OPNsense Forum

Archive => 20.1 Legacy Series => Topic started by: 5SpeedFun on June 16, 2020, 03:13:37 pm

Title: Setfib/vrf
Post by: 5SpeedFun on June 16, 2020, 03:13:37 pm

Hey all,

I've got OPNSense working as my internet firewall for ipv4 & ipv6 and it's working fairly well.  However I am going to be setting up some multicast applications across multiple vlans but OPNSense doesn't seem to support a full PIM implementation.  So rather than have this:


VLAN1 (LAN) -> OPNSENSE -> INTERNET
                               |(miniupnpd)
                               |
                              VLAN2 (XBOX)                     

I want something like:

                                VLAN3 (MCast RP - Linux / w PIMD)
                                |
                                |
VLAN1 (LAN) -> FRR -> OPNSENSE -> INTERNET
                                |        /             |(miniupnpd)
                            VLAN100           |
                            (LAN)              VLAN99 (VIDEOGAMES)                     


However OPNSense still has services that run on LAN such as:
Unbound, dhcpv4, and dhcpv6/pd tracking.

What I'd like to do, is have VRFs for OPNSENSE:

VRF1) OPNSENSE(Vlan100 IF),(Vlan99 IF) & default gateway FRR
VRF2) OPNSENSE(FRR,Inet) with OSPF betweeen FRR/OPNSENSE (currently working)  to exchange routes.

Ideally, I'd like not to have the FRR box at all but I need a full PIMD impelmentation with RP support.  In the future I am going to separate out stuff like chromecasts, printers, and other IOT devices into other vlans as well.

After some googling I've set net.fibs=3 in /boot/loader.conf.local.  I guess now I need to assign interfaces/applications to these fibs...?  Any idea if FIB support is going to be in the GUI as an advanced option?

Thoughts on how to accomplish this are appreciated.