Ethernet port bridging
-
Hi,
I have pfsense running on a 6 2.5GBE port single board computer.
Current setup has one dedicated to WAN, and one to LAN. I run a dhcp server on the LAN port as well as pfsense's static IP, but I would like to have the same DHCP server on my LAN port + my 4 OPT ports.
I attempted to bridge OPT1-4 and assign the bridge to LAN, but when this happens I lose my pfsense's IP static IP address so I can no longer configure anything - the DHCP also doesn't appear to then start on any of the bridged OPT ports.I tried to find a good resource on how to set this up to no avail. Could someone please point me in the right direction?
Thanks!
-
https://docs.netgate.com/pfsense/en/latest/bridges/interfaces.html#bridging-and-interfaces
This goes over how to move your lan to a bridge..
But there are a few 100 range 2.5gig switches out there - this is would be a much better solution, since a bridge is not the same as a switch..
-
@johnpoz
Thanks for this. That is pretty much what I did, but there must be some subtleties that I missed. I will try this tonight after work.Around your comment about using a switch, I don't quite understand. If I have 5 LAN devices connected to a 2.5gbps switch, that is connected to a single 2.5gbps port on my pfsense box, if each device was running flat out isn't the throughput to my LAN limited by the single port on the pfsense box, i.e. each device would max out at 2.5gbps/5? As opposed to the 5 dedicated 2.5gbps ports on my pfsense box that allow 2.5gbps each?
If not a bridge, then what is the best recommendation for taking advantage of all 5 LAN ethernet ports on my box? I could run a DHCP server on each of the OTP ports but I was hoping for each port to be on the same subnet. I also didn't want to set the devices connected to those ports with statics.
Thanks for your help
-
@ajmorris1 said in Ethernet port bridging:
then what is the best recommendation for taking advantage of all 5 LAN ethernet ports on my box?
You would use them for other networks - if you have no other networks then just leave them idle - or connect them via lacp.
I have 8 ports on my 4860.. They are all used for networks that pfsense actually routes.. some native untagged physical interfaces that have their own connection to my switch or the wan (cable modem), others carry vlans, etc.
if each device was running flat out isn't the throughput to my LAN limited by the single port on the pfsense box
Not if they are talking to something on the switch, ie in that same network. Is your internet faster than 2.5 ge? And you have a 10ge connection for your wan or something on pfsense. If so connect these ports to your switch via lagg/lacp etc..
If you put these interfaces into a bridge - you can not connect more than 1 of them to your switch.. You would create a loop.
What is your goal - getting more 2.5ge ports to connect devices? Get another switch, or a bigger switch.. if your out of switch ports, and you want to add a couple more devices - ok you could create a bridge and sort of simulate a switch - but its a pita, and not actually switch, and all traffic is going to be sent across the bridge interfaces, etc.
-
Ah perfect, I didn't know about that link aggregation option.
Looks like thats what I'm after.Thanks for your help!
-
@ajmorris1 said in Ethernet port bridging:
I didn't know about that link aggregation option.
So your wan is faster than 2.5ge? If not there really isn't a reason to do this other than redundancy on cable or port failure. Its not going to get you any faster connectivity unless you need more paths to be able to fill up say a 5ge link or something..
-
@johnpoz
Yep, my WAN is 10gbps
