Routing traffic without involving the firewall and/or interfaces !! :)

louis2

Two problems here perhaps / probably related:

1. Traffic arriving from my provider, which have to pass without FW involvement

2. VLANS which are related to two physical interfaces (can be laggs)

Issue-1) Traffic which should pass pfSense without FW involvement

My provider offers two data streams Internet and TV via two VLAN's arriving via a trunk coming from the providers (in home) fiber switch.

At this moment I split those two streams in a switch in front of pfSense and only route the internet steam to pfSense.

I would like to split those streams inside the pfSense computer, creating a firewall interface for the internet stream and routing the TV-stream directly towards an interface (trunk, bridge, lagg)

I do not know how to accomplish this, without routing the TV-stream through the firewall what I do not like.

Issue-2) Firewall interfaces needed to create a bridge !!

I have some low trafic vlans needed in multiple interfaces leaving pfSense. And I do not want to solve that via inter switch connections. So I did create some vlan related bridges on pfSense.

That works not issue, but the way to define the bridges is ....... weird ...

Lets say I need vlan-x in interface-A and in interface-B. What I would expect is that I define a bridge by combining A.x and B.x ...... however not so .......

I first have to

• define a firewall interface for A.x and one for B.x
  which I can than combine to a bridge
• than I can create a bridge based on those two interfaces
• than I can use the created bridge as source of a third interface C
• and use that interface in favor of the firewall
  ( not using interfaces A and B)

That works but it is .... weird .... and I have now two completely nonsense interfaces in the interface list. To be short .... I do not like it