UniFi Layer 2 vs. Layer 3 Switches

  • Post author:WunderTech
  • Post published:January 16, 2024
  • Post last modified:October 18, 2024
  • Post category:UniFi
  • Reading time:6 mins read

In this article, we’re going to look at the differences between UniFi Layer 2 vs. Layer 3 Switches. No matter what Switch you purchase, a layer 2 or layer 3 Switch will be drastically different. However, depending on what your goals are, you may or may not benefit from a Layer 3 Switch, so we’ll take a look at some of the key differences below for UniFi Layer 2 vs. Layer 3 Switches.

UniFi Layer 2 vs. Layer 3 Switches

Before we look at some examples in terms of UniFi Layer 2 vs. Layer 3 Switches, it’s important to understand some key differences between both. Layer 2 Switches operate at the data link layer, which simply means that they can’t do the advanced routing that Layer 3 Switches can do.

Layer 2 Switches can still use VLANs, but don’t allow you to manage traffic and IP routing that a dedicated Layer 3 Switch or Firewall can. Overall, advanced networks are created of both, Layer 2 and Layer 3 Switches, but Layer 2 Switches have limitations not found with Layer 3 Switches.

If you decide to use a Layer 3 Switch, you can create virtual networks (VLANs) or utilize static routes from the Switch itself. It’s important to remember that this does not have to be done by a Switch, and a firewall can complete this task.

For this reason, many people utilize Layer 3 Switches the same way that they do Layer 2 Switches, so one is not necessarily a benefit over the other depending on your requirements.

Layer 2 UniFi Switch Options

By default, layer 2 Switches can be configured to have their individual ports changed to specific networks. Keep in mind that these Switches cannot actually create new virtual networks (VLANs), but they can be modified to make specific port(s) function on specific networks. These features are all configured on the UniFi Controller.

port settings - unifi layer 2 vs. layer 3 switches.

By selecting a specific port, you can change the network of the individual port.

selecting a network for a port.

You can even modify the operation of the individual port as well or configure features like link aggregation.

individual port options.

The Switch has certain features that can be configured as well, though these are generally management features more than Layer 2 or 3 features.

Switch settings in the unifi controller.

Layer 3 UniFi Switch Options

With Layer 3 Switches, you have all of the same features as a Layer 2 Switch provides. In fact, many people utilize Layer 3 Switches the same way as a Layer 2 Switch as all of the advanced routing is configured on their firewall (this is how my network is configured).

However, Layer 3 Switches offer a lot of flexibility that Layer 2 Switches don’t offer. For example, a virtual network (VLAN) can be configured on the individual Switch itself as opposed to a firewall.

unifi layer 3 switch vlan creation.

When you attempt to create a VLAN, you’ll see that in the router section, only third-party gateway or Layer 3 Switches appear. This is a huge difference when compared to Layer 2 Switches which don’t have this type of functionality.

Another feature that Layer 2 Switches don’t support is static routes. Overall, Static Routes are configured to point specific traffic to a specific location.

unifi layer 3 switch static routes.

These become extremely important in certain scenarios, but without a Layer 3 Switch, you’ll have to rely on your router to configure this type of functionality. That means the traffic must be routed to the firewall as well as opposed to the Layer 3 Switch only.

One huge downside is if you’re looking to create access control lists for your VLANs, it’s not possible through the UniFi Controller and you must SSH into the Switch itself, which is a lot more cumbersome than most other managed Switch software available.

Conclusion & Final Thoughts on Layer 2 / Layer 3

The truth is that the functionality is somewhat minimal in when comparing UniFi Layer 2 vs. Layer 3 Switches. The majority of people, especially for residential use, will be fine with Layer 2 Switches, but the decision depends a lot on the overall requirements.

If you don’t have a firewall capable of creating and managing VLANs like pfSense, it might make sense to purchase a Layer 3 UniFi Switch. However, if you do, Layer 2 Switches might be perfect.

Thanks for checking out the article on UniFi Layer 2 vs. Layer 3 Switches. If you have any questions, please leave them in the comments!

WunderTech

WunderTech is a website that provides tutorials and guides on various NAS, server, networking, and infrastructure-related topics. WunderTech is maintained by Frank Joseph, an IT professional with 14+ years of experience in corporate IT and application management. He focuses on sharing his experience with others on his WunderTech website and YouTube page. Frank holds a Bachelor of Science in Computer Information Systems and a master of Business Administration (MBA).