OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of vldid »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - vldid

Pages: [1]
1
General Discussion / Re: VLANs spanning physical interfaces
« on: October 11, 2024, 06:36:44 am »
Quote from: Greg_E on October 10, 2024, 03:23:14 pm
Forget the bridge and connect the two WAPs to the switch, save the headache of setting up the bridge.

As mentioned in the original post, an additional switch is not an option. The shelf in that space won't fit even a small switch, and powering it up will require outlet shenanigans.

It is also not feasible if you mean to connect the WAPs to the existing switch. The switch and WAPs are in different areas of the space, so pulling the wires back and forth between them through or around concrete walls is a non-starter. That also would not address a potential expansion of VLAN 50, which will have similar limitations.

Even if I had space for a second switch close to the router, I would give it a second thought. Yes, ASICs in a switch would make it more efficient. But, really, would they do so significantly?

I already have this Protectly. It draws what it draws. I can't imagine low-load bridge processing would add as much power draw as a separate switch with its inefficient power supply. And I only deal with one configuration—it is much more of an appliance (which I value) than two complexly connected devices from different vendors with their configurations to track and backup. Yes, it may stutter or heat up under an occasional load. That is fine a couple of times a year. Yes, it is likely not to be that fast. It won't be noticed in this application.

Quote from: Patrick M. Hausen on October 10, 2024, 10:37:16 pm
.........

Patrick, thank you very much, all of the above is very helpful!

2
General Discussion / Re: VLANs spanning physical interfaces
« on: October 10, 2024, 05:43:04 am »
That is what I was looking for. Thank you very much!

3
General Discussion / VLANs spanning physical interfaces
« on: October 09, 2024, 10:31:10 pm »
 I need a few VLANs on multiple physical interfaces. There is nothing else to be on these interfaces.

What considerations should I put into arranging it?

Should I make one bridge across the interfaces and put VLANs on top of the bridge?

Or should I put VLANs on one interface and then make bridges between the VLANs and the rest of the physical interfaces?

I do not see a way to have VLANs on multiple interfaces in OPNsense docs.

Any other arrangement? Pros/cons?

Downstream will be WAPs and a managed L2 switch. Here is a rough diagram:



 I do not want to send VLAN 50 traffic to any port other than 1. Likewise, VLANs 10-40 traffic should not come to port 1. Port 0 is an uplink. Port 2 will either extend VLAN 50 access or have another dedicated VLAN in the future. All sorts of firewall configs should not be an issue and will be addressed later.

Adding another switch between OPNsense and WAPs is not a solution.

The project is a migration from Untangle - it works fine there, albeit convoluted. Repost from Reddit: https://www.reddit.com/r/opnsense/comments/1fz4tsx/vlans_spanning_physical_interfaces/.

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2