OPNsense Forum

Archive => 17.7 Legacy Series => Topic started by: guest16985 on December 19, 2017, 04:53:24 am

Title: Netflow with VLANs?
Post by: guest16985 on December 19, 2017, 04:53:24 am

Hello,

I've just started testing Opnsense 17.7.10 in my home network. I have several VLANs in use, all on em1:

em1 - vlan1 (mgmt) - mgmt vlan for all my network devices
em1.10 - vlan10 (lan) - lan vlan where all my user devices are
em1.20 - vlan20 (guest) - guest vlan where guest wifi users connect

I noticed that when I turned on netflow and checked Insights, the sources from vlans 10 and 20 are showing up when I look at the "mgmt" interface. I suppose this makes some sense, because em1 sees all the packets, those without an 802.1q header (vlan1) and those with (vlans 10 and 20). Unfortunately, it skews the charts and makes it look like I've got traffic sources from my tagged VLANs showing up on the untagged interface. I hope that makes sense. Any ideas on how to filter the vlan netflow stats from showing up on the base interface?

Thanks!

Title: Re: Netflow with VLANs?
Post by: franco on December 19, 2017, 07:55:17 am

Hi Adam,

The accounting is tricky in this case to unfold. It's probably not your favourite solution but moving the untagged VLAN away from em1 or bumping it to a terminated VLAN would be the pragmatic fix.


Cheers,
Franco

Title: Re: Netflow with VLANs?
Post by: guest16985 on December 19, 2017, 11:24:40 am

Thank Franco, I have spare interfaces on this device (it has four) so I moved the untagged traffic over to em2. That should clean things up a bit.