"
Hi Folks,
Coming from OpenWRT so bear with me...
I'm trying to replicate my setup on OpenWRT, some of the new concepts in OPNSense are confusing me. OPNSense is running on a proxmox host with 6 physical interfaces delegated to it (PCI devices) and one virtual interface. The 4 physical igb0-3 interfaces are for WAN, the two physical ixl0-1 interfaces for 10GbE VLAN trunks to my downstream network. The virtual interface vtnet0 is for a VLAN trunk to ProxMox so other guests can attach to any network they need.
I want to bridge the VLANs between the physical ixl0 device and the virtual vtnet0 device. In OpenWRT this would be equivalent to:
How do I set up the equivalent in OPNSense? In the GUI when I setup a bridge it only allows me to select existing networks (WAN, LAN etc) not interfaces.
Also - a point of confusion, during initial setup OPNSense names VLANs nicely like ixl0_vlan10, vtnet0_vlan10, but post-setup in the GUI it will only allow naming them vlan0 vlan1 etc. Why is this?
Thanks!
EDIT
So it seems you can achieve this by first assigning the VLAN interfaces to networks, but this seems to break OPNSense's own conceptual model. The bridge is supposed to be a Layer 2 concept, in the OPNSense documentation it describes the assigning of networks as the Layer 3 instantiation of that interface:
If bridging creates a Layer 2 bridge, why do you have to jump through the hoops of creating the 'Layer 3' concept on the underlying VLAN devices.
Coming from OpenWRT so bear with me...
I'm trying to replicate my setup on OpenWRT, some of the new concepts in OPNSense are confusing me. OPNSense is running on a proxmox host with 6 physical interfaces delegated to it (PCI devices) and one virtual interface. The 4 physical igb0-3 interfaces are for WAN, the two physical ixl0-1 interfaces for 10GbE VLAN trunks to my downstream network. The virtual interface vtnet0 is for a VLAN trunk to ProxMox so other guests can attach to any network they need.
I want to bridge the VLANs between the physical ixl0 device and the virtual vtnet0 device. In OpenWRT this would be equivalent to:
Code Select
config device
option name 'br-dmz'
option type 'bridge'
list ports 'ixl0.200'
list ports 'vtnet0.200'
option mtu '9000'
config interface 'dmz'
option proto 'static'
option ipaddr '10.0.0.1'
option netmask '255.255.255.0'
option device 'br-dmz'
How do I set up the equivalent in OPNSense? In the GUI when I setup a bridge it only allows me to select existing networks (WAN, LAN etc) not interfaces.
Also - a point of confusion, during initial setup OPNSense names VLANs nicely like ixl0_vlan10, vtnet0_vlan10, but post-setup in the GUI it will only allow naming them vlan0 vlan1 etc. Why is this?
Thanks!
EDIT
So it seems you can achieve this by first assigning the VLAN interfaces to networks, but this seems to break OPNSense's own conceptual model. The bridge is supposed to be a Layer 2 concept, in the OPNSense documentation it describes the assigning of networks as the Layer 3 instantiation of that interface:
Code Select
The steps so far followed the OSI Layer Model:
Connecting the Physical Layer (Layer 1) between OPNsense Appliance and Managed Switch
Creating the Data Link Layer (Layer 2) with LAGG (optional) and VLAN
Configuring the Network Layer (Layer 3) by setting IP addresses on the VLAN interfaces
If bridging creates a Layer 2 bridge, why do you have to jump through the hoops of creating the 'Layer 3' concept on the underlying VLAN devices.
