When you ping google.com, does this resolve as Google’s v4 or V6 address
It’s definitely returning the v4 address each ping.
Which rule was this? But more importantly, in the Wireshark trace, does any traffic at all from 192.168.10.1 show up as a source IP?
The “only allow access to internet” rule on the gaming interface which encapsulates the firewall alias I set as “privatenetworks” that included the LAN and gaming nets. As far as wireshark, I do see traffic from 192.168.10.1 as a source! Being totally fresh with you on the ARP broadcasts, with my current understanding, I don’t know if I’m picking it out right. I do see broadcast requests coming from my laptop to 192.168.10.1 via DNS with responses of AAAA ipv4only.arpa.
To be clear, are you running 1 Gbps on the OPNSense interface and on all the switch ports?
OPNSense has a 2.5 Gbps connection to from the modem to 2.5 Gbps port on the box itself. Then the switch that is connected to the LAN on both the OPNSense interface and the switch port are both 2.5 Gbps. The remainder of the ports on the switch are all also 2.5 Gbps capable, but there are some ports occupied by devices that only support a max of 1 Gbps.
I did test the vlan by disabling ipv6 entirely and bam! All traffic flows no problem. Certainly a quick fix, but for no reason other than looking to understand and learn, I do want to get it working. I’ve got both LAN and the vlan set to track interface, and originally, both to allow manual adjustment of DHCPv6 and router advertisements. That seems to work no problem on the LAN with a prefix ID of 1, passes all ipv6 tests. On the vlan, though, prefix ID of 2, I do get the expected ipv6 leases with the corresponding ID, but it can never pass the ipv6 tests.
Wow, that was a highly relevant thread! Feels like my search skills were lacking to not have come across that.
Seems like I’m only a couple of adjustments away from getting this working, so I’ll give you some peace now. Thank you so much again for your time and advice!