building my own switch?

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.
K

koifish59

Member
Sep 30, 2020
66
19
8
We have another small office that only needs wifi, no other ethernet networking. I plan on purchasing this Supermicro 5019D-FN8TP, setup ESXi on it and run a pfsense VM for our firewall and IPsec VPN to connect the office to our datacenter. There will only be a single Ruckus R750 AP connected directly to this machine for wifi, and of course the WAN going straight into this machine. The virtual switch will be configured inside ESXi.

I'm essentially using this machine as the switch itself for the LAN and WAN, separated on different vLANs. Will there by an issues if I skipped a physical dedicated switch, and what are the downsides? There are already 8 ports on this machine!
 
I

itronin

Well-Known Member
Nov 24, 2018
1,242
803
113
Denver, Colorado
Dumb question, why not pass the physical interface for the AP to the pfSense VM as well? At a guess you could also configure vlans at that physical interface and SSID assigned to VLANS in the AP so you can have the typical office guest, corp, staff SSID/VLAN's as well and do the appropriate magic in pfSense.

If pfSense is the only VM then why not run pfSense baremetal saving the complexity/cost of a hypervisor in the mix.

As an observation the only other thing I see is the need for a power brick or POE++ inejctor for the R750 but I'm sure you've thought of that already.
 
  • Like
Reactions: altmind
K

koifish59

Member
Sep 30, 2020
66
19
8
itronin said:
Dumb question, why not pass the physical interface for the AP to the pfSense VM as well? At a guess you could also configure vlans at that physical interface and SSID assigned to VLANS in the AP so you can have the typical office guest, corp, staff SSID/VLAN's as well and do the appropriate magic in pfSense.

If pfSense is the only VM then why not run pfSense baremetal saving the complexity/cost of a hypervisor in the mix.

As an observation the only other thing I see is the need for a power brick or POE++ inejctor for the R750 but I'm sure you've thought of that already.
Click to expand...
I left out a few details that I didn't think was too important. But the reason I'm running pfsense as a VM instead of a standalone bare metal install is because there are a few other VMs I'd like to run on this ESXi host (TrueNAS for offsite replication of a datacenter NAS, a VPN to AWS, and possibly a few windows servers in the future when expanding).

We need to use vLANs for the different wifi SSIDs. One for visitors, one for employees, and one for shared company devices. And yep, I'll grab a POE injector for the single R750 AP. One injector would be a cleaner install than a separate managed POE switch for 1 device.

Also, I can manage this ESXi host (and pfsense guest VM) with vCenter. Can't do that if it was installed on bare metal.


PS - the couple P4510 ssds you sold me a while back has been running in our production vSAN cluster, and is chugging along quite wonderfully :D
 
  • Like
Reactions: itronin
You must log in or register to reply here.
Top Bottom