Hi,
After several years of not using my hEX, I took it out of the drawer and decided to use it as the main router in my network again.
I remember an old discussion about whether it was better to use bridged ports or simply map one LAN port and distribute the network through a switch (managed or not).
In a setup with failover, dual WAN, and fast-track enabled, is there any performance difference between putting the LAN ports into a bridge versus selecting a single Ethernet port for the LAN?
Example:
-
ether1 = WAN1 (static IP)
-
ether2 = WAN2 (static IP)
-
ether3 = unused
-
ether4 = LAN (DHCP server, simple setup)
-
ether5 = unused
WAN2 will only be used if WAN1 fails.
After reading a bit here on the forum, I still couldn’t find a clear answer. I also ran some tests but didn’t reach any solid conclusions.
Here you have the diagram when no bridge is used, all ports are standalone:
If you use no bridge, and WAN2 is only used as failover if WAN1 fails, then:
- Put WAN1 on
ether1
- Put WAN2 on
ether3
- Put LAN on
ether2 or ether4
You will then have 1 full-duplex 1Gbps link to LAN, and 1 full-duplex 1Gbps link shared by the two WANs.
Here is the block-diagram when 1 bridge is used (which uses the switch chip):
If you want to use a bridge for your LAN then:
- Put WAN1 on
ether1
- Put WAN2 on
ether2
- Put
ether3, ether4, ether5 in a bridge, use it as your LAN bridge, With RouterOS 7, you can also configure bridge VLAN filtering on it and VLAN filtering will be hardware offloaded by the switch chip.
In this configuration, the two WANs will share a 1 Gbps full-duplex link to the CPU, and the switch chip (with its 3 ports) has the other link.
1 Like
I imagined something similar to what you posted…
To keep things simple, I’ll follow the logic of keeping WAN1 and WAN2 on ether1 and ether3, with just one LAN port going out (either ether2 or ether4).
Thanks for the clarification — marked as the solution.
