Newcomer with a quick request for clarification of something

[hedz]

Hi all,

I am just beginning my adventure with OPNsense, having used OpenWrt for sometime and wanting to familiarise with something else.
In my OpenWrt setup, I have a router with 1 WAN port and 2 LAN ports. The 2 LAN ports have multiple tagged VLANs and are bridged. These 2 ports connect to 2 different Layer 2 switches and communicate with all the VLANs to both.

The hardware I have chosen for learning OPNsense is a Lenovo M720Q with an Intel X520-DA2 card, so I could try and build a very similar configuration. During setup, I chose the onboard NIC as the WAN interface and the 2 SFP+ ports on the Intel card as LAN and OPT1 (I didn't see a way to add both to LAN). From what I have read so far, it doesn't appear to be recommended to use a bridge in OPNsense and that a bridge most certainly cannot have a VLAN or IP address.

So my question is, if I wanted to provide all of multiple VLANs to both of 2 Layer 2 switches, using one SFP+ port for each switch, what is the recommended way to do this and have the firewall etc. treat both ports as the same?
The SFP+ ports are called ix0 and ix1 in OPNsense (I created ix0_vlan26 during setup as it's my 'Infra' VLAN).

Many thanks for any pointers in the right direction
Hedz

[Patrick M. Hausen]

Create the VLANs on each of the physical interfaces. Create one bridge for each VLAN. Only supported way in FreeBSD.