OpnSense Hardware Migration

Started by Chris Luckhurst, July 26, 2023, 12:53:23 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
July 26, 2023, 12:53:23 PM
Hi Community,

I've been running OpnSense off a Proxmox server for sometime, but want to move it down to small platform device, so I picked up a Beelink U59 device.

My restore experience was not fun, so I went from scratch.

re0 is LAN
re1 is WAN
I've added some vlan's via the opnsense to match the config I have (of sorts) in the old one.

The challenge is, nothing seems to work the same.

I believe it's because in the new opnsense, I have LAN (re0) where I do not because the creation of vlan's were created outside the OS and in proxmox -- like attached images

Witch port this lies on is Tag: 19,66   Untagged : none    PVID: 19

Thoughts?
July 26, 2023, 01:50:44 PM #1
Best thing I can think of to try first is to do search and replace in a copy of the config backup for the interface names. Careful if you have VLANs as they will appear in more places. Then import.
Alternatively if it stays up without crashing, go to console and re-identify interfaces. That should update the config with the new names.
July 26, 2023, 02:11:18 PM #2
em0_vlanxx vs vlanxx , assigned to re0 --- re0 needs to be live and listed --cannot be disabled or not show, Granted it does not need an interface configured ..but I get no response to the IP address on vlan19 in the new config -- it's like traffic is not getting through.

I am wondering because it is a bridged interface or if because the vlans were setup via Proxmox and not in Opnsense on the original; if they are referenced differently --  since they take on the interface name em0_ -- where manually I cannot do that in the OPNSense Other types , they need to be vlan0xx

I have one more interface for the LAN that I do not have in the Virtual -- if that makes sense.
July 26, 2023, 02:19:33 PM #3
I don't have any experience with Proxmox, unfortunately. You need to create your VLAN interfaces on top of the trunk interface (re0 or re1) and assign the VLAN interfaces to their symbolic names/references like LAN, OPT1, ...

You should not at the same time use the untagged parent interface for anything.

And last - bad news - the hardware might not be well suited for running OPNsense. The Realtek driver builtin to FreeBSD while using the current network architecture and theoretically supporting all modern features of the current driver framework does not support all hardware well. Because Realtek refuses to publish specifications for their hardware.

There's a driver maintained by Realtek but that one uses the old outdated FreeBSD driver framework and will probably cease to work at all at some time in the future.

Lesson: just don't buy Realtek. Sorry.

The current situation is neatly summarised in this FreeBSD issue:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=272686

HTH,
Patrick
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
July 26, 2023, 02:37:12 PM #4
I was tempted to mention the re choice of hardware :) . Agree entirely, don't use Realtek for networking functions.

@Chirs, I don't understand your last post, sorry.
July 26, 2023, 05:04:41 PM #5
Thanks all.

Yes, I read about that realtek

Any suggestions on a small device or 1U short rack (~11inch deep) , about 50 devices, home-based office

Preference to somewhere with Free Shipping to Canada (like Amazon.ca, Newegg.ca )  ordered a case from plinkusa ... man that was a small fortune after shipping, duty ! 


July 26, 2023, 05:16:59 PM #6
I recommend the official appliances by Deciso:
https://shop.opnsense.com/

Free shipping to Canada as far as I could check without buying ;)
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
July 27, 2023, 12:50:50 AM #7
Quote from: Chris Luckhurst on July 26, 2023, 05:04:41 PM
Thanks all.

Yes, I read about that realtek

Any suggestions on a small device or 1U short rack (~11inch deep) , about 50 devices, home-based office

Preference to somewhere with Free Shipping to Canada (like Amazon.ca, Newegg.ca )  ordered a case from plinkusa ... man that was a small fortune after shipping, duty !

Hmmmmmmm - - - electronics - - - doesn't usually have duty - - - - you will have to pay GST/HST at the very least.
Shipping can really hurt and its generally quite slow.
If stuff is shipped in using a courier - - - - you will pay them a fee for their services clearing it - - - - cheap here is $14 and it vary up to $35 per package (with taxes on top of that too - - - - that's even if there is no duty!!!).
Print
Go Up Pages1
User actions