Bridging two ports to work as a switch

Havor

@bingo600 said in Bridging two ports to work as a switch:

I would avoid bridging on the pfSense, if possible.
It just puts unnecessary load on the pfSense CPU, doing something that a switch does much better.

What I have seen from A Celeron J4125 test with literally a full all rules selected firewall WAN>LAN routing 2x 2.5Gbit WAN to 2x 2.5Gbit LAN, it loaded up the CPU100%, and still delivering 800Mbit.
And with no rules, it maxed out the 2x2.5Gbit = 5Gbit connection with around 75% CPU load

I am going to transfer max 100Mbit, but realistically 10 to 40Mbit true the two bridged ports, as all the data is just video data streaming to a shield, and for music it's 1~2Mbit.

With no rules, ETH2 >ETH3 LAN, from what I have been reading, there should be no real CPU limit, but then again, I am also a n00b when it comes to pfSense, coming from a Ubiquity EdgeRouter10X, that had a build in switch.

bingo600

@Havor
It's your box ... And it "costs nothing" to try the bridging.

I just wouldn't for "saving less than 50$" ... But that could be my "upbringing"

Havor

@bingo600 said in Bridging two ports to work as a switch:

@Havor
It's your box ... And it "costs nothing" to try the bridging.

I just wouldn't for "saving less than 50$" ... But that could be my "upbringing"

It's not the cost, tho, saving €70 for a 2.5Gbit switch (have just gotten 2Gbit fiber) would not be bad.

But running 2 cables would be a pain in the but, as I can pull only one new CAT6A cable through the wall next to the old thin CAT5E cable, 2x CAT6A won't fit, then for the return cable I would need to go into the crawlspace, not some ware you really go for fun.

JKnott

@Havor said in Bridging two ports to work as a switch:

I would like to bridge to ports for wire management purpose, and have two ports act as one.

You mean for something like running Wireshark? If so, I would recommend a managed switch on the LAN side, as I have here. You can even configure a cheap 5 port switch as a data tap for the WAN side.

bingo600

@Havor said in Bridging two ports to work as a switch:

@bingo600 said in Bridging two ports to work as a switch:

@Havor
It's your box ... And it "costs nothing" to try the bridging.

I just wouldn't for "saving less than 50$" ... But that could be my "upbringing"

It's not the cost, tho, saving €70 for a 2.5Gbit switch (have just gotten 2Gbit fiber) would not be bad.

But running 2 cables would be a pain in the but, as I can pull only one new CAT6A cable through the wall next to the old thin CAT5E cable, 2x CAT6A won't fit, then for the return cable I would need to go into the crawlspace, not some ware you really go for fun.

I'm not sure i understand the cable pull part. what your target is anymore.
If you want to bridge two ports on the pfSense, i'd suppose the cables have to terminate at the pfSense or ??
What would be the difference in putting the cables in the pfSense or in a switch right below the pfSense ??

Havor

@JKnott said in Bridging two ports to work as a switch:

@Havor said in Bridging two ports to work as a switch:

I would like to bridge to ports for wire management purpose, and have two ports act as one.

You mean for something like running Wireshark? If so, I would recommend a managed switch on the LAN side, as I have here. You can even configure a cheap 5 port switch as a data tap for the WAN side.

No, I am talking about the physical wire runs, two CAT6A cables do not fit in the pipe ware the Ethernet cable goes through now.

bingo600

@Havor said in Bridging two ports to work as a switch:

No, I am talking about the physical wire runs, two CAT6A cables do not fit in the pipe ware the Ethernet cable goes through now.

How does that relate to bridging some interfaces on the pfSense ?

Havor

@bingo600 said in Bridging two ports to work as a switch:

@Havor said in Bridging two ports to work as a switch:

No, I am talking about the physical wire runs, two CAT6A cables do not fit in the pipe ware the Ethernet cable goes through now.

How does that relate to bridging some interfaces on the pfSense ?

Saves me a troublesome cable run, under the floor, or a $/€70 switch, that also uses exra power in the long run.

johnpoz

@Havor where is this Mikrotik switch compared to your pfsense? Why would you not just connect the AC86u in the living room to this switch vs the pfsense. Does the mikrotik not have an open port?

Havor

@johnpoz said in Bridging two ports to work as a switch:

@Havor where is this compared to your pfsense? Why would you not just connect the AC86u in the living room to this switch vs the pfsense. Does the mikrotik not have an open port?

• The AC86U is in the living room, connected to TV, Receiver, and Nvidia Shield media box, and does some Wi-Fi for tablets.
• The MikroTik switch is in work/PC room, in a rack with 2 servers, connecting one of the servers and the PC with an 40Gbit connection, so I have a max direct attached QSFP+ cable length.
• And the pfSense box is in the utility room on the side of the house ware the fiber comes in.

Both have cables that run through the wall's in pipes to the utility room, and the CAT6A s/ftp is pretty sturdy and can't pull two of them through the piping.

But is it's really not advised to bridge the ports, I could buy a managed 2.5Gbit switch.

stephenw10

You can bridge the ports, it will work. And, as stated, it costs nothing to try it so why not.

Generally in pfSense you would not do that because adding router interfaces is a lot more expensive than switch. And because if you don't need to filter between those interfaces a switch works better and doesn't load the firewall. But it will work.

Steve