This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Using multiple LAN NICS as a basic un-managed switch ?

I'm configuring a fanless NUC that has 4 ethernet ports for basic home use (1 Subnet) and want to avoid adding any extra hardware (noise, power consumption, space, wires et..). I only need 3 wired ports ...1 will be used to connect to WAP and the other 2 I want to connect to a desktop PC and kodi Media Player via CAT6 cables to get stable 1000Mbps between the 2 devices and router.
If I bridge the 3 LAN nics will it work just like an unmanaged switch and simply pass all traffic at full speed ? Would the performance be equivalent or better than a cheap switch ?  

Basically just trying to reproduce what you get with a consumer grade router with 4 built in LAN ports using Sophos UTM on a fanless NUC (i3, 4GB RAM, 256GB mSATA, 4 x Realtek NICs)



This thread was automatically locked due to age.
  • Yes, you can create a bridge between the 3 NIC's. Make sure to also create a firewall rule to allow traffic from the subnet to the same subnet, since any traffic going through the UTM must be allowed (even on a bridge) otherwise it will be blocked.

    I think a cheap switch might be faster since it will only operate on layer 2 while UTM kan go up all the way to the application layer (layer 7). However I think you'll not really notice the difference unless you frequently transfer large files between connected hosts.


    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • Thank you for the informative answer...  can I ask for clarification on a few things

    1. Given that the bridging is still operating upto layer 7 and requires a firewall rule does this mean the result would be identical to using a different subnet for each LAN nic ?

    2. Does a bridge pass broadcasts ?

    3. This means that home routers with multiple nics must have a vSwitch incorporated in their firmware ... as far as I know they don't have a separate ROM it ?  Would it be fair to say that technically the unmanaged switch functionality could be incorporated via a feature request into UTM ?  The Dell server I experiment on has 8 quality Intel NICs and it seems intuitive that a vSwitch operating on  high end server with internal connections would be much faster than an external dedicated unit with much lower hardware specs ?  Also more efficient with less connections, wires etc ?n

    4.  Is anybody aware of a virtual appliance that can aggregate all the unused nics on an Esxi host into a fast 'software' switch ?

  • 1. Yes (firewall and rules wise), no different subnets do not route broadcasts

    2. Yes

    3. No, in fact most home routers only have 2 wired interfaces, 1 for WAN and 1 for LAN that is usually a little switch. I believe the (usually 5) NICS on a home router aren't manageable individually.

    4. ??


    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.