I know :(, sorry that I did not try OPNsense first

[opn_checker]

In my goal to have IoT devices contained, and gotten a few hickups with OpenWRT, I looked around.

OPNsense and pfSense were the only contenders left after having weeded out the rest/

I tried installing both in my hypervisor beginning, for no particular reason, with pfsense. My lack of knowledge of my hypervisor ended up being unable to also install OPNsense due to NIC passthrough issues.

Anyway back to the issue.

Can one please read up on this forum thread?

https://forum.netgate.com/topic/164816/multiple-non-tagged-subnets

It is about how to have multiple non tagged subnets on a single NIC. Something that comes out of the box with OpenWRT. The folks at Netgate seem to think my use case is uncommon.

Will switching over to OPNsense enable me to have N non tagged interfaces on a single NIC?

[Greelan]

To me it feels weird but it seems you got your answer about how to do it in the pfSense forum? The same would apply with OPNsense. Assign an interface to the NIC (presumably specifying none for the IPv4 and IPv6 configuration types), define Virtual IPs (Alias IPs) with /24 masks on the interface, and then create firewall rules accordingly?

[chemlud]

...but forget about this part or your question:

In my goal to have IoT devices contained...

It is not safe, can not be safe and will never be safe.

[opn_checker]

i am a small home user that just want a separate subnet for IOT and other stuff. I really am not thinking of real world enterprise network scenarios.

[Greelan]

Yeah, agree with chemlud, all your devices will be in the same broadcast domain, any IoT device can give itself an IP in any of the subnets, and even spoof MAC addresses/IPs of hosts in the other subnets. Not much containing going on there. The only thing it stops is direct communication between subnets except as allowed by the router firewall. DHCP will be a mess too

[lfirewall1243]

I don't really think theres a good reason for that.

If you want to increase your security in your Network thats not how it works.
If you want to increase it you'll have to seperate the Networks completly (with VLAN or a dedicated NIC)

As  @Greenlan said, your devices are still in the same and Layer 2 "Network"...
But that has nothing to do with OpenWRT, OPNsense or pfsense, the Problem is in your Network setup.

[gpb]

i am a small home user that just want a separate subnet for IOT and other stuff. I really am not thinking of real world enterprise network scenarios.

A lot of us are "small home users" and are doing what you want to do.  A VLAN aware switch can be as little as $25...I have several TP-Link TL-SG105E/TL-SG108E.  These work great, low cost, and easy to configure.  Cheers.

[chemlud]

If you want low-budget: If your device has no free RJ45 for an IOT interface, maybe there is a free USB-port and you can try a USB-RJ45 adapter. I use for some applications with good stability...