OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • English Forums »
  • General Discussion »
  • Virtual Interface VLANs
« previous next »
  • Print
Pages: [1]

Author Topic: Virtual Interface VLANs  (Read 4560 times)

NOYB

  • Jr. Member
  • **
  • Posts: 75
  • Karma: 6
    • View Profile
Virtual Interface VLANs
« on: January 18, 2018, 01:26:28 pm »
Any plan to use virtual interface vlans (em0.1 vs em0_vlan1)?
https://www.freebsd.org/doc/handbook/network-vlan.html

I don't know what all the advantages are.  But I know it is much nicer to work with packet capturing.  Can just specify the virtual vlan interface (em0.n) rather than having to include the vlan tag in the capture filter.
« Last Edit: January 18, 2018, 01:30:47 pm by NOYB »
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 17704
  • Karma: 1617
    • View Profile
Re: Virtual Interface VLANs
« Reply #1 on: January 19, 2018, 05:00:50 pm »
Maybe I'm missing something, but I only see a difference in the device name handling, so "." vs "_vlan"?
Logged

NOYB

  • Jr. Member
  • **
  • Posts: 75
  • Karma: 6
    • View Profile
Re: Virtual Interface VLANs
« Reply #2 on: January 20, 2018, 12:56:26 am »
One of us is missing something.  Most likely me.  If it is just naming convention then perhaps the question would be; any plans to use the "best practice" defined there?

Quote from: https://www.freebsd.org/doc/handbook/network-vlan.html
Note:
See how the interface name includes the NIC driver name and the VLAN tag, separated by a period? This is a best practice to make maintaining the VLAN configuration easy when many VLANs are present on a machine.

They seem to emphasize the use of dot tag for some reason.  Wish they provided an example and explanation of how/why this makes "maintaining the VLAN configuration easy when many VLANs are present on a machine."  And is thus best practice.
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 17704
  • Karma: 1617
    • View Profile
Re: Virtual Interface VLANs
« Reply #3 on: January 20, 2018, 09:09:59 pm »
The "easy" part is that you can see the hardware interface and the VLAN tag in the name. Whether the separator is "_vlan" or "." is a personal preference, but the idea is the same. The normal VLAN name is "vlan0" and that can be confusing as one doesn't directly know the physical interface nor the VLAN tag.

"." is going to be difficult to pull off while avoiding operational problems for a while, because "_vlan" is used in the config.xml and in numerous hardcoded situations in the interface code.

A batch of work for no GUI-based benefit. On the backend, "em0.1" looks simpler, but also be more ambiguous. VXLAN will make sure of it:

https://wiki.freebsd.org/vxlan

In that case it may be better to go on with "_vxlan" instead of using e.g. ".x". Or the whole interface identification code needs to be rewritten to not use the name at all, then we could just leave all of it as "vxlan0", "em0" and "vlan0" and we are back to "not easy". :)

Because of those reasons, I don't think a move away from "_vlan" to "." will happen. Sorry.


Cheers,
Franco
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • English Forums »
  • General Discussion »
  • Virtual Interface VLANs
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2