On 14-06-19 02:43 AM, Mike Jackson wrote:
Quoting ML mail <mlnos...@yahoo.com>:
I have four /24 subnets and currently have one subnet per ethernet
interface (1Gbit/s) on my openbsd firewall. Now I was wondering if in
terms of performance (especially latency/pps) it is better to have
one subnet per ethernet interface like I have now or to have the four
subnets on one single interface using vlan interfaces?
I haven't noticed any difference myself.
Note here that I would also be using the trunk interface to aggregate
two 10 Gbit/s interfaces for redundancy. So my four VLANs would be
inside a trunk interface.
OSPF combined with ECMP is a more robust and flexible solution than
trunking IMO.
While OSPF w/ECMP is a nice technology to deploy, it does rely on all
your other talkers also running OSPF.
Using trunking is much more generic, and does not require advanced
intelligence further up the stack on all the clients/peers.
Note also that 802.3ad (LACP) is much faster at handling link-down (and
link-up) events than OSPF, and the OP specifically said "for redundancy".
All my routers & firewalls are deployed using 802.1Q-over-802.3ad, and I
find it is vastly preferable from a management and bandwidth standpoint
compared to running discrete interfaces.
My very limited testing (back on 5.3, I think?) showed a very small but
consistent performance loss when using trunked VLANs, on the order of
<2%. Consider that such a small measurement could easily be measurement
error or some other hidden bias. For that matter, it could even be the
switch that was slowing things down - I didn't exactly do exhaustive tests.
--
-Adam Thompson
athom...@athompso.net
