Cannot get Bridging to work at all

Started by EasyGoing1, January 04, 2023, 08:53:00 AM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
January 04, 2023, 12:06:13 PM #15
A passed through NIC is exclusive to that VM. The hardware ends up "inside" the VM. You cannot connect a vSwitch.

But why do you need three interfaces for LAN in a virtualised context? For your VMs it's all vSwitches, anyway.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
January 04, 2023, 12:22:27 PM #16
Quote from: pmhausen on January 04, 2023, 12:06:13 PM
A passed through NIC is exclusive to that VM. The hardware ends up "inside" the VM. You cannot connect a vSwitch.

But why do you need three interfaces for LAN in a virtualised context? For your VMs it's all vSwitches, anyway.

Well, the idea was to essentially have a SOHO router that also hosted VMs and have three of the four NICs just get lumped together under one LAN side of the "router" with VMs being able to also use that LAN interface.

That would kind of ... mimic a traditional SOHO firewall with the added bonus of hosting virtual machines.

The bridge works of course with passthru ... but that begs the question of why can't OPNSense build bridges with virtual NICs? That doesn't make a lot of sense to me ... though now that I think about it, I THINK bridging happens at layer 2 and layer 2 would get managed within each NIC ... so if that is the case, then it does make sense.

So then it looks like my only option is to buy an external 2.5G switch (more than I wanted to spend on this setup) or just use those ports under vSwitches and assign a different subnet to each port ... which isn't all that bad but just not ideal.
January 04, 2023, 12:30:46 PM #17
There is no such thing as a free lunch  :) Maybe your project is a bit too ambitious.

The "SOHO router" build definitely does work running on bare hardware. Why FreeBSD bridging doesn't with virtual interfaces I honestly have no idea. You could try to switch from VMXNET3 to E1000 if you have not done that already. This will not limit your speed to 1G although the OPNsense will report it as such. But since it's all emulated, it's just a question of which "API" OPNsense uses to talk to the virtual hardware.

HTH,
Patrick
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
January 04, 2023, 02:53:03 PM #18
Quote from: pmhausen on January 04, 2023, 12:30:46 PM
There is no such thing as a free lunch  :) Maybe your project is a bit too ambitious.
One can hope ... thought it was the perfect solution ... got the hardware that has 4 2.5G NICS, with the N5105 Intel processor, then I added a 1TB NVMe drive and 32 gigs of ram ... all that at my door for just under $300. THAT would have been ambitious even two years ago.

In theory I had the right idea ... just didn't have a clue as to how I was going to bridge those three NICs ... just assumed it would somehow be possible.

Quote from: pmhausen on January 04, 2023, 12:30:46 PM
You could try to switch from VMXNET3 to E1000 if you have not done that already.
I have not tried that yet and I definitely will. But failing that, a different hypervisor might work, though I'm getting a bit burned out on this setup for the time being.

Print
Go Up Pages 1 2
User actions