I use LXD to run multiple containers and a VM. The VM handles ingress traffic and then hands off to the individual VMs on a bridge.
However, I’ve noticed a hard limit it seems in LXD with QEMU/KVM that limits the system to 6 NICs on the pfSense. Which means I can’t add all the network sections I need (one per public IP address, which is 6 of them) on top of the standard network interface on-system referred to by NAT redirecting traffic via pfSense on those systems.
Because of that, I’m looking to see if there’s a way to create an LXD-managed network segment that can carry VLANs on it to the pfSense VM which would be attached to the specific network segment. Is this doable, and how would I approach this?
I recently created a VM with many more NICs in it than that, although it was running Ubuntu rather than pfSense, so I would need more information on what specifically is limiting you here. There’s not a hard limit of 6 in LXD.
I’m not quite able to visualise what you are asking with regard to VLANs and network segments.
You can setup a managed bridge lxc network create and then connect the VM and containers to it.
You can then use VLANs on that bridge, see vlan and vlan.tagged on the bridged NIC type:
I’m going to chalk that one up to a “glitch” in the environment.
What I was hoping though was instead of spawning numerous NICs on the VM (which UNFORTUNATELY due to the way KVM works in the environment, forces PXE Boot attempts on every single NIC before attempting to boot to disk - iPXE is pain), was to have a single interface on the pfSense VM that would carry all VLANs into the VM (the equivalent of a trunk line) so I could only have two NICs and then VLANs instead. Couldn’t figure out how to do that.
Now I’m just going to try and figure out how to disable iPXE during boot…