So my opnsense box (vm with PCI passthrough of nic, with vlan tags) mostly works. However a few times a day NAT seems to die.
At that point, telnetting from my desktop (behind nat) to <site> 80 or <site> 443, fails.
Telnetting to "ipv6.google.com 80" works fine.
On top of that if I go into firewall -> diagnostics -> state dump, I see my desktop connecting to the remote site with no nat translation.
Going into Firewall->Nat->Outbound & disabling the rule -> save -> Apply and then reversing that and re-enabling it fixes the issue and things are back to normal.
Any clues where I should be looking for a resolution to this issue?
This may be related to a spanning tree problem...will know in a day or so :)