On 1/10/10 3:32 AM, David Newman wrote:
On 1/9/10 5:40 PM, Tortise wrote:
I thought a managed switch was a pre-requisite for VLAN's, as is one
pfSense box (or equivalent).
All switches here are managed.
Not necessarily. At least one box that can forward traffic among VLANs
is the only requirement. In many network designs there's a 1:1
correspondence between VLANs and IP subnets, so that box is ... a router.
Correct. The two VLANs have their own IP Subnets.
pfSense is a router in the sense that it moves traffic between different
IP subnets on different interfaces. (Routers also can run dynamic
routing protocols such as OSPF but that's neither here nor there with
regard to VLAN and subnet configuration.)
VLANs are Ethernet constructs and subnets are IP constructs:
- at layer 2, each VLAN is its own broadcast domain (and collision
domain, if using 802.11 or old half-duplex Ethernet stuff)
- at layer 3, each IP subnet is its own broadcast domain
As for "managed," that usually refers to whether a switch supports a
network management protocol such as SNMP. Net management stuff is nice
to have but isn't necessary for configuring VLANs and/or subnets.
So, bottom line: One pfSense box *could* be enough if there are
different VLANs/IP subnets defined on each interface and only one
physical device per VLAN/subnet.
ok.
OTOH if you want to have multiple devices in each VLAN, a switch hanging
off each VLAN interface would be necessary.
Yep. The setup is working already with 2 VLANs, but with two pfSense boxes.
Thanks.
Fabian
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
