Add a VLAN to OPNsense in Just 26 Clicks Across 6 Screens
28 points by mtlynch
28 points by mtlynch
Yeah the UX is pretty bad but we shouldn't complain if we're not paying for it / offering to improve it (I note you do pay, of course). You don't create a VLAN very often.
My biggest tip is to collapse the sidebar so you can merely hover your way through the deep menus, instead of having to hover AND click each submenu (don't clear your cookies though, as that's where the pref is saved).
Also make use of the search bar in the top right - it searches the menus
I do think we should complain though. Obviously the tone should be correct, but bad UX is bad, and over time it just leads to death by a thousand papercuts. And devs need to know that their UX is bad to be able to do something about it, because it's always going to be obvious to the dev, and OSS projects don't really have the budget to do user testing!
I think the prime example of open source fixing its bad UX is Blender. After 2.8, it got massively more popular because it was just more approachable (and now arguably has the better UX of all the 3D software?) Another example is Musecore, where I can't recommend tantacrul's video enough, which eventually lead to him getting hired to work on it and actually fixing those things!
I say this because this is important feedback. UX is subjective, and bad one isn't a bug you can fix in a day, but this kind of thing is really important to have data on.
Yeah, I normally wouldn't complain about an open-source project, especially if it was just someone's passion project, but OPNsense is a commercial product, and I pay an annual subscription. I chose to use OPNsense because it's open-source, but I also don't think open-source means we can't give critical feedback.
I'm not going to pretend that the three hours I spent writing this blog post are the most helpful hours I could have spent on improving the situation, but I do still feel like my feedback was constructive and so I believe it is helpful to the project.
I've been setting up OPNsense lately, and wandering through these screens. The pain is real.
Meanwhile on OpenBSD I can do something like:
echo vnetid 111 parent igc1 > /etc/hostname.vlan111
echo inet 10.1.111.1/24 >> /etc/hostname.vlan111
sh /etc/netstart vlan111
OK, setting up DHCP service or adding that VLAN to a bridge/veb is more complex, but this is easy to reason about. I also like that per man netstart this hasn’t changed for a long time (4.0BSD is 1980). edit: I realised this can’t be right as other BSDs do it differently. In 4.0BSD there is a netstart but it’s quite different (a C wrapper around a daemon to manage the network.)
Been using OPNsense for about 5 years, done this and much more complicated ( in OPNsense ) setup. And it does what I want it to do but I hate it.
My next router utility machine will run nixos. I will probably spend a lot more time setting it up, setting up fewer things but I will not be anywhere near as reluctant to change something.
m0n0wall was the last usable UI for these BSD firewalls
I definitely would encourage switching to vanilla OpenBSD/FreeBSD for sanity.