As Slarty says no protocols bound to the interface = no packets transmittable. Libpcap will open the interface in promiscuous mode and listen away quite happily. Look at the interface stats after an hour and the worst you will see is 1 packet transmitted and that usually seems to get transmitted at startup on Win32.

I'm not sure how you get a bottleneck with Snort other than the theoretical one because the app _has_ to do something therefore it is a bottleneck. On a 1Ghz Pentium with 256Mb of ram and Windows 2K as the OS on the internal interface of my primary snort box Snort processes some 1500 packets per second at a maximum CPU usage of 8% with an extensive rule set. With the OS, two snort engines, syslog logging from some 20 remote locations, and a couple of other packet capture/analysis apps running too the box itself, (at rest - ie: I'm not doing anything myself too), rarely exceeds 20% total CPU. If I run an ad hoc log analysis Snort does not drop any packets even though the CPU usage of the analysis engine exceeds 95%. Snort is beautifully written to buffer the incoming packets rather efficiently in memory if it can or drop it to disk if absolutely necessary.

Unless you are using hardware that is inadequate for the network traffic you are trying to monitor I really don't see how you are experiencing a bottleneck.