What's new

General Question: Performance differences between Managed/Unmanaged?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Mark M

Occasional Visitor
I'm a dummy and didn't do my full research on pfSense. I got a 4 port i350 NIC thinking I could use the unused card ports as a switch. I then DID my research... and figured out I'd have to bridge ports which equates to a performance loss.


I have FiOS Gig (symmetrical), I am a gamer, and several of my games have HUGE patch files updated through the game client. The nice thing is, these clients fully utilize my Gig download. Probably via multiple connections at once

I'm curious if there is a difference. I am using a Netgear R7800 in WAP mode as a switch right now. Over wired when the games are utilizing a full 900 MBPS, the R7800 utilizes over 30% CPU power. When the R7800 was in Router mode, the game clients would fully saturate the CPU on the Router and I would only get 500-550 MBPS. I am not sure why the R7800 in strictly WAP mode would use that much CPU power. I guess switching does require processing power?

TL;DR - Are there *any* performance differences between a managed and unmanaged switch? I was looking at one of those ~$20 TP Link unmanaged switches versus a Nighthawk Pro S8000 at roughly ~$80, or something in between.

On a side note, I do have a high powered 4 core 8 thread 3770k Ivy Bridge CPU powering the PfSense. Would I still get performance loss Bridging? The build seems to be good for 1 Gig+ so I'm unsure.

Thank you,
Mark
 
So first off, while software bridging won't be anywhere near as efficient per unit power as ASIC-based switching, if you can still get the throughput and packets/second you need out of the bridge, then I say, no big deal, *if* you have the CPU overhead, are not looking to use that overhead to run anything else and/or don't mind the additional power draw.

Regarding the R7800, it must be CPU-co-processing its switching throughput, even when running essentially "unmanaged", as opposed to in router mode. That may be sub-optimal, yes, but whether you'd notice a difference in total throughput, and/or any other metric by moving to another all-in-one or a discrete witch all comes down to how much performance you need and whether the R7800 is actually bottle-necking that performance in any way. From the throughput you observed, that doesn't seem to be the case here, so I doubt you'd notice much of an improvement by moving to a different switch.

While the above outcome may be what it is, that's not to say, of course, that you couldn't move to a discrete managed switch, like a Cisco SG or HPE, and not notice a huge reduction in CPU and/or slight lowering of switching latency across your LAN fabric (even after accounting for the slight increase in latency over the wire connecting the discrete switch). But would you as the end-user be able to visibly observe the difference during your game play? Probably not. At least not as much of a difference as making other improvements in your network, such as putting in a router capable of SQM QoS if you had a bunch of bufferbloat on the WAN interface, or any other issue of similar magnitude.

And lastly, is a managed switch always a higher "performing" choice than an unmanaged switch? In a like-for-like hardware comparison while doing pure L2 forwarding with no packet manipulation at all? Presuming identical hardware, likely not. But when management is needed, well, then we can't use an unmanaged switch anyways, and so the answer would be a half "Yes" there, as the managed switch has to be able to do at line-rate what the unmanaged switch could do, while also managing/manipulating packets.

Hope that makes enough sense to you.
 
Last edited:
So first off, while software bridging won't be anywhere near as efficient per unit power as ASIC-based switching, if you can still get the throughput and packets/second you need out of the bridge, then I say, no big deal, *if* you have the CPU overhead, are not looking to use that overhead to run anything else and/or don't mind the additional power draw.

Regarding the R7800, it must be CPU-co-processing its switching throughput, even when running essentially "unmanaged", as opposed to in router mode. Again, whether you'd notice a difference by moving to another all-in-one or a discrete unmanaged/managed switch all comes down to how much throughput you need to run the level of managed switching required. The R7800 may be hitting 30% CPU, but as long as it's not bottle-necking your throughput or producing any excessive packet loss, latency and/or jitter than you can prove, then I doubt you'd notice much of an improvement by moving to a different switch, in this particular use-case.

The above is not to say, of course, that you couldn't move to a discrete managed switch, like a Cisco SG or HPE, and not notice a huge reduction in CPU and/or slight lowering of switching latency across your LAN fabric (even after accounting for the slight increase in latency over the wire connecting the discrete switch). But would you as the end-user be able to visibly observe the difference during your game play? Probably not. At least not as much of a difference as making other improvements in your network, such as putting in a router capable of SQM QoS if you had a bunch of bufferbloat on the WAN interface, or any other issue of similar magnitude.

