Hey guys, i moved newly from opnsense to CHR ROs setup on proxmox, the concept of vlan seems much harder to wrap the head around.
In pf/opnsense you just go to vlan interface and create vlan based on the the actual ports availble with the desired vlan → create interface IP → enable DHCP
but in ROs, the it seems there are many ways of doing the vlan, while im just trying to create a basic vlan 20 which forward all the traffic to wireguard vpn instead of wan using mangle rule and routing table. While trying to set up the vlan i locked out myself several times while testing different configs. then i tried to setup vlan interface directly on the ether1 (acutal lan port) → created ip for the vlan → enabled DHCP server. and it worked nicely with my managed switch, where all the tagging and untagging being done.
But honestly im not sure if its the best way to do the vlan config or should the vlan be setup as a port through the main bridge1?.
your inputs would be appreciated.
> /interface/vlan/print
Flags: R - RUNNING
Columns: NAME, MTU, ARP, VLAN-ID, INTERFACE
# NAME MTU ARP VLAN-ID INTERFACE
0 R vlan20_vpn 1500 enabled 20 ether1
/interface/bridge/port/print
Columns: INTERFACE, BRIDGE, HW, PVID, PRIORITY, HORIZON
# INTERFACE BRIDGE HW PVID PRIORITY HORIZON
0 ether1 bridge1 yes 1 0x80 none
interface/bridge/print
Flags: X - disabled, R - running
0 R name="bridge1" mtu=auto actual-mtu=1500 l2mtu=65535 arp=enabled
arp-timeout=auto mac-address=BC:24:11:33:8A:53 protocol-mode=rstp
fast-forward=yes igmp-snooping=no auto-mac=yes ageing-time=5m
priority=0x8000 max-message-age=20s forward-delay=15s transmit-hold-count=6
vlan-filtering=no dhcp-snooping=no port-cost-mode=long mvrp=no
/ip/dhcp-server/print
Columns: NAME, INTERFACE, ADDRESS-POOL, LEASE-TIME
# NAME INTERFACE ADDRESS-POOL LEASE-TIME
0 dhcp1 bridge1 dhcp_pool0 1d30m
1 dhcp2 vlan20_vpn dhcp_pool1 1d30m