Multiple NIC's, VLANs setup

[opnsenseuser1]

Hi All,
Does any one have the following setup ?

Multiple NICs (network interfaces ) on a firewall / router device has successfully setup VLANs and
 If a particular device is connected to any of those multiple ports get same IP from DHCP always, even if you change the connected port.

I did try to create VLANs but don't see the bridge I created to choose as parent interface.

If you have already done, can you please send steps to complete the setup.

It will help me and the opnsense community as many users are looking for this type of setup.

Thank you.
Best Regards.

[Patrick M. Hausen]

Are the NICs supposed to be port based members of a single VLAN or trunk ports carrying tagged traffic?

You cannot pass tagged traffic over a bridge interface. If you neeed e.g.

VLAN 100, 200, 300 ... on each of three interfaces, then you need to create the VLANs on each interface individually, all  of them, three times each. And the a bridge interface for each VLAN bridging all of these together. Per VLAN.

FreeBSD is not a switch. It is not VLAN aware in the sense switches are. VLANs are more like subinterfaces in a 802.1q capable router.

A switch can be simulated with if_bridge(4). But that is not VLAN capable. So you need a separate virtual switch (i.e. bridge) for each VLAN.

If you need more VLANs than manageable with a hand built setup like this, you need to connect via a trunk to a switch and use a real switch for that.

[opnsenseuser1]

Hi,
First of all thank you for the reply.
My bad, I meant to say multiple physical ports (I should NOT have said multiple NICs).

I don't have much knowledge about networking.

The device I have has ETH0, ETH1, ETH2, ETH3, ETH4, ETH5 (these are Intel- I226-V network ports)

I would like to install Opnsense and use ETH0 for WAN and all remaining ports for LAN with VLANs.

If I connect DeviceA into any of the ETH1 to ETH5 this DeviceA should always get same IP (with MAC and IP mapping - lets say 10.0.2.4 from VLAN2).

If I connect DeviceB into any of the ETH1 to ETH5 it should get 10.0.4.4 from VLAN4
If I connect DeviceC into any of the ETH1 to ETH5 it should get 10.0.4.5 from VLAN4

If I connect DeviceD into any of the ETH1 to ETH5 it should get 10.0.6.8 from VLAN6

If I connect DeviceE into any of the ETH1 to ETH5 it should get 10.0.7.8 from VLAN7

If I connect a switch to any of the ETH1 to ETH5 ports can it carry all VLANs (trunk, may be I can use a particular port if this is not possible)

I can create LAGG, but If I create VLANs on LAGG the VLANs are not giving DHCP client address nor connecting to internet.

[Patrick M. Hausen]

OPNsense cannot do dynamic VLAN assignments per e.g. MAC address. You need a switch to do that. If you bridge multiple ports, you cannot configure VLANs on the bridge interface.

You can create VLAN 2 on all ports. Create VLAN 4 on all ports. Create a "bridge2" that contains all the VLAN 2 interfaces on all the ports and a "bridge4" that contains all the VLAN 4 interfaces on all ports.

I essentially wrote that, already, but maybe now it's clearer?

So as I said, one bridge per VLAN.

That still leaves open how the devices get assigned to VLANs?