In this paper, we design, implement, and evaluate the real performance of running multiple Snort IDS (intrusion detection system) VNFs (virtual network function) inside a bare metal commodity switch. In the past, normally people ran Snort on a stand-alone server and configure switches to direct packets to it for inspection. However, more recently there is a trend to implement and run VNF directly inside a switch for immediate and intelligent processing of packets. Our work of running Snort directly inside a bare metal commodity switch as a VNF is the first work of its kind in the world. In this paper, we present real performance results and important findings from this innovative work.