Hi, I am playing around with link aggregation and bonded three physical interfaces into one 802.3ad bonded interface that will run vlans for one lan and two wan interfaces on a LAGG capable switch. I know I can set firewall zones for lan and wan interfaces that use bond interface vlans in OpenWrt but what is the best practice for setting the zone of the actual bond interface itself?
I tried setting the bond interface to a wan zone and unspecified zone and locked myself out. Setting it to a lan zone seemed ok but I'm not sure if I should leave it or if I'm missing a better way to set the zone. Any insight would be appreciated!
-Update-
It seems I should just assign a new zone for the bond vlan trunk that does not allow forwarding. Everything now works fine with out grouping the bond interface in the lan zone.