Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Is bridge Mode LAN peer to peer traffic routing through pfsense?

    Scheduled Pinned Locked Moved General pfSense Questions
    2 Posts 2 Posters 836 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • 1 Offline
      1carlo
      last edited by

      I have a question regarding peer to peer traffic inside a bridged LAN.

      I have the following setup:

      • pfsense 2.3.1
        Bridge mode.
        1 WAN 1 LAN
        LAN hosts all have public IP addresses (/24)
        LAN side of pfSense has public IP
        pfSense LAN port goes to Dell PowerConnect switch
        All hosts with public IPs are connected to Dell switch
        rackspace at data center, they provide a circuit from their router
        I have no router in my setup (other than pfSense but it's in bridge mode)

      I have reviewed documentation, but can't find anything that tells me whether the peer to peer traffic is routing through the pfSense fw/bridge to the the ISP router then back to the f/w. Or, and this is what I thought, the local hosts are capable of seeing each other via ethernet and connect directly, via the ethernet switch, bypassing the fw/bridge.

      I do some significant host to host traffic, but have setup a separate network (via netGear f/w, router, switch, but I don't use the WAN port) using assigned private IP's for access (192.168.#.#).  I am more concerned with large email transmission.

      When an email is received it goes to the efs appliance, then from there transfers to the email host server.  Since they are all on public IP's, does the traffic go from appliance -> pfSense -> router -> pfSense -> email host ?  or appliance -> email host ?

      I have used some of the packet capturing and traffic tools, but think it's better to ask and see if someone can better enlighten me.  Also, my understanding is that when pfSense is in bridged mode it does not route.

      1 Reply Last reply Reply Quote 0
      • K Offline
        kpa
        last edited by

        Bridge is functionally equivalent to a switch but of course when you have a filtering bridge there's also the possibility to filter the traffic. The hosts that are on the same side of the bridge can talk to each other without going trough the bridge. However, all broadcast traffic still traverses the bridge regardless, for example ARP naturally must be able to do this to reach any host on the same "logical" network segment.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.