Messages

Thank you Patrick

I take it the "enterprise" way would be to daisy chain switches instead? The documentation suggests using a bridge is not preferable.

If I wanted to avoid bridges and decided to send different VLANs to different switches, I can just copy the firewall rules for LAN to OPT1 presumably and then they both act essenntially the same?

[ix0]

Hi all,

I am just beginning my adventure with OPNsense, having used OpenWrt for sometime and wanting to familiarise with something else.
In my OpenWrt setup, I have a router with 1 WAN port and 2 LAN ports. The 2 LAN ports have multiple tagged VLANs and are bridged. These 2 ports connect to 2 different Layer 2 switches and communicate with all the VLANs to both.

The hardware I have chosen for learning OPNsense is a Lenovo M720Q with an Intel X520-DA2 card, so I could try and build a very similar configuration. During setup, I chose the onboard NIC as the WAN interface and the 2 SFP+ ports on the Intel card as LAN and OPT1 (I didn't see a way to add both to LAN). From what I have read so far, it doesn't appear to be recommended to use a bridge in OPNsense and that a bridge most certainly cannot have a VLAN or IP address.

So my question is, if I wanted to provide all of multiple VLANs to both of 2 Layer 2 switches, using one SFP+ port for each switch, what is the recommended way to do this and have the firewall etc. treat both ports as the same?
The SFP+ ports are called ix0 and ix1 in OPNsense (I created ix0_vlan26 during setup as it's my 'Infra' VLAN).

Many thanks for any pointers in the right direction
Hedz