Intra vlan is the traffic between the same vlan/subnet. This should be linerate speed because I have created switch/L2 ports and for this scenario the SRX acts as a regular switch (it doesn’t apply any security checks to this traffic as a regular switch will do).
Inter vlan traffic is the traffic from one vlan/subnet to another one. This traffic has to be routed by the SRX between its different L3 interfaces (ge-6/0/1, ge-6/0/0, vlan.10, vlan.20, vlan .30 and vlan.40) and security checks have to be performed for this traffic (security-zones/security-policies/NAT, etc) like a regular firewall will do.
I am running a regular online speed test with Verizon and it seems like Juniler 2-3 ms behind. I am also noticing slower browsing speed or it could just be me or unluck with the test.
Regarding some of the comments posted:
------------------------------------------------------------------------------------------------------------
“The difference will be with intra vlan traffic between hosts in the same subnet that is currently passing on your switch. Most switches these days are line rate or pretty close to it so lots of host to host traffic is no problem. But a firewall runs a packet inspect process on everthing so the capacity is a lot lower than line rate. You will need to see if the specs on the srx650 will work for your intra vlan traffic.”
The above statement is false, the SRX is acting as a regular switch for the intra-vlan traffic and is not performing any security checks on that traffic. Actually this other comment is more accurate:
As long as you keep all access ports in the SRX650 XPIM module, you should have linerate switching performance within the same vlan.
And can be complemented with tis other one:
without having exact performance data the switch-part in my experience is a normal ethernet switch, with adequate wirespeed throughput, and does not at all affect the L3-firewall performance
------------------------------------------------------------------------------------------------------------
I am not aware of the following limitation and it shouldn’t be a problem for our implementation because we have all L2 interfaces in the same module:
Switching from the XPIM module to another module or the onboard ports are not supported. These can only be routed.
Minus there will be lower switching capacity and less switching features as other have mentioned. If you don't need these then it is not an issue at all.
In my case, I am not using any special switching features.
Any further advice is greatly appreciated...