Extra ports as switch? (Pre-install Question)

  • Hi all,

    I have a box on the way, so I'm trying to think ahead to cabling and whatnot.

    It's got 6 ports, of which I only need three - Dual Wan and internal network. Could the remaining three ports (for a total of four) be tied to the internal network as a switch (virtual switch?) to hang a few things off of before I get to my gigabit switch (which is running out of ports). If I could plug in my gigabit switch, my printer, and my wireless into it, that would be a big help. Otherwise I need to dig a little 10/100 switch out of the junk drawer for intermediate duty.

    I have searched, and I've seen some references to "bridging" and that it's "a bad idea", but all the things I've turned up are pretty old, so I thought I'd refresh the question a bit in case things have changed - possibly in 2.0RC

    Thanks for reading.

  • Yes with 2.0 it is possible and it's still a bad idea.
    Mainly because if you're moving traffic through the pfSense everything has to be processed, which will use up a lot of your CPU.

    Just use a switch.
    –> A old 100mbit switch will probably still outperform bridging on 4 interfaces on the pfSense, unless you're willing to run some serious hardware.

  • Thank you for the reply.

    And what I wasn't considering was that I'll be moving my wireless router to AP duty, so I can just us the switch portion of that.

    Thanks again,

  • Well it's no longer a pre-install question. I've got pfsense 2.0 RC up and running with dual WAN.

    As to CPU, I think I'm REALLY underutilizing pfSense in general (having gotten it JUST for multi-WAN). It's just for one person, and a half dozen machines, only two of which ever put any real drain on the internet. I've never seen a number above 24% on CPU - and that's while watching streaming video on one machine, and another maxing out both of my dual WAN connections with sabNZBd.

    So I'd like to try it, at least to take a look. Actually I already did try it, and wound up bricking a build. (since I hosed LAN and can't get a menu on the console after boot).

    I got to Interfaces: Bridge, and said I wanted to make LAN and OPT2 members of a bridge, but I think my problem is in the interface setup - static/DHCP, etc. I'm not having luck searching, either. Or rather I keep getting snippets from what appear to be different versions and confuse myself. Whatever I did or didn't do, it was never enough to make a NIC light or make the printer aware it was plugged in to anything.

    Any pointers in how to bridge those (and ultimately OPT3 and OPT4)?. I'd certainly appreciate it.

  • Netgate Administrator

    Have you read this:

    Not much there though. You shouldn't need to select static/dhcp etc for bridged interfaces, they will all take their values from the interface you're bridging to.


    You could read through this thread as well.

    Edit: Hmm, I going to have to play around with this but from reading through this stuff it seems you have to:
    Create a bridge interface, br0. (you'll need to assign at least one interface to it)
    Assign br0 to be LAN.
    Add other interfaces to the bridge.

    This seems to be causing much confusion and I can why since it seems more logical to create a bridge and then add the lan interface to it. I'll be very interested to see how this works out for you.

Log in to reply