Andne 13 Posted April 29, 2020 Share Posted April 29, 2020 I'm starting a network upgrade since my pfSense box has failed and needs replacing (one of those SuperMicro Atom D525 boxes from years ago). While trying to decide on another pfSense (or similar box) vs. a dedicated appliance I came across the Ubiquiti USG-Pro and Dream Machine Pro. Currently I have multiple VLANs in my network that a Cisco SG300 does the routing between and forwards internet traffic to the pfSense box. This gives me some pretty nice speeds between computers and servers and so is a configuration I want to keep. Prior to having the layer 3 switch I used pfSense to route VLANs and that was significantly slower. While my immediate need is for a router, I'm hoping to use it as a starting point for an overhaul of my network. I've heard good things about Ubiquiti UniFi system and the integration when you use all of its stuff, but they don't seem to have any layer 3 switches so I'm concerned that the Dream Machine would be doing all of the routing in software and as such wouldn't have very good throughput between VLANs. Searching online isn't giving my very clear information (half of it is marketing stuff, some of the rest seems to point to a different issue in the SFP ports). Does anyone here have any experience they can share regarding VLAN routing on Ubiquiti hardware? Link to post Share on other sites
nrf 135 Posted April 29, 2020 Share Posted April 29, 2020 does your cisco switch route the vlans based on vlan tags or ip addresses? Link to post Share on other sites
Andne 13 Posted April 29, 2020 Author Share Posted April 29, 2020 It's running in Layer 3 mode and does IP-based routing. Link to post Share on other sites
oj88 135 Posted April 30, 2020 Share Posted April 30, 2020 (edited) Keep the Cisco switch for inter-VLAN routing and use the USG or DM upstream on a routed port. This is particularly helpful if you have a server somewhere (Plex Media server in my case) that can benefit from wirespeed inter-VLAN performance. Obviously, you'll need to manage your UniFi products (USG/DM and/or UAP) and your Cisco switch separately.... which should be fine... if you don't change the VLANs regularly. Here's my setup: Big family. Logical: Physical: Edited April 30, 2020 by oj88 Link to post Share on other sites
Andne 13 Posted April 30, 2020 Author Share Posted April 30, 2020 Yeah, I have a Plex server as well along with Server 2012 Essentials on a separate VLAN from the main computers. I do need to upgrade my core Layer 3 switch sometime too, running low on ports on it (it's just a 10-port), so I'm also trying to look at this as the starting point for planning out other changes to my network (I moved recently, so some of my existing layout doesn't work as well anymore). Seems like if I'm not going to replace most of my equipment with Ubiquiti (which if it can't easily do wire-line speed between VLANs I won't) there's little reason to use any of it. Then I think I'm looking at Cicso RV-series routers (half my other equipment is Cisco SMB line already) or another 1U box running pfSense or something else. Just can't decide on the appliance device vs. build-my-own again. Add in starting to need to update the main servers as well and no new versions of WSE anymore and I think I have a lot of pieces to figure out and put together now. Checked my order history on Newegg, I bought the pfSense box in November 2012. So good use out of it at least. Link to post Share on other sites
ShadowPeo 81 Posted May 6, 2020 Share Posted May 6, 2020 I use a USG4 Pro at home, more so because I cannot be bothered with multiple management interfaces. I have had no real issues with the performance, but it does route based on tags as my best guess. Having said that I have no doubt that the Cisco equipment would be faster Link to post Share on other sites
mattb75 16 Posted July 21, 2020 Share Posted July 21, 2020 Bit late to this, but Ubiquiti now do a layer 3 switch in two flavours in their UniFi Gen 2 switch range.1) A 24 port PoE pro version which is around £800 in the UK2) a 24 port non-PoE Pro version which at around £350 is the same price as their 24 port PoE version which doesn’t do layer 3 but does have PoE.The configuration is all through the controller. Lawrence Systems on YouTube did a review a few weeks back on the firmware update which enabled the layer-3 support. Link to post Share on other sites
nrf 135 Posted July 22, 2020 Share Posted July 22, 2020 On 4/29/2020 at 9:35 PM, oj88 said: Big family so many vlans. in the unifis, how do vlans get assigned to client devices? Link to post Share on other sites
oj88 135 Posted July 22, 2020 Share Posted July 22, 2020 (edited) 31 minutes ago, nrf said: so many vlans. in the unifis, how do vlans get assigned to client devices? All APs boradcast multiple SSIDs while each SSID is assigned to a specific VLAN. Each family is assigned an SSID and consequently, a VLAN. It was primarily used to separate our IoT devices from seeing each other (which they will if they were all on the same broadcast domain). Edited July 22, 2020 by oj88 1 Link to post Share on other sites
nrf 135 Posted July 22, 2020 Share Posted July 22, 2020 (edited) cool. in practice, do any of those IOT devices get routed to other VLANs by the L3 switch? Edited July 22, 2020 by nrf Link to post Share on other sites
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now