Disclaimer: I’m not an expert. I do networking on the side, so please correct me if I’m wrong about anything. I’ve also done quite some research but couldn’t find what I’m looking for other than the advice to get an L3 switch instead.
We have a small network containing a R210 II pfSense router/firewall, a UniFi switch, and UniFi APs feeding internet to both home and business.
The guest network has its own VLAN. However, VoIP, IPTV, game consoles, IP cams, IoT devices, etc reside on the very same untagged VLAN. This has always made me incredibly uneasy. Ideally, I’d add VLANs, isolate where possible, configure mDNS, and make everything tagged, but with our switches being layer 2, I’m afraid it will hurt inter-VLAN performance and unnecessarily congest the entire network on layer 3 (since the R210 II will be doing all the routing).
We’ve encountered serious bottleneck issues before which ultimately had us upgrade to the R210 II with pfSense. Our network has never been this stable, but I may be asking too much regarding VLANs. I can’t really test things freely as everything’s in production, so I’m here to ask for advice from the pros!
(I realise the layer 2 switch was a mistake. We could’ve got a layer 3 switch which cost just as much as the UniFi, but it is as it is now.)
To VLAN or not to VLAN?
No comments:
Post a Comment