VLAN in WAN and LAN

Started by verasense, March 23, 2021, 11:41:22 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 23, 2021, 11:41:22 PM Last Edit: March 24, 2021, 01:57:19 AM by verasense
My ISP requests a VLAN of 20, does this mean I should not use VLAN 20 in my LAN?  Or will OPNsense treat differently VLANs on WAN interface vs VLANs on LAN interfaces?
March 24, 2021, 10:11:00 AM #1
Short answer is no. You have thousands to choose from, so why make things more difficult?

Bart...
March 24, 2021, 11:28:25 AM #2
If your OPNsense WAN and LAN interfaces are two separate physical interfaces, you can absolutely use the same VLAN on both of them. VLAN uniqueness is only required within a layer 2 network.
OPNsense virtual machine images
OPNsense aarch64 firmware repository

Commercial support & engineering available. PM for details (en / de).
March 24, 2021, 11:37:39 AM #3
Yes, there are separated physical interfaces, my concern is that, in the same way that if I set the same VLAN in two different physical LAN interfaces they will be "connected", this will happen somehow with the WAN interface. Not sure if the behaviour would be to share a broadcast domain between my LAN VLAN20 and the WAN.

I know that there are a lot of VLAN IDs to choose from, but I had already set my network with certain VLANs before. It is just that my ISP has required me a specific VLAN to connect to its fiber afterwards, and it just happened to be one that I had already assigned and configured.
March 24, 2021, 11:50:47 AM #4
As long as both interfaces are not connected to the same physical network (switch), the VLANs should not be in the same broadcast domain.

Quote from: verasense on March 24, 2021, 11:37:39 AM
if I set the same VLAN in two different physical LAN interfaces they will be "connected"

Did you actually observe that? While you can create bridges between physical interfaces in OPNsense, I would be very surprised if it would do so automatically simply based on identical VLAN IDs.
OPNsense virtual machine images
OPNsense aarch64 firmware repository

Commercial support & engineering available. PM for details (en / de).
March 25, 2021, 07:54:26 PM #5 Last Edit: March 25, 2021, 08:08:26 PM by verasense
Mmmm.. Actually I didn't observe that, it is an assumption. I thought that connecting to the VLAN 10 on interface 1 and to the VLAN 10 on interface 2 was going to exchange packets between them.

You are right about that - I actually remember I had to create a bridge in the past to connect two networks from different interfaces. Just thought that having the same VLAN will trigger the same behaviour as a switch, which is not true.
March 25, 2021, 08:17:50 PM #6 Last Edit: March 25, 2021, 08:19:49 PM by Maurice
Oh, assumptions are dangerous... speaking from experience. ;)

It's not a switch. I see no reason why it would automatically bridge VLANs across different physical interfaces just because they have the same VLAN ID.

Why not go ahead and just try it?

[edit]
Your edit was faster than my response. :-)
[/edit]
OPNsense virtual machine images
OPNsense aarch64 firmware repository

Commercial support & engineering available. PM for details (en / de).
March 26, 2021, 12:23:20 AM #7
Thanks :-D
Print
Go Up Pages1
User actions