OPNsense Forum
English Forums => General Discussion => Topic started by: firewalled101 on August 29, 2022, 01:44:04 am
-
I am setting up a Topton 4-NIC box. I assigned defaults of one NIC for WAN and another for LAN. I have 2 unassigned ports (OPT2,OPT3). My LAN is a trunk port and has multiple VLANs. How can assign one of those VLANs to unused OPT interfaces? The reason I want this because my desktop has 2.5gb NIC to utilize the speed on my network. I have TL-SG3428X gigabit switch. My NAS is connected to SFP+ port. I plan to connect my LAN trunk to another SFP+ port on the switch, and utilize one of the OPT ports on OPNsense box for my desktop.
I recognize that I cannot create VLANs on bridged interfaces. Can create a bridge assigned to VLAN? (thinking loud here).
Thank you so much.
-
Do you want these ports to be port based VLAN members, i.e. carrying untagged frames?
What you need to do in this case is create your VLAN on the trunk port (you already did that), then create a bridge interface with that VLAN and the untagged additional port as members. Then, and this is important, assign the logical interface (Interfaces > Assignments) including IP address configuration etc. to the bridge interface, not the VLAN interface. Don't assign anything to the VLAN interface at all.
Additionally you might want to change two kernel tunables as documented in the "LAN bridge" chapter of the wiki.
HTH,
Patrick
-
Maybe I'm missing something but from what I read, just go to Interfaces/assignments and change the vlan you want to move to opt2.
-
Do you want these ports to be port based VLAN members, i.e. carrying untagged frames?
What you need to do in this case is create your VLAN on the trunk port (you already did that), then create a bridge interface with that VLAN and the untagged additional port as members. Then, and this is important, assign the logical interface (Interfaces > Assignments) including IP address configuration etc. to the bridge interface, not the VLAN interface. Don't assign anything to the VLAN interface at all.
Additionally you might want to change two kernel tunables as documented in the "LAN bridge" chapter of the wiki.
HTH,
Patrick
This is exactly what I intended to do; that is to bridge logical to physical interfaces. The question is now the trunk port does not have that VLAN anymore, right?
-
But of course it does.
┌────────┐
│ │
Device in │ ┌────┴──────────────┬─┐
VLAN 2 ◀───────────────│ └────┬──────────────┤ │
│ │ │ │
└────────┘ │ │
Phys. Interface │ │
│ │
│ │
│ │ Bridge
┌────────┐ │ │ Interface
│ ┌─────┴────────┐ │ │
│ │ VLAN 1 │ │ │
│ │ │ │ │
│ └─────┬────────┘ │ │
│ ┌─────┴────────┐ │ │
│ │ VLAN 2 ┌──┴─────┤ │
│ │ └──┬─────┴─┘
Trunk │ └─────┬────────┘
Switchport ◀───────────────│ ┌─────┴────────┐
│ │ VLAN 3 │
│ │ │
│ └─────┬────────┘
│ ┌─────┴────────┐
│ │ VLAN ... │
│ │ │
│ └─────┬────────┘
└────────┘
Phys. Interface
-
Thank you so much. Very nice drawing ;D
-
https://monodraw.helftone.com