Confused about LAN 1+2\. Ok to bridge or not?



  • Hi, I'm very new to this and haven't even got my hands dirty yet so please bare with me.

    I'm planning on building a pfsense box next weekend, I'm simply waiting for my intel i350-t4 to arrive in the post.

    I've spend hours watching youtube videos and reading forums and thought I was all prepared until I read something on these forums earlier.

    I'm going to have a very simple setup…

    My plans was to use 1 port as the WAN, then from the youtube videos I've watched I was going to bridge the other 3 ports to act as LAN.

    So basically I would use port 1 as WAN, port 2 LAN connected to my switch, then use port 3 for my wireless AP but have ports 2-4 bridges so it's the same LAN?

    However when I was reading the forums here, someone said not to bridge the LAN ports as this could slow everything down??

    I'm not sure if that is the best way to configure it or is there a better way?

    Many thanks and sorry for my incompetence, I do want to learn!!


  • Galactic Empire

    Buy a switch and use the spare LAN ports for other things if needed.

    Are you wanting to place your WiFi users on a different subnet?



  • I wasn't planning on putting wifi on a different subnet.

    I just want a basic setup.

    So WAN on port 1.
    LAN on port 2 connecting to my 8 port switch.
    LAN on port 3 connecting to my wireless AP.

    I was going to bridge ports 2 and 3, but not sure if that's the best method?



  • Bridging is not a basic setup by any measure.


  • Galactic Empire

    @rivageeza:

    I wasn't planning on putting wifi on a different subnet.

    I just want a basic setup.

    So WAN on port 1.
    LAN on port 2 connecting to my 8 port switch.
    LAN on port 3 connecting to my wireless AP.

    I was going to bridge ports 2 and 3, but not sure if that's the best method?

    Just connect the AP to the switch and don't bother with the bridge.

    At a later stage you could replace the switch if its a dumb one with a managed switch that supports vlans and run multiple vlans with different SSIDs on.



  • @NogBadTheBad:

    @rivageeza:

    I wasn't planning on putting wifi on a different subnet.

    I just want a basic setup.

    So WAN on port 1.
    LAN on port 2 connecting to my 8 port switch.
    LAN on port 3 connecting to my wireless AP.

    I was going to bridge ports 2 and 3, but not sure if that's the best method?

    Just connect the AP to the switch and don't bother with the bridge.

    At a later stage you could replace the switch if its a dumb one with a managed switch that supports vlans and run multiple vlans with different SSIDs on.

    Ah OK, that will make the setup as simple as possible. Thanks for the tip.


  • Rebel Alliance Global Moderator

    Bridging interfaces while has use, is its not optimal for just adding a port in the same network.  It has its use in more advanced setups where you might want/need to filter devices from talking to other devices that are all on the same network.  Or if you need to do a media conversion into same L2 network, etc.

    It does have valid use cases, but if your just looking to plug in something and you want it on the lan network - then you would use a switch.. Plug your lan into switch, plug all your other devices you want on that same network into the switch.  Done - simple, efficient, impossible to dick up ;)



  • @johnpoz:

    Bridging interfaces while has use, is its not optimal for just adding a port in the same network.  It has its use in more advanced setups where you might want/need to filter devices from talking to other devices that are all on the same network.  Or if you need to do a media conversion into same L2 network, etc.

    It does have valid use cases, but if your just looking to plug in something and you want it on the lan network - then you would use a switch.. Plug your lan into switch, plug all your other devices you want on that same network into the switch.  Done - simple, efficient, impossible to dick up ;)

    Thanks for the reply, I will configure it this way. Looking forward to getting it all setup!


  • Rebel Alliance Global Moderator

    As you get a bit more advanced, your prob going to want to do vlans on your wireless networks and even wired networks, etc.  In that case get a vlan capable switch and your AP.. you would then be able to leverage any interfaces in pfsense as other networks either via physical or vlans, etc.

    Network interfaces make really poor switch ports..  If your at a point where your thinking - oh I can bridge one of my interfaces on my router to use as a switch port..  Your going at the problem the wrong way - clearly you need another switch or higher density switch at that point ;)

    Like saying hey I need to drive this nail in to that piece of wood..  Oh shit my hammer is on the other side of the room - let me just use this screwdriver I have to hammer it in.. Its got a big handle on it ;)  I will just hold it by the shaft and swing it like a hammer.  While it might get the job done - its not the proper tool for the job..  Its not really designed to do that..  Your prob going to miss the nail and slice up your hand, etc. etc..