G+_Joshua Gaede Posted May 1, 2018 Share Posted May 1, 2018 I was looking into upgrading my home network. For my router I want to tackle a pfsense based router. I'm looking for a decently priced layer 2 switch to go along with it that can handle some vlan tagging. Any suggestions would be helpful. Link to comment Share on other sites More sharing options...
G+_Paul Hutchinson Posted May 1, 2018 Share Posted May 1, 2018 IIRC VLAN tagging is an OSI level 3 function so you'll need a level 3 switch. A Netgear with their "level 3 lite" may do it too. Link to comment Share on other sites More sharing options...
G+_Joshua Gaede Posted May 1, 2018 Author Share Posted May 1, 2018 My layer 3 device should be my pfsense machine, or am I mistaken? So is there any reason not to get a $40 switch and call it a day? Link to comment Share on other sites More sharing options...
G+_Paul Hutchinson Posted May 1, 2018 Share Posted May 1, 2018 Yes routers are layer three where VLAN tagging happens. The layer 2 switch won't be aware of the VAN tags so they will just be passed along from the pfSense router. Link to comment Share on other sites More sharing options...
G+_Ben Reese Posted May 1, 2018 Share Posted May 1, 2018 If you're looking for a smaller switch (not enterprise grade), you can usually search for "smart" and/or "managed" switches. Here's an example of a switch that should do what you want - and is in your $40 range: TP-Link 8-Port Gigabit Ethernet Easy Smart Switch | Managed Plus https://www.amazon.com/dp/B00K4DS5KU/ I'm far from a network expert, but what I remember is there are 3 levels of switches when it comes to VLANs: 1) no VLAN support and VLAN tags are dropped 2) no VLAN tagging, but existing tags are kept and passed through 3) ports can be set to tag network packets amazon.com - Robot Check Link to comment Share on other sites More sharing options...
G+_Paul Hutchinson Posted May 1, 2018 Share Posted May 1, 2018 Ben Reese My understanding is that option 1 does not exist. A very cheap standard OSI level 2 switch does not drop or add anything from the packets passing through, it simply routes entire packets based on MAC addresses only. Link to comment Share on other sites More sharing options...
G+_Neil Sondhi Posted May 2, 2018 Share Posted May 2, 2018 I would suggest to invest upfront a bit and it will pay off in the longer run. I’m using d-link DGS-1210 managed switch and pfsense on a independent HW. It’s wise to keep them independently because when network load increases with time you will thank the idea and ease to troubleshooting it will give. Ben Reese and Paul Hutchinson are right and from my personal experience I settled with having pfsense running independent. Link to comment Share on other sites More sharing options...
Recommended Posts