Dear forum,
I am running an ESXi7 installation (latest update 7.0.1c is installed).
My first topic is:
I installed a opnsense router/firewall in a guest VM. First, i tried to config this guest with three virtual NIC/vmxnet 3 adapters.
The first vNIC is linked to a physical 1Gbit-Intel-NIC for WAN / ISP-connection.
The second vNIC linked to a physical 10Gbit-Intel-NIC for connections to the local physical nerwork through a manageable switch.
The third (and possible the fourth an so one) is linked to virtual networks only.
The first topic refers to the second vNIC:
I tried to configure VLANs inside of the guest, which means i added VLAN interfaces in opnsense. My problem is: It wasnt possible to get any ethernetframes with VLAN-ID from or to the physical switch. So the question is: How can i passthrough 802.1Q from a guest OS to the physical world? What do i have to configure?
Managing VLANs inside of the ESXi-hypervisor with varying number of vmxnet adapters is not an option for two reasons:
1. Reason: Its not possible to add more than 10 vmxnet 3 adapters to a guest, but i will have more than 10 VLANs. not now, but in a future szenario.
2. The config should be export-/importable to use it on a physical PC Engines APU 4 for fall back scenario without the (or less) need of reconfiguration any devices/interfaces.
Second topic:
The solution of this second topic will be obsolet if there is a answer for the first topic, but i also would like to understand whats going on with this issue.
To finally start with the project, it is ok for me to add up to ten vmxnet 3 adapters for now. So i initially started with the following config to get access to the opnsense webui and to the internet.
vmx0 = WAN
vmx1 = LAN
vmx2 = WiFi private
vmx3 = WiFi guest
I can confirm this assignment by downloading the opnsense config.xml
After i confugured basic settings, i shuted down the opnsense and added two more vmxnet 3 adapters, but it wasnt possible to reach the opnsense after that (no matter if i check the "Connect" option or not).
vmx4 = WiFi smart devices
vmx5 = Wifi HomeOffice devices
After removing Network Adapter 5 and 6, it was possible to reach opnsense again. I tried to figure out the reason for this issue:
Console window of opsense showed, that all assigned interfaces were listet after boot no matter i boot wíth four or six vNICs. Also, vm0 still established a PPPoE-connection to my ISP, so in general, opnsense was running, but for some mysterious reasons, it wasnt possible to reach the internal webui and ssh anymore or ping it.
While the opnsense was running with six adapters, i removed Network Adapter 5 and 6. I expected, that vmx4 and vmx5 would have detached, but the result was, that vmx1 and vmx3 was detached (which intially was assigned to Network Adapter 2 and 4!):
After that, i started opnsense with only the intial four adapters, so opnsense was available again. I added the fifth and sixth adapter while the guest was running and in the console windows, vmx4 and vmx5 was attached.
Right after adding the fifth and sixth adapter, i still reached the webui and it was possible to assign the devices. After the next reboot, opnsense wasnt available anymore.
I also noticed, that clients got DHCP leases from different ranges. It seems, that vmx# assignement gets shuffled after adding new vNICs to a guest in a unknown way.
Whats the reason for this issue?
I am running an ESXi7 installation (latest update 7.0.1c is installed).
My first topic is:
I installed a opnsense router/firewall in a guest VM. First, i tried to config this guest with three virtual NIC/vmxnet 3 adapters.
The first vNIC is linked to a physical 1Gbit-Intel-NIC for WAN / ISP-connection.
The second vNIC linked to a physical 10Gbit-Intel-NIC for connections to the local physical nerwork through a manageable switch.
The third (and possible the fourth an so one) is linked to virtual networks only.
The first topic refers to the second vNIC:
I tried to configure VLANs inside of the guest, which means i added VLAN interfaces in opnsense. My problem is: It wasnt possible to get any ethernetframes with VLAN-ID from or to the physical switch. So the question is: How can i passthrough 802.1Q from a guest OS to the physical world? What do i have to configure?
Managing VLANs inside of the ESXi-hypervisor with varying number of vmxnet adapters is not an option for two reasons:
1. Reason: Its not possible to add more than 10 vmxnet 3 adapters to a guest, but i will have more than 10 VLANs. not now, but in a future szenario.
2. The config should be export-/importable to use it on a physical PC Engines APU 4 for fall back scenario without the (or less) need of reconfiguration any devices/interfaces.
Second topic:
The solution of this second topic will be obsolet if there is a answer for the first topic, but i also would like to understand whats going on with this issue.
To finally start with the project, it is ok for me to add up to ten vmxnet 3 adapters for now. So i initially started with the following config to get access to the opnsense webui and to the internet.
vmx0 = WAN
vmx1 = LAN
vmx2 = WiFi private
vmx3 = WiFi guest
I can confirm this assignment by downloading the opnsense config.xml
After i confugured basic settings, i shuted down the opnsense and added two more vmxnet 3 adapters, but it wasnt possible to reach the opnsense after that (no matter if i check the "Connect" option or not).
vmx4 = WiFi smart devices
vmx5 = Wifi HomeOffice devices
After removing Network Adapter 5 and 6, it was possible to reach opnsense again. I tried to figure out the reason for this issue:
Console window of opsense showed, that all assigned interfaces were listet after boot no matter i boot wíth four or six vNICs. Also, vm0 still established a PPPoE-connection to my ISP, so in general, opnsense was running, but for some mysterious reasons, it wasnt possible to reach the internal webui and ssh anymore or ping it.
While the opnsense was running with six adapters, i removed Network Adapter 5 and 6. I expected, that vmx4 and vmx5 would have detached, but the result was, that vmx1 and vmx3 was detached (which intially was assigned to Network Adapter 2 and 4!):
After that, i started opnsense with only the intial four adapters, so opnsense was available again. I added the fifth and sixth adapter while the guest was running and in the console windows, vmx4 and vmx5 was attached.
Right after adding the fifth and sixth adapter, i still reached the webui and it was possible to assign the devices. After the next reboot, opnsense wasnt available anymore.
I also noticed, that clients got DHCP leases from different ranges. It seems, that vmx# assignement gets shuffled after adding new vNICs to a guest in a unknown way.
Whats the reason for this issue?
