How to enable LAN bridge to use all the optical interfaces on OPNSENSE?

 

The focus of this article is on the steps involved in enabling a LAN bridge within OPNsense. The LAN bridge functions as a switch by utilizing the optional ports available on the hardware. 

 

IMPORTANT! Bridged interfaces may not be as efficient as employing a separate physical switch. Using a separate switch for the LAN interface is the recommended approach and may offload some switching activities from router, utilizing resources on more needed services.

 

Note: If the port being used for the web interface is added to the bridge, then physical access to the unit will be necessary.

 

We are using the Topton firewall device with 4 NICS

Step1: How to Create a LAN Bridge

In this example we will be assigning the LAN interface to a bridge utilizing additional ports, OPT1 (eth2) and OPT2(eth3).

Note: Using this method/example will retain any configurations made on the LAN interface and apply them to any of the bridged interfaces, this includes firewall rules, DHCP, etc.

Go to Interfaces >> Assignments:

     

      • To enable the each interface, click the on the interface label(OPT1,OPT2,etc) in the left column. Select Enable interface and leave other options as default.

       

        • Go to the Interfaces > Other types > Bridge and click to Add bridge

         

          • Select OPT1 and OPT2 using Ctrl+Click. Don’t select the LAN interface. Click Save.

           

            • Navigate back to the Interface Assignments tab and change the LAN interface port to BRDIGE0 

                 

                  • IMPORTANT! Once the settings are saved connection to the web interface will be lost. Swap the Ethernet connection to one of the optional ports(OPT1 eth2,OPT2 eth3) added into the bridge to regain access

              • Click Save

            Go back to the Interface > Assignments and add em1(eth1/LAN1) interface back and click save.

            Now we can rename the interfaces so they are easier to recognize further:

            OPT1 to ETH2

            OPT2 to ETH3

            OPT1 to ETH1

            Click on each interface, rename and save. Make sure they’re enabled. As example:

            After the changes, they should look like this:

            Assign the port previously used as LAN/OPT3/ETH1 and enable it as done in the steps earlier

            Navigate back to the Interfaces > Other types > Bridge menu and add(Ctrl+Click) ETH1 and click Save

               

                • Navigate to System > Settings > Tunables

                • Select net.link.bridge.pfil_member and change its value to 0. Click Save

                • Select net.link.bridge.pfil_bridge and change its value to 1. Click Save

                 

                  • Click Apply Changes at the top

                   

                    • Reboot

                    • Verify bridged ports are functioning

                  0 Shares:
                  You May Also Like