Messages

Thanks for the suggestion. I haven't switched it to the onboard NIC yet. But there are 3 USB ethernet adapters (RTL8153 x 2 + RTL8156 x 1) connected to the host.
Once I swapped the adapter (RTL8153) which used to handle VLAN traffic for the adapter (RTL8156) which used to handle WAN traffic, VLAN seems to be working.
Now neither RTL8153 is working. ::)
I'm suspect it's an ESXi USB driver issue.

Actually the issue seems to be opnsense on ESXi is unable to handle more than 3 virtual NIC? Let me explain:
(vSwitch x 3, each associated with only 1 USB ethernet adapter)

This setup works: 3 port groups  (2 without any VLAN tagging, 1 with VLAN ID 12)

Code Select Expand

portgroupWAN    <-> vSwitchWAN  <-> vusb0
portgroupLAN    <-> vSwitchLAN  <-> vusb1
portgroupVLAN12 <-> vSwitchVLAN <-> vusb2

This does NOT work: 4 port groups (2 without any VLAN tagging, 1 with VLAN ID 12, 1 with VLAN ID 21)

Code Select Expand

portgroupWAN    <-> vSwitchWAN  <-> vusb0
portgroupLAN    <-> vSwitchLAN  <-> vusb1
portgroupVLAN12 <-> vSwitchVLAN <-> vusb2
portgroupVLAN21 <-> vSwitchVLAN <-> vusb2

In my setup each adapter has their own vSwitch.

This is how the VLANs are configured on TP-Link router (running OpenWRT):

VLANID	CPU	LAN1	LAN2	LAN3	LAN4	WAN
status	✅	✅ vusb1	❌	❌	✅ vusb2	❌
1	tagged	off	off	off	off	off
2	tagged	off	off	off	off	untagged
11	tagged	untagged	untagged	untagged	off	off
12	tagged	off	off	off	tagged	off
21	tagged	off	off	off	tagged	off
22	tagged	off	off	off	tagged	off

(VLAN 1 & 2 are built-in. The only change I made was turn off all LAN ports for VLAN 1 since LAN ports 1-3 are assigned to VLAN 11 and LAN 4 is for VLAN 12, 21 & 22.)

• LAN2 & 3 and WAN are not plugged in. They should be irrelevant in this case.
• LAN1 connects to vusb1 on ESXi host. I can connect to the SSID associated with VLAN 11. Everything works.
• But once LAN4 connects to vusb2, and I connect to any SSID associated with VLAN 12, 21 or 22, everything including vusb0 vusb1 & vusb2 stops working.

Thanks for the information. It took me a while to resolve the performance issue and now I'm back with new issues.

My Opnsense VM is associated with 2 existing USB ethernet adapters (vusb0, vusb1) and they are both working as expected. The traffic on both adapters are completely untagged.
In ESXi I created a new virtual switch TestVLAN which connects to a third USB ethernet adapter vusb2 as uplink. The adapter links to a TP-Link router which tags the traffic with VLAN ID 12, 21 & 22.
Then I created 3 port groups (TestVLAN12, TestVLAN21, TestVLAN22), each of which is assigned a VLAN ID (12, 21, 22 respectively).
Opnsense is associated with the new port groups. DHCP service is running on each interface. Firewall configured to allow traffic.
But none of the devices connected to the new virtual switch is getting IP address from DHCP (sometimes an IP is assigned but from the wrong VLAN). Actually it breaks vusb0 & vusb1 too. No traffic gets through any of the adapters (old and new).

What am I doing wrong?

Thank you for the suggestion Bart.
If I understand correctly, even with the resource overhead, you are essentially recommending the virtualization of VLAN processing and USB driver in ESXi because they work better that way?

Noob here. So I have an old Intel NUC (nuc6i3syk) which comes with only one ethernet port. As far as I know, there is unfortunately no extra PCIe slot left on the motherboard.

I'm wondering if I can get away with using a USB ethernet adapter for WAN (1Gbps).

I know USB ethernet adapter (especially those with Realtek chipset) don't work really well with FreeBSD. But I would like to know if it's really that bad.
Meanwhile I do have a managed switch lying around. Is it better to just plug WAN into the switch, assign VLAN there and connect it to the NUC instead?

HI. I have a generic/no-brand USB WiFi adapter with the same chipset (RTL8812AU). And I'm getting abysmal transmission rate (lower than 3mbps). Other NICs are much faster. I was wondering if your experience would be different.