VLAN Proxmox or OPNSense might not be suitable depending on your setup.
VLAN Proxmox or OPNSense might not be suitable depending on your setup.
You're repeatedly attempting to link an L3 interface to your OPNSense VM because it needs a bridge configured with just a VLAN tag. This setup is necessary when you want traffic routed through the bridge without using a veth connection, especially if you need to connect directly to the ISP device via the NIC.
it's not an Opnsense VM, just a regular Ubuntu host inside a container. That's exactly what I'm aiming for: FW-01 (Opnsense) is linked on port 6 for the DMZ, using VLAN 33 outgoing. I don't want DMZ machines to connect to any of the servers. So VLAN 33 needs to go directly to the machines themselves. (Or a bridge acting like a switch). All the setup so far works so my test VM can communicate over VLAN33. But it still doesn't get an IP address from FW-01. And I'm confused about your question. What is the Layer 3 interface? In Setup 2 I only gave the VM vmr33 without a tag, since traffic should be untagged at this stage. In Setup 1 there was no untagging and just VLAN awareness, so I had to add the tag on the machine as well. People, I really don't understand. How could something so simple cause me such trouble for 14 hours straight?
I noticed OPNSense in your initial message and thought you might be facing an issue with setup. It seems you're configuring an interface in Proxmox under System > Network and then attempting to link it. What I'm missing is understanding the source of the veth connection. Would you like me to walk through your configuration and clarify the steps?
Adjust the DMZ network to mimic the management network, confined to VLAN33. Traffic flows from the firewall to the virtual machines. Whether you manually tag the VM or let the assigned bridge handle it doesn’t matter. There appear to be four possible points where this might fail. I’m unsure exactly where, since I haven’t plugged in the physical switches or set up redundancy. If the PMOX configuration isn’t working, it’s likely elsewhere—probably on the firewall: auto-enp3s0.33 with interface enp3s0.33, inet manual, vlan-raw-device, bridge-ports enp3s0.33, bridge-stp off, bridge-fd 0.
It turns out I made a mistake. VLAN33 is functioning properly. The DHCP isn't working as expected. The connection seems to work with my current configuration. I'll keep this topic open for feedback, questions, and tips while I continue working on it. Thanks for your support so far.
It looks like just DHCP isn't functioning properly. Everything else seems normal. I wasn't able to identify the problem, so I tried an alternative setup using DCHP/DNS (Pihole), which worked well. So far, I haven't encountered any other network issues besides those related to DHCP. I'm closing this post now, thanks for your assistance.