Four interfaces. Two wired rl0, rl1 and two wireless ath0, ath1

LAN is rl0
WAN is rl1
OPT1 is ath0
OPT2 is ath1
OPT3 is vlan_10 on rl1
OPT4 is vlan_11 on rl1

i.e rl1 serves three connections

ath0 is bridged to vlan_10
ath1 is bridged to vlan_11

rl1 is physicaly connected to a Cisco 1712 router that runs BGP.

BGP is the routing protocol of the wireless community I am part of.

Have not yet loaded with trafic the second ath interface, though.

Doing some testing I noticed that if there is a connection from wireless to LAN the data travel is :

ath0 -> vlan_10 -> WAN -> router if -> WAN -> (NAT) -> LAN

That is, the WAN interface's incoming and outgoing trafic are almost equal.

Packets enter the router to be dispatched from the same interface. This is normal and expected.

The interesting thing comes with a wireless to wireless connection.

Then you see WAN-router loading only approx 10-15% of the wireless throughput .

I persume that the rest of the data gets dispatched directly, ie. trafic stays internal to the pfSense box and does not need to go and return from the router.

If this setup proves stable, I will add a third wireless card at the expence of a rl card.

My motherboard has only 3 PCI slots.

For this, I will try another vlan on rl1 (rl0 will have to give it's PCI slot to ath2) to service the LAN port via the cisco router
and an additional ath2-vlan12 bridge.

Sounds somewhat weird setup but I believe it can be functional.

I will keep you informed