OPNsense as a VMware VM

[bartjsmit]

What is the make and model of your physical switch?

[spetrillo]

I have a Netgear 48 port GS728TS switch. I can configure it for vlans on the ports needed, whether tagged or untagged. What I have learned already is let the vlan on the virtual switch be 0 and do any vlan config on the physical switch.

[bartjsmit]

There is nothing to stop you using untagged VLAN ports on the Netgear and splitting your networks by port/NIC/vSwitch the way you started to configure your infrastructure.

However, it is not very flexible. Let's say you upgrade your WiFi to AP's that support different SSID's linked to different VLAN's (e.g. Ubiqiti or TP-Link gear) that let you create extra wireless networks, let's say IoT and guest SSID's. Without trunking, you need to add physical network interfaces to your ESXi host and cable them to additional switch ports to let OPNsense manage these traffic flows.

I use Unifi and Netgear switches with Unifi AP's. Happy to share my config details by PM  :)

[spetrillo]

Could I set the 4 ports on the physical switch as trunk ports, create one virtual switch that would include the 4 vnics/physical nics connected to the 4 switch ports, and then just create port groups for the needed vlans? If yes does ESXi support LACP or static LAGs?

[bartjsmit]

Could I set the 4 ports on the physical switch as trunk ports, create one virtual switch that would include the 4 vnics/physical nics connected to the 4 switch ports, and then just create port groups for the needed vlans? If yes does ESXi support LACP or static LAGs?

Yes, yes, yes, yes and yes  :)

The LACP option requires a Distributed vSwitch which needs vSphere Enterprise+ licensing.

Bart...

[spetrillo]

Yes I saw the LACP option is only with vDS...so no worries there for now.