
« Reply #4 on: March 21, 2021, 01:19:46 pm »
1- ping will submit an ICMP echo request, so the destination must have an IP address. You just need to assign an IP to the VLAN interface of opnsense. If you mean "parent" as the original interface (e.g. LAN em1) no, you don't need that

2- This depends on what you want. If you want to assign IPs manually, you don't need DHCP. If you want devices to request an IP from opnsense, yes you do need DHCP.
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 21.1 Legacy Series »
  • VLAN performance
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2