OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of bx2 »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - bx2

Pages: [1]
1
General Discussion / Re: Opnsense - Tagged-Trunk port only?
« on: November 05, 2024, 06:05:26 am »
Quote from: Monviech on November 04, 2024, 10:54:27 am
Here is also a new tutorial section that explains the best practice way to connect the OPNsense to a managed switch: https://docs.opnsense.org/manual/how-tos/vlan_and_lagg.html

If anybody finds issues with this guide, feedback and PRs are welcome as always.


Thank you very much.
As basic as this was, it didn't click despite me doing this before but I must have been trying too many things at once and confused myself.

I set igc3 to be my recovery port (VLAN102) and once I was in there, I deleted the default igc1 LAN assignment and created the VLANS and assigned them to igc1.  Enabled the interfaces, created some basic rules and setup DHCP and I'm good now.


Thank you everyone for the help. I'm sorta slow with new things.

2
General Discussion / Re: Opnsense - Tagged-Trunk port only?
« on: November 04, 2024, 04:10:25 am »
Quote from: Patrick M. Hausen on November 01, 2024, 11:46:43 pm
Easy: assign all your symbolic network names (LAN, OPT1, whatever you pick) to tagged VLAN interfaces only. This is in fact the recommended way. Don't use tagged and untagged frames on the same physical interface in FreeBSD/OPNsense.


Edit, I don't think you are speaking of QinQ. In my case, I don't want all clans to be trunked under a primary VLAN.
Thank you, I've been stuck on this for a bit.

What you are referring to, is that QinQ?

3
General Discussion / Opnsense - Tagged-Trunk port only?
« on: November 01, 2024, 11:43:17 pm »
Hello everyone,

My home network is planned to have the following VLANs:

VLAN 2 = Data
VLAN 3 = Wifi
VLAN 4 = Wifi-Guest
VLAN 101 = Management


Now, when I setup Opnsense on my CWWK N100 box, I set eth0 (igc0) to be my WAN and eth1 (igc1) to be my "lan" network. This network is assigned the 192.168.1.x/24 network.

The network switch I am using is a Ruckus-Brocade ICX7150 switch.

So, I know how to configure VLAN interfaces off of igc1 but what I am looking to do is only accept tagged traffic (aka Trunk)  between my Ruckus-Brocade switch and Opnsense.

Example, today I was trying to figure this out and I had had my brocade uplink port to Opnsense tagged in my vlans and untagged on the default vlan #1.

When I removed my switch port #1 (which goes to Opnsense igc1) from the default vlan, I lost connectivity.

In Opnsense, my VLANs are defined with VLAN tags, but what I think is that maybe the traffic is passed between Opnsense and my Brocade switch on default VLAN #1.

I am very familiar with L2 switching and the Brocade style configuration. I want all of my VLANs tagged on the uplink to Opnsense.

What I am not sure is how to only accept traffic on Opnsense, interface igc1 as only tagged traffic.

Thank you,

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2