Messages

Thanks for the suggestions. I like your idea of having a MGT port there for "emergency". I probably should have given more context to my scenario but those posts tend to turn into long stories. Anyway, this is a home setup, and my Qotom mini pc has 5 ethernet nic's. Been running OpnSense on it for 7-8 years now and it's still going strong. I'm in the process of migrating from a Dell PowerConnect 2816 and non-managed netgear prosafe switches to a HPE OfficeConnect 1820 switch. I also have a Unifi US-8-150W switch that I'll continue to use mainly for the POE. For wireless I have a Unifi UAP-AC-Lite which I'm not looking to replace at this time.

This is my thought of how to configure the interfaces in Opnsense as it's similar to how I've had it configured for some time now with the addition of the IOT and MGMT (per yourfriendarmando's suggestion) ports.

1 WAN
1 LAN
1 IP Cameras
1 IOT
1 MGMT

I guess I was just thinking of configuring a VLAN perhaps for the IP Camera and IOT networks or perhaps a LAGG and VLAN and wasn't sure if it's best practice to physically separate the networks like my example above or go the VLAN route?

I have a Qorum PC with 5 interfaces and an HPE managed switch. Currently I have igb0 configured for WAN and igb1 configured for LAN. I would like to configure VLAN's and looking for best practice recommendations. Should I configure each interface in Opnsense for the specific VLAN and connect it to untagged port on the switch? Or should I configure one interface in Opnsense to support multiple VLAN's and I'm assuming this would need to be a trunk port on the switch?

I've been testing out the API, specifically Firewall Module, alias_util controller, and add command. All seems to work when trying to add to a host type with an ip address but I have a specific application where I would like to add using a hostname or FQDN.

Looking at the AliasUtilController.php source, I see the addAction function first checks if the request contains "address" and then checks if it contains valid IP Addressing notation.

My request is to add the option of adding "hostname" or "fqdn" instead of just "address". I don't know if this was added in later releases of Opnsense as I'm running 19.7.5 but if it was, could you please let me know? I didn't see anything specific to this in the release notes for newer releases.

Thank you and appreciate all the hard work going into making Opnsense.

I too am curious about IPoE support. I recently moved to Japan and have a fiber connection to my home. Due to my limited Japanese speaking and reading, the fact that my internet was arranged by our relocation company, and a call to my ISP (with translation service), I'm just now starting to figure out what type of service I have.

The service is v6 plus which is more or less IPv6 IPoE + IPv4 over IPv6. I've just recently been reading up on the technology and am just starting to understand it. The following website explains it further but it's a Japanese website so you'll need to run it through Google Translate if you can't read it.

https://www.jpne.co.jp/service/v6plus/

The service itself is good and currently is working. But the problem I have is I have the ISP Modem/Router in front of my opnsense server. I unfortunately can't bridge the modem and don't really want to bridge opnsense. The ability to change the configuration in the NTT Modem (Model: RS-500mi) is limited as they've locked down certain options.

My ideal configuration would be to remove the SPF module from the NTT Modem, put it in my Ubiquiti switch that has SFP slots, VLAN the SFP port along with an open port on the switch that I'll plug my opnsense server into becoming my WAN interface.

I've already attempted this and through the many options that I've tried up to this point, I can get an IPv4 IP Address from my ISP but no IPv6 address. The IPv4 is not routable which I'm assuming it relies on the IPv6. I'm surprised I'm able to get the IPv4 IP Address without the IPv6. Other config attempts I was able to get a local IPv6 address and IPv4 address but non routable.

I'll admit that this is mostly new to me and I still have other things I need to check based upon reading through the google machine such as firewall rules and possibly other DHCP client settings. So far I've just been trying using DHCPv6.

But my question still remains on whether opnsense 19.1 currently supports IPoE? Also has anyone been successful in getting similar configurations like mine working? If so, would you mind sharing your knowledge and possibly hints to get this working?

Appreciate everyone's support.