Hi!
I thought about to reduce the number of networking components somewhat in my home setup.
Today I have 1x RB5009 as FW/Router and also running CAPsman, it’s is connected to my WAN on eth1, 2x CAP ax and a CRS305 via 10G DAC.
The 305 has 10G DAC connections to my server and then 2 other switches(CRS326 and a CSS610).
I have 6 VLANs including MGMT and it’s working good with firewall rules between most of the VLANs but not all.
Can’t really remember how I got it to work in the end when I set it up about 1,5 year ago or so 
I just got a a hold of an almost new CCR2116-12G-4S+ and a crs354-48p-4s+2q+rm.
Thinking that these two will replace the RB5009, CRS326 and the CRS305, the CSS610 needs to stay.
Both of these(CCR and the CRS354) are vastly overkill for what I push through my network, but got them for a good price.
I was thinking about connecting the CCR to the CRS354 via 1x QSFP+ breakout cable to the 4x SFP+ ports on the CCR.
The CCR will serve as firewall,router & CAPSman, the CRS354 will serve all other clients and APs.
Now to my question:
Even though I probably won’t notice the difference of a optimised setup or not, I’d like to do it as good as possible.
It seems there are a lot of conditions to how to get HW offload working and so on.
I need to study up more on how to bond the 4x SFP+ ports on the CCR, but if I understand it correctly I need to create a bridge on the CCR to get HW offload support for bonding. Perhaps a bridge is needed for bonding with/without offload support?
If for some reason doing a bond of the 4x SFP+ ports on the CCR is not recommended or doable, and I should rather use 1x SFP+ port. Could I in that case skip creating a bridge all together on the CCR, since it will only have one connection. Or is a bridge needed/beneficial for other features like Fasttrack, defining VLAN list on the bridge for offload(or is that really only handled by the CRS354?) or what not?
And last but not least, does this make sense at all?