And lastly, is a managed switch always a higher "performing" choice than an unmanaged switch? In a like-for-like hardware comparison while doing pure L2 forwarding with no packet manipulation at all? Likely not, again, presuming identical hardware. But when management is needed, well, then we can't use an unmanaged switch anyways, and so the answer would kind of be yes for a managed switch in that regards, as it has to be able to do at line-rate what the unmanaged switch could do, but also while processing packets at L2 and L3.

Hope that makes enough sense to you.

It makes perfect sense, thank you!

The R7800 is in my office right now. the pfSense box is in my basement with my fiber terminal. I notice no issues with the R7800 but was just curious on that CPU usage. It does seem like it is doing some Co processing for the switch throughput.

The standalone switch will be going in the basement next to the pfSense box and will be branching off Cat 5 from there (one wire to Office R7800 AP, One wire to another WAP on a different floor, etc). I do not need any management at all. So to your point, I'll just try a cheapo 5-port Gig TP-Link and see what happens. Worse case I can return it.

Thanks again for the detailed response!
 
You're very welcome. While for your use-case and most home-user setups an unmanaged switch should suffice, it is nice to have management on your "core" switch when building out your network stack. Especially just for a five or eight-port model, the price really isn't *that* much more, and you gain the assurance that if you ever wanted to segment your network into VLANs, apply QoS, etc. you can do so without having to re-buy or re-setup your core switch. You could even get one with PoE onboard, for power and data to remote APs over a single wire -- a very nice and clean solution for that part of your network. Just a thought before you pull the trigger. :)
 
Since you are going to experiment anyway why don't you spend $10 -$15 more for a smart switch such as the TP-LInk SG108E and see if its QOS options improves gaming without burdening the router's processor. As you said you can always return it and try an un-managed switch.
 
I may just do that.

Just out of curiosity... Does all LAN data/transfers that goes through a switch on same network have to go to the router first, then go back to the switch to the other local device? Or are local transfers able to occur device-t0-device on the switch level?

If the first case is true, is there any other way to mitigate that other than to throw a 2.5+ gig uplink from switch to router?

I just realized, I do a lot of big file transfers on my network from device to device via wire. If those transfers are going at Gig speeds between devices on my network, wouldn't that potentially slow down a device streaming movies? I'm thinking the bottleneck her would be the 1 gig uplink from the switch to the router.

Or am I wrong?

Edit: If it makes a difference, everything is on the same vlan. 192.168.1.xxx
 
Last edited:
Does all LAN data/transfers that goes through a switch on same network have to go to the router first, then go back to the switch to the other local device? Or are local transfers able to occur device-t0-device on the switch level?
That depends on whether the transfer happens at Layer 2 (the MAC layer, typically used as long as devices are in the same broadcast domain, ala. Host A at 192.168.1.2/24 transfering a file to Host B at 192.168.1.3/24), or Layer 3 (the IP layer, where it would have to be routed from a Host A in Subnet 1 (example: 192.168.1.2) to Host B in Subnet 2 (192.168.10.2). The two subnets can exist as port-based, physically separate networks, or logically (VLANs). That being said, that's where Layer 3 switches can come into play; which are layer 2 switches than can also route, either statically and/or dynamically (via policy), but they are different from routers because they can't do NAT and stuff like NetFlow. If you had a Layer 3 switch on the LAN, it could handle more or less all the LAN-based data exchange, and in doing so save any wasted latency/bandwidth of transporting data to/from the router to handle that stuff, plus alleviate the processing overhead of handling it all at the same time. This leaves the router free to just do its core roles of NAT and any WAN-centric services (VPN, etc.). Hope that wasn't too much geek speak in the explanation.
If the first case is true, is there any other way to mitigate that other than to throw a 2.5+ gig uplink from switch to router?
The way you'd mitigate it is typically with a Layer 3 switch, although that would introduce a level of complexity into your local network that would have to be understood and managed in order to be effective. Not super difficult if you're willing to learn, but at the same time also not typically common in most SOHO networks, largely due to that barrier of entry.
I just realized, I do a lot of big file transfers on my network from device to device via wire. If those transfers are going at Gig speeds between devices on my network, wouldn't that potentially slow down a device streaming movies? I'm thinking the bottleneck her would be the 1 gig uplink from the switch to the router.
Most likely no, for the reasons I explained above, where you could utilize Layer 2 and Layer 3 managed switch to handle the transfer of all of that local traffic. Under such a setup, any network-based bottleneck remain somewhere in the LAN, either from endpoint to switch, or between switches, but not between the router and your LAN, as the data never had to traverse that link. Such is the advantage of running a discrete managed switch, even more so a Layer 3 switch if you plan on having separate subnets (VLANs) for segregating traffic (for example: private, guest, IoT, etc.).

