OPT Ports as Separate VLANs
-
This post is deleted! -
@MilesMorales
Why do you want separate NICs for each VLAN? You'll then have to combine them again in a switch.
-
This post is deleted! -
@MilesMorales
You may want to read up on VLANs. If you have separate interfaces and you're not using managed switches, you're not using VLANs. VLANs are a method of carrying logically separate networks over the same local LAN. The networks are identified by the VLAN tag. Once the VLANs have been set up, configuring one is exactly the same as a physical interface. Once you have pfSense configured for VLANs, you then use a managed switch to handle them as appropriate. You can have multiple VLANs on a cable or just one, depending on how you configure the switch.
BTW, avoid TP-Link. Some models don't handle VLANs properly.
-
This post is deleted! -
@MilesMorales
Think about what VLANs do. That is separate logical networks over the same wire. This means only one of those can be untagged, as the tag is what's used to separate the logical LANs. A common example is office phones and computers sharing the same Ethernet port. The computers are usually on the untagged native LAN and the phones are on the tagged VLAN. The cable first goes to the phone, where the tagged frame is remove and the untagged frame is passed on to the computer. Another example would be guest WiFi. The main WiFi LAN would be untagged, but the guest VLAN would be tagged. You could even have multiple SSIDs on that WiFi with more VLANs. So, bottom line, you get only one untagged LAN and multiple tagged VLANs.
-
You can have many untagged vlans - On different interfaces.. Pretty much all vlans are untagged to devices.. But no you can not run multiple untagged vlans on same physical interface.
If your connecting from your switch to an opt interface with no vlan setup - this is an untagged vlan.. You still need to set this up in your switches as some vlan ID, even if pfsense doesn't know about it.
But you have to have a switch that understands vlans to run multiple network on the same switch..
Do you have different physical switches your going to connect these different opt interfaces too? If so then sure what your doing is fine.
As to reasons of different interfaces for each vlan - the big reason to do this, is bandwidth... vlans on the same physical interface share bandwidth.. If I want vlan X and vlan Y to want full bandwidth of the physical interface, then yes I would put them on their own... And no you don't need to tag it, uplink just goes to switch that knows what vlan this traffic is, or a dumb switch that only devices on this network/vlan are going to be on.
