The CRS and RB5009 will have a 10Gbps sfp+ link, dmz will be on the 2.5Gbps ether1 of the RB and the rest will have 1Gbps.
I plan to make around 10 VLANs to separate all the crap from the shop and home networks.
I’m thinking that I’ll use the CRS to perform inter vlan routing (hw offloaded) and the RB5009 for routing to the internet.
Does this setup makes sense or is it better to just do a router on a stick setup?
This is exactly what I’m aming for.
Within a VLAN traffic will be covered by L2 hardware offload, intra-vlan routing will be done by L3 hw offload and internet would be routed to the RB (also should be L3 offload) via 10G link.
The RB will run firewall/NAT.
DHCP, etc. will run on the CRS as the CPU will have very little to do.
Yes, and if you find yourself needing to do any serious firewalling, you can bounce the packets up from the CRS328 to the RB5009 for a decision. This duplicates the I/O, but that shouldn’t be a significant concern since it’s a full-duplex connection. The RB5009 is capable of making these decisions at a rate of gigabits per second, whereas the CRS328 is not once you exceed the limitations of its L3HW functionality.