OPNsense Forum

Hi, I'm in the process of overhauling my OPNsense, so I'm rebuilding my config from scratch to clean out a lot of cruft in a new VM of 24.7.6. I'm trying to align my interfaces with the "prebuilt" setups as much as possible (lower friction, maybe?)

Something I've noticed - I have a fibre with PPPoE. It's working great, no problems, on the existing setup, but it's officially my "WAN" connection, not "opt2".

I'm trying to run the assignment "wizard" in the command line, but it refuses to let me select "pppoe0" as a WAN connection, even though it IS configured in the UI. I can assign it through the UI (but it gets an OPT name), but the command line seems to completely reject pppoe0 as a valid interface name.



MANAGEMENT (vtnet0_vlan1) -> v4: 10.10.0.250/24
                    v6: fdf5:7b89:4604::a0a:fa/128

HTTPS: sha256 CC 73 E3 5C AE B1 E3 48 66 C7 FE F5 C3 74 3A 46
               57 17 34 90 FB 9E D1 BB 36 E5 76 15 68 60 4E 41

  0) Logout                              7) Ping host
  1) Assign interfaces                   8) Shell
  2) Set interface IP address            9) pfTop
  3) Reset the root password            10) Firewall log
  4) Reset to factory defaults          11) Reload all services
  5) Power off system                   12) Update from console
  6) Reboot system                      13) Restore a backup

Enter an option: 1

Do you want to configure LAGGs now? [y/N]:
Do you want to configure VLANs now? [y/N]:

Valid interfaces are:

vtnet0           bc:24:11:96:b5:a0 VirtIO Networking Adapter
vtnet0_vlan1     00:00:00:00:00:00 VLAN tag 1, parent interface vtnet0
vtnet0_vlan20    00:00:00:00:00:00 VLAN tag 20, parent interface vtnet0
vtnet0_vlan40    00:00:00:00:00:00 VLAN tag 40, parent interface vtnet0
vtnet0_vlan39    00:00:00:00:00:00 VLAN tag 39, parent interface vtnet0
vtnet0_vlan10    00:00:00:00:00:00 VLAN tag 10, parent interface vtnet0
vtnet0_vlan30    00:00:00:00:00:00 VLAN tag 30, parent interface vtnet0
vtnet0_vlan50    00:00:00:00:00:00 VLAN tag 50, parent interface vtnet0
vtnet0_vlan60    00:00:00:00:00:00 VLAN tag 60, parent interface vtnet0
vtnet0_vlan100   00:00:00:00:00:00 VLAN tag 100, parent interface vtnet0

If you do not know the names of your interfaces, you may choose to use
auto-detection. In that case, disconnect all interfaces now before
hitting 'a' to initiate auto detection.

Enter the WAN interface name or 'a' for auto-detection: pppoe0

Invalid interface name 'pppoe0'

Enter the WAN interface name or 'a' for auto-detection:

Enter the LAN interface name or 'a' for auto-detection
NOTE: this enables full Firewalling/NAT mode.
(or nothing if finished): vtnet0_vlan1

Enter the Optional interface 1 name or 'a' for auto-detection
(or nothing if finished): pppoe0

Invalid interface name 'pppoe0'

Enter the Optional interface 1 name or 'a' for auto-detection
(or nothing if finished):


(https://i.imgur.com/Zkivplo.png)

Is this a bug or oversight in the CLI utility behind "Assign Interfaces"?

Hi :)

The CLI option 1 is for initial assignment out of the box. It only supports hardware and VLAN/LAGG. Historically, PPPoE was always a GUI process. I'm unsure if it's going to change because of the complexity involved. I'm cleaning up the GUI situation or 25.1 or at least that is my hope for the moment.


Cheers,
Franco

That's fair enough, if it doesn't understand pppoe, I totally get it. Perhaps a bigger meta-question: Why is there the special distinction for "WAN"/"LAN"/"OPTx"?

It seems I cannot assign anything as "WAN" outside of that tool, perhaps short of editing and re-importing the config xml file. Does this matter?

Importantly, I am looking to setup some CARP failover, which is why I'm trying to straighten out the "Identifier" stuff. Having "lan" and "wan" point at the real things that are "wan" and "lan" seemed like an important step. Perhaps not?

Quote from: cpw on October 17, 2024, 10:45:39 PM
That's fair enough, if it doesn't understand pppoe, I totally get it. Perhaps a bigger meta-question: Why is there the special distinction for "WAN"/"LAN"/"OPTx"?

These are just the default names. You can change them to anything you like or delete unnecessary ones. E.g. I run a firewall with just a LAN interface. Deleted WAN. Nothing special about "WAN". I could have renamed "LAN" into "FOO" if I so desired.

It's conventions not function.

The config definitely has special handling for the "internal identifiers" "lan" and "wan". It is unclear why. I agree, I could give them whatever names I want, but those are not the internal identifiers. I'm worried about the internal significance of those names, especially as I start trying to do the CARP stuff, where this seems more important.

> It seems I cannot assign anything as "WAN" outside of that tool, perhaps short of editing and re-importing the config xml file. Does this matter?

It does and it also doesn't. That's a historic oddity that is currently impossible to unwind due to very early design choices (2 decades old).

From the GUI we prevent reuse of "wan" and "lan" because they lose their special meaning. But you can also do fine without all the special meanings when everything is optX.


Cheers,
Franco

PS: I think someone mentioned that LAN is rather "MGMT" (management) and WAN should be OPTX and that would be a better approach all things considered. But as I said it's impossible to fix at the moment. The "WAN"  and "LAN" holds value for newcomers making their intention clear, too. It will remain complicated for a long time.

Quote from: franco on October 17, 2024, 10:59:09 PM
It will remain complicated for a long time.

Well, isn't that the bane of our profession?  :)

Fair enough. I'll just put everything except LAN as "optx". Sounds reasonable to me.