Setting up OPNsense with YouFibre FTTP

YouFibre uses a standard DHCP handoff from the ONT (optical network terminal), so there is no PPPoE, no VLAN tagging required on the WAN, and no username or password to enter. You plug an Ethernet cable from the ONT into your router's WAN interface and configure that interface for DHCP. That's it for the basic connection.

On my setup - an HP ProDesk 400 G5 SFF running OPNsense with an Intel X550-T2 dual-port 10GbE NIC - the WAN interface came up immediately on first boot. No special configuration was needed to authenticate or negotiate the connection.

MTU

Leave MTU at the default (1500) unless you have a specific reason to change it. I initially tried 9000 (jumbo frames) on the LAN side but the YouFibre ONT side doesn't support jumbo frames, so the WAN stays at 1500. Jumbo frames on the internal LAN are fine if your switch supports them, but keep the WAN interface at 1500 to avoid fragmentation issues.

Dual-WAN failover

I run YouFibre as WAN1 (primary) and a second ISP on WAN2 (standby). In OPNsense, this is configured under System → Gateways. Set a gateway monitor IP for each WAN (I use the ISP's own DNS server address as the monitor target), then create a gateway group with WAN1 at Tier 1 and WAN2 at Tier 2. Apply that gateway group to your LAN firewall rules and OPNsense will automatically fail over if the primary drops.

In over two years, the failover has never been triggered. Which is exactly the outcome you want.

DNS

I run Unbound as the local DNS resolver rather than forwarding to YouFibre's DNS servers. Latency is marginally better and it gives me local split-DNS for internal services. No issues with YouFibre blocking or interfering with third-party DNS.