Messages

Thinking out loud....

Did you adjust your firewall rules accordingly?
By default VLAN1 won't be able to see VLAN10 (is that what you want)?
Add rules to allow VLAN10 to access the internet?

How does one go about putting the same VLAN in place across multiple LAN interfaces in OPNsense? Does the VLAN need to be on a bridge or..?

I'm so confused by how the VLAN interface assignments work in opnsense - it just doesn't seem very intuitive to me from anything else I've ever worked with. :o

I'm new to this as well, but this is what I would do....
- remove the DHCP servers from your current VLAN1 and VLAN10 interfaces
- define two new interfaces for VLAN1 and VLAN10 with parent bxe1
- bridge the two VLAN1 interfaces and assign its DHCP server addresses
- bridge the two VLAN10 interfaces and assign its DHCP server addresses

My reading of that doc does not indicate that the addresses will be based upon the mac address of the client, just  an internally generated hash table of addresses, that may or may not get given out in sequence.

Agreed it doesn't say mac hashing, I just used the design of dnsmasq as an example.   But I would have expected some randomness...it does appear to still be sequential.

If the client sends a release when it goes offline, then that address will be returned to the pool for re-use. If I want something to always get the same address I create a static entry for it, otherwise there would be little point in having that option.

Actually, in re-reading the FreeBSD man page, it would seem there is a 'sticky' nature to the assigned IPs, even if the lease expires and the client is disconnected (most clients don't actually send a release, I'm only aware of an option for windows not set by default).   I'll have to test this out a bit more.

The same paragraph is in the FreeeBSD man page
https://www.freebsd.org/cgi/man.cgi?query=dhcpd.conf&sektion=5&apropos=0&manpath=FreeBSD+11.1-RELEASE+and+Ports

I have a need to make some rules based on the IPv6 addresses of local clients.   Made the alias with the local hostnames which gets filled with the IPv4 addresses, but not the corresponding IPv6 addresses.   Is this a limitation or a bug?  Seems the alias should get both.

dhcpd(8) - Linux man page
https://linux.die.net/man/8/dhcpd

The DHCP server generates the list of available IP addresses from a hash table. This means that the addresses are not sorted in any particular order, and so it is not possible to predict the order in which the DHCP server will allocate IP addresses. Users of previous versions of the ISC DHCP server may have become accustomed to the DHCP server allocating IP addresses in ascending order, but this is no longer possible, and there is no way to configure this behavior with version 3 of the ISC DHCP server.

I've become accustomed to this behavior since this is the way most consumer routers work using dnsmasq as the dhcp server.  With dnsmasq the hash is based on the mac, so you end up with a virtually-static ip.

Maybe I'm mistaken as to the server used in opnsense.

All the current documentation says that the DHCP server assigns addresses based on a hash of the MAC address, yet OPNsense assigns them sequentially.   Is there a setting to force the hashed address assignments?