Hey all,
I've got OPNSense working as my internet firewall for ipv4 & ipv6 and it's working fairly well. However I am going to be setting up some multicast applications across multiple vlans but OPNSense doesn't seem to support a full PIM implementation. So rather than have this:
VLAN1 (LAN) -> OPNSENSE -> INTERNET
|(miniupnpd)
|
VLAN2 (XBOX)
I want something like:
VLAN3 (MCast RP - Linux / w PIMD)
|
|
VLAN1 (LAN) -> FRR -> OPNSENSE -> INTERNET
| / |(miniupnpd)
VLAN100 |
(LAN) VLAN99 (VIDEOGAMES)
However OPNSense still has services that run on LAN such as:
Unbound, dhcpv4, and dhcpv6/pd tracking.
What I'd like to do, is have VRFs for OPNSENSE:
VRF1) OPNSENSE(Vlan100 IF),(Vlan99 IF) & default gateway FRR
VRF2) OPNSENSE(FRR,Inet) with OSPF betweeen FRR/OPNSENSE (currently working) to exchange routes.
Ideally, I'd like not to have the FRR box at all but I need a full PIMD impelmentation with RP support. In the future I am going to separate out stuff like chromecasts, printers, and other IOT devices into other vlans as well.
After some googling I've set net.fibs=3 in /boot/loader.conf.local. I guess now I need to assign interfaces/applications to these fibs...? Any idea if FIB support is going to be in the GUI as an advanced option?
Thoughts on how to accomplish this are appreciated.