Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
virtualized opnsense in kvm - vlan + bridge?
« previous
next »
Print
Pages: [
1
]
Author
Topic: virtualized opnsense in kvm - vlan + bridge? (Read 1302 times)
wodec
Newbie
Posts: 9
Karma: 0
virtualized opnsense in kvm - vlan + bridge?
«
on:
November 28, 2022, 09:10:55 am »
Hi all,
I currently have the following setup:
- OPNsense virtualized, not using proxmox but using your basic kvm
- hosted on a machine with 2 physical NIC's
- the WAN is a bridge on one physical nic, the LAN is a bridge on the other physical nic.
I now also want to add VLAN segmentation on the LAN-side using a managed switch which should arrive any day now.
But I was just wondering: how would I need to configure the VLAN's in combination with the LAN bridge on the OPNsense side?
Will that even work?
Thanks for any info you can give!
Logged
wodec
Newbie
Posts: 9
Karma: 0
Re: virtualized opnsense in kvm - vlan + bridge?
«
Reply #1 on:
November 28, 2022, 05:03:53 pm »
So after some more online searching, am I correct that the best way is:
- configure vlan's on the hypervisor level linked to the physical LAN-NIC
- Create a bridge for every one of those VLAN's, but without an ip address configured
- add these vlan-bridge-interfaces in OPNSense as actual interfaces and then configure IP, DHCP, firewall rules, ... on the level of OPNsense
Is this the way most would handle this?
So basically you configure the VLAN's on the level of the host/hypervisor, the guest (opnsense in this case) isn't even aware of these VLAN's and just sees them as basic "physical bridge interfaces"?
Does this mean that you don't follow the flow in opnsense to add VLAN's (basically you do NOT add them as VLAN interfaces as described here:
https://docs.opnsense.org/manual/other-interfaces.html#vlan
)?
Since OPNSense doesn't see the VLAN's, but considers them as physical interfaces/bridges, you just add them as standard interfaces?
Or am I wrong in my understanding here?
I also read about openvswitch, but honestly, I don't want to go this route, I don't expect a lot of VLAN's, so configuring VLAN-to-bridge interfaces on the hypervisor level isn't really an issue for me.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
virtualized opnsense in kvm - vlan + bridge?