Even further, you can activate QoS on your managed switches (802.1p and/or DSCP and/or custom queues/shapers/priorities) to help prioritize the local traffic flows ever further.

It wouldn't be until you were attempting to stream that file specifically to/from the WAN (internet), that the link to the router would then be utilized. That's presuming you had a managed switch of a high enough layer (Layer 2 or 3) to handle all your local traffic, per my description above.
Edit: If it makes a difference, everything is on the same vlan. 192.168.1.xxx
In that case, you'd be able to get away with a Layer 2 switch (sometimes referred to as Layer 2+ or 3 "Lite", if it comes with layer 3-like features, but not full routing) -- as you wouldn't need the full-blown routing capabilities of a L3 switch just to keep all that traffic contained within your LAN.

Phew. Hope that helped clarify, without bowling you over. :)
 
Last edited:
That depends on whether the transfer happens at Layer 2 (the MAC layer, typically used as long as devices are in the same broadcast domain, ala. Host A at 192.168.1.2/24 transfering a file to Host B at 192.168.1.3/24), or Layer 3 (the IP layer, where it would have to be routed from a Host A in Subnet 1 (example: 192.168.1.2) to Host B in Subnet 2 (192.168.10.2). The two subnets can exist as port-based, physically separate networks, or logically (VLANs). That being said, that's where Layer 3 switches can come into play; which are layer 2 switches than can also route, either statically and/or dynamically (via policy), but they are different from routers because they can't do NAT and stuff like NetFlow. If you had a Layer 3 switch on the LAN, it could handle more or less all the LAN-based data exchange, and in doing so save any wasted latency/bandwidth of transporting data to/from the router to handle that stuff, plus alleviate the processing overhead of handling it all at the same time. This leaves the router free to just do its core roles of NAT and any WAN-centric services (VPN, etc.). Hope that wasn't too much geek speak in the explanation.The way you'd mitigate it is typically with a Layer 3 switch, although that would introduce a level of complexity into your local network that would have to be understood and managed in order to be effective. Not super difficult if you're willing to learn, but at the same time also not typically common in most SOHO networks, largely due to that barrier of entry.Most likely no, for the reasons I explained above, where you could utilize Layer 2 and Layer 3 managed switch to handle the transfer of all of that local traffic. Under such a setup, any network-based bottleneck remain somewhere in the LAN, either from endpoint to switch, or between switches, but not between the router and your LAN, as the data never had to traverse that link. Such is the advantage of running a discrete managed switch, even more so a Layer 3 switch if you plan on having separate subnets (VLANs) for segregating traffic (for example: private, guest, IoT, etc.).

Even further, you can activate QoS on your managed switches (802.1p and/or DSCP and/or custom queues/shapers/priorities) to help prioritize the local traffic flows ever further.

It wouldn't be until you were attempting to stream that file specifically to/from the WAN (internet), that the link to the router would then be utilized. That's presuming you had a managed switch of a high enough layer (Layer 2 or 3) to handle all your local traffic, per my description above.In that case, you'd be able to get away with a Layer 2 switch (sometimes referred to as Layer 2+ or 3 "Lite", if it comes with layer 3-like features, but not full routing) -- as you wouldn't need the full-blown routing capabilities of a L3 switch just to keep all that traffic contained within your LAN.

Phew. Hope that helped clarify, without bowling you over. :)

Haha that was a perfect explanation! Thank you!
 
Since you are going to experiment anyway why don't you spend $10 -$15 more for a smart switch such as the TP-LInk SG108E and see if its QOS options improves gaming without burdening the router's processor. As you said you can always return it and try an un-managed switch.

I did a couple hours comparing switches last night. For me, It seems like all paths lead to the SG108E regardless. The price is a no brainer, I can use it as an unmanaged switch, while having the ability of the extra managed features. Plus, the 8 port is only $5 more than the 5 Port. I placed an order for pickup at Microcenter today.

I don't think I'll have to ever worry about my Routers performance. It has a 256GB SSD, 16GB RAM, and a 3770k QuadCore processor.

Either way I needed a switch!
 
I use a pair of SG108Es to run my 802.1Q VLANs and they have been rock solid. I also have another pair of SG108s in use on my network. They all have been in service for five years never a glitch or need to reboot. I haven't even bothered to update the firmware on the SG108E as they work fine as is so no need to fix something that isn't broken.

I think you will be satisfied.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top