Hi, I just did this with PFsense and Cisco 4948 switch. My best move yet! So the Cisco switch handles VLANs, Gateway addresses, and inter-vlan routing for all ubiquiti connected WLAN sites. Now even if internet or the PFsense router goes down, all business systems are still up and running. I can reboot PFsense all frickin day long now, and no issue with internal messaging, VoIP systems, billing, shared file folders, etc, etc.... Wish I knew this much earlier. This should be the absolute standard now. Oh, and I'm also using Windows 2022 DHCP server across all Vlans. Since I made this move, the entire network is much faster and stable. The only issue left to resolve is the consistent interference on the congested 5ghz band, and we're looking at eith 11Ghz or 16Ghz to finally sirt this issue out, which means we'll be able to now build out gigabit connections to hotels for IPTV transport streams.
The first time i saw this topology was at an elementary school, i really dig it. Kind of made it a little tricky to troubleshoot inter-vlan door lock timeouts however. I am used to advanced logging and PCap with firewalls.
@@Wahinies Door lock timeouts, as in access control? Why not just assign a single vlan to time and attendance and access control? Wait, that's what we're talking about, right?
Few years back i setup a layer 3 cisvo 6513 core fibre module to layer 2 switching, has a PON connected into as well. Had quite a few VLANS setup and use of VRF connecting to cisco contrxt based ASA stareful firewalls.
Hello Willie, looking forward to content. What happened to the small business configuration series, I think it had some basic VLAN configs and then went MIA. Do you plan to finish it?
Hi Willie - great video as always. I have a ubiquiti USW-Aggregation switch with 2 10GbE devices and 3 2.5GbE laptops. The connection to the router (UDM-SE) is 1 Gbe. But I get superfast file transfers between the devices on the USW-Aggregation. All devices are on the same VLAN. So does that mean that the file transfer traffic is not going up to the Router and hence isn't being throttle by the 1 GbE link?
Correct. Same vlan traffic stays on the switch. Only time it goes to the router is if you need to perform intervlan routing via a router on the stick config.
@@dosmaiz7361 - Just to clarify - if the 2.5GbE devices were on a separate VLAN to the 10GbE devices, then, the packets would need to travel across the 1 Gbe link to the UDM-SE in order to get routed between the two VLANs. I am getting a Pro Max 24 switch and am looking to move the 2.5 GbE connection from the Aggregation switch to the 2.5 GbE ports on the Pro Max as part of that move they will likely be on a different VLAN
@rogerjones9984 correct. Also, I'm not familiar with ubiquiti switches, but if your switch is layer 3 is capable, you can configure the L3 switch to perform the intervlan routing. Since the switch performs the routing it processes it at wire speed (in this case 2.5Gb between the 2.5Gb devices.) It's how most enterprise networks are configured when intervlan routing is needed for wire speed routing, bypassing the router all together.
Hi, I just did this with PFsense and Cisco 4948 switch. My best move yet! So the Cisco switch handles VLANs, Gateway addresses, and inter-vlan routing for all ubiquiti connected WLAN sites. Now even if internet or the PFsense router goes down, all business systems are still up and running. I can reboot PFsense all frickin day long now, and no issue with internal messaging, VoIP systems, billing, shared file folders, etc, etc.... Wish I knew this much earlier. This should be the absolute standard now. Oh, and I'm also using Windows 2022 DHCP server across all Vlans. Since I made this move, the entire network is much faster and stable. The only issue left to resolve is the consistent interference on the congested 5ghz band, and we're looking at eith 11Ghz or 16Ghz to finally sirt this issue out, which means we'll be able to now build out gigabit connections to hotels for IPTV transport streams.
The first time i saw this topology was at an elementary school, i really dig it. Kind of made it a little tricky to troubleshoot inter-vlan door lock timeouts however. I am used to advanced logging and PCap with firewalls.
@@Wahinies Door lock timeouts, as in access control? Why not just assign a single vlan to time and attendance and access control? Wait, that's what we're talking about, right?
Few years back i setup a layer 3 cisvo 6513 core fibre module to layer 2 switching, has a PON connected into as well. Had quite a few VLANS setup and use of VRF connecting to cisco contrxt based ASA stareful firewalls.
Great explanation of the difference. Looking forward to the additional videos.
Thanks again Willie for a very interesting video. Looking foward to learn about the layer 3 switch.😀
Willie, are we going to see any Grandstream layer 3 switching videos? I would be very interested.
Another great video and explanation, Willie. Eager to see the coming videos!
Great video, I subscribed, keep them coming!
Hello Willie, looking forward to content. What happened to the small business configuration series, I think it had some basic VLAN configs and then went MIA. Do you plan to finish it?
Can update it for sure.
@@WillieHowe looking forward!
Hi Willie - great video as always. I have a ubiquiti USW-Aggregation switch with 2 10GbE devices and 3 2.5GbE laptops. The connection to the router (UDM-SE) is 1 Gbe. But I get superfast file transfers between the devices on the USW-Aggregation. All devices are on the same VLAN. So does that mean that the file transfer traffic is not going up to the Router and hence isn't being throttle by the 1 GbE link?
Correct. Same vlan traffic stays on the switch. Only time it goes to the router is if you need to perform intervlan routing via a router on the stick config.
@@dosmaiz7361 - Just to clarify - if the 2.5GbE devices were on a separate VLAN to the 10GbE devices, then, the packets would need to travel across the 1 Gbe link to the UDM-SE in order to get routed between the two VLANs. I am getting a Pro Max 24 switch and am looking to move the 2.5 GbE connection from the Aggregation switch to the 2.5 GbE ports on the Pro Max as part of that move they will likely be on a different VLAN
@rogerjones9984 correct. Also, I'm not familiar with ubiquiti switches, but if your switch is layer 3 is capable, you can configure the L3 switch to perform the intervlan routing. Since the switch performs the routing it processes it at wire speed (in this case 2.5Gb between the 2.5Gb devices.) It's how most enterprise networks are configured when intervlan routing is needed for wire speed routing, bypassing the router all together.
Where is the stick?
What if you have 10 trunk link between your router and L2 ?switch
Then you're limited to 10gb but still not as efficient as l3
but i am spending super high amounts on switches and i still dont route on them, i route on at the edge.
For your application that probably works great.