Issues keeping vlan after reboot

[megabox]

Looking for some guidance on persisting a tagging vlan interface after reboot, or if there is an alternative approach:

I'm setting a pc up with opnsense, using bootable usb drive as 'installer' user.
I first set up my usb/rj45 (ue0) as lan, and wired nic (re0) as wan.
Reboot and log in as root.
Connect 2nd pc directly to nic, it gets a 192.168.1.* IP, can ping opnsense box.
Prevent interface removal for LAN interface (ue0)

In opnsense console, run these commands:
ifconfig re0.10 create
ifconfig re0.10 vlan 10 vlandev re0
ifconfig re0.10 up

Back in GUI:
Assign WAN/re0 interface a specific mac address (same address as my ISP router)
Enable re0.10 interface with description WAN_VLAN10, set as DHCP, Prevent interface removal
Assign WAN_VLAN10/re0.10 interface same mac address as re0
Disable WAN/re0 interface

Wait a couple of minutes, re0.10 gains public IP
Can now ping eg. google/8.8.8.8 from opnsense and also from 2nd laptop. tracert shows opnsense box as first item so am assuming traffic is working as expected.
Everything looks good at this stage.
Now reboot opnsense.

After reboot
ue0/LAN interface OK, can ping opnsense box from 2nd laptop (lan seems OK)
all changes around re0/re0.10 missing and am unable to ping 8.8.8.8 and interface re0.10 is missing.

--

It looks like the changes made with ifconfig seem to work OK, but are not sticking post reboot.

At this stage, I'm not sure if there's something I'm missing or if I'm taking the wrong approach and there is a different method I should use to get vlan tagging working on re0 and/or re0.10?

[megabox]

I may have fixed this:

Reload everything from usb boot as noted, to clear messy existing settings.
Reboot and log in as root in GUI.

usb/rj45 (ue0) as lan
wired nic (re0) as wan
update re0 to use ISP router MAC
enable/set to prevent removal (ensures USB interface stays at LAN, otherwise will swap to WAN if this isn't set)

different steps this time:
add VLAN on re0 (Interfaces->Devices->VLAN):
- device: vlan0.10
- parent: re0
- VLAN tag: 10

Interfaces: [WAN_VLAN10]
- enable
- prevent removal
- IPV4 DHCP
- mac: same as re0

-> save/apply
check WAN_VLAN10 gets public IP 202.* on opnsense box (yes)
check ping to 8.8.8.8 works on opnsense box (yes)
check ping to 8.8.8.8 works on lan connected laptop (yes)

-> reboot
changes stick (yes)
same checks (all good)

Looks like this is the solution - making the changes in the gui vs on the opnsense console

---

I'd be interested to hear any commentary on if this is a good solution or if there are other options?

[meyergru]

You should never be forced to configure anything besides using the GUI - if you need to, you are basically taking the wrong approach.

Use the official docs, where these basics are explained, your specific topic is explained here. Do not use youtube videos, as they are often half-baked, to say the least.

As for your network adapters: You are using the "dream combination" of problematic devices: One is a Realtek NIC and one a USB adapter. Throw a WLAN adapter in the mix and you finally have all three types of adapters that are badly supported on OpnSense. Take a look at https://forum.opnsense.org/index.php?topic=42985.0, points 6 and 7 for an explanation.