OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 15.7 Legacy Series »
  • [SOLVED] - Bridge between two vlans
« previous next »
  • Print
Pages: [1]

Author Topic: [SOLVED] - Bridge between two vlans  (Read 6886 times)

romain

  • Full Member
  • ***
  • Posts: 101
  • Karma: 9
    • View Profile
[SOLVED] - Bridge between two vlans
« on: July 03, 2015, 05:00:07 pm »
Hello,

I have a two ports network card plugged to two different switchs which are not stackable.

I configured a vlan 8 on the two network cards and created a bridge to be on the same "switch". I activated STP RST on the two sitchs to avoid layer 2 loop.

I didn't put any IP on the vlan interface directly but I added my IP on the bridge interface. I changed some setting to set ip filter on the bridge int and deactivated ip filter on member int.

But since nothing works. If I remove my bridge and put different IP on my vlan int. I can ping any machine on the network. With the bridge I always get "Host not found".

If I look with a TCPDUMP on the interface (bridge and VLAN int) I can see the arp request:

Code: [Select]
root@KISS0525002:~ # tcpdump -i bridge0 -xxx
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on bridge0, link-type EN10MB (Ethernet), capture size 65535 bytes
14:17:40.945966 ARP, Request who-has 172.28.11.26 tell 172.28.11.102, length 28
        0x0000:  ffff ffff ffff 02bd 8562 ce00 0806 0001
        0x0010:  0800 0604 0001 02bd 8562 ce00 ac1c 0b66
        0x0020:  0000 0000 0000 ac1c 0b1a
14:17:41.961821 ARP, Request who-has 172.28.11.26 tell 172.28.11.102, length 28
        0x0000:  ffff ffff ffff 02bd 8562 ce00 0806 0001
        0x0010:  0800 0604 0001 02bd 8562 ce00 ac1c 0b66
        0x0020:  0000 0000 0000 ac1c 0b1a
14:17:43.024847 ARP, Request who-has 172.28.11.26 tell 172.28.11.102, length 28
        0x0000:  ffff ffff ffff 02bd 8562 ce00 0806 0001
        0x0010:  0800 0604 0001 02bd 8562 ce00 ac1c 0b66
        0x0020:  0000 0000 0000 ac1c 0b1a
14:17:44.087801 ARP, Request who-has 172.28.11.26 tell 172.28.11.102, length 28
        0x0000:  ffff ffff ffff 02bd 8562 ce00 0806 0001
        0x0010:  0800 0604 0001 02bd 8562 ce00 ac1c 0b66
        0x0020:  0000 0000 0000 ac1c 0b1a
14:17:45.150840 ARP, Request who-has 172.28.11.26 tell 172.28.11.102, length 28
        0x0000:  ffff ffff ffff 02bd 8562 ce00 0806 0001
        0x0010:  0800 0604 0001 02bd 8562 ce00 ac1c 0b66
        0x0020:  0000 0000 0000 ac1c 0b1a
14:17:45.447351 ARP, Request who-has 172.28.11.3 tell 172.28.11.100, length 42
        0x0000:  ffff ffff ffff 0cc4 7a32 5bca 0806 0001
        0x0010:  0800 0604 0001 0cc4 7a32 5bca ac1c 0b64
        0x0020:  0000 0000 0000 ac1c 0b03 0000 0000 0000
        0x0030:  0000 0000 0000 0000
^C
6 packets captured
6 packets received by filter
0 packets dropped by kernel
root@KISS0525002:~ # tcpdump -i oce0_vlan8 -xxx
tcpdump: WARNING: oce0_vlan8: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on oce0_vlan8, link-type EN10MB (Ethernet), capture size 65535 bytes
14:18:03.182844 ARP, Request who-has 172.28.11.26 tell 172.28.11.102, length 28
        0x0000:  ffff ffff ffff 02bd 8562 ce00 0806 0001
        0x0010:  0800 0604 0001 02bd 8562 ce00 ac1c 0b66
        0x0020:  0000 0000 0000 ac1c 0b1a
14:18:04.183251 ARP, Request who-has 172.28.11.26 tell 172.28.11.102, length 28
        0x0000:  ffff ffff ffff 02bd 8562 ce00 0806 0001
        0x0010:  0800 0604 0001 02bd 8562 ce00 ac1c 0b66
        0x0020:  0000 0000 0000 ac1c 0b1a
14:18:05.203726 ARP, Request who-has 172.28.11.26 tell 172.28.11.102, length 28
        0x0000:  ffff ffff ffff 02bd 8562 ce00 0806 0001
        0x0010:  0800 0604 0001 02bd 8562 ce00 ac1c 0b66
        0x0020:  0000 0000 0000 ac1c 0b1a
14:18:06.266969 ARP, Request who-has 172.28.11.26 tell 172.28.11.102, length 28
        0x0000:  ffff ffff ffff 02bd 8562 ce00 0806 0001
        0x0010:  0800 0604 0001 02bd 8562 ce00 ac1c 0b66
        0x0020:  0000 0000 0000 ac1c 0b1a
^C
4 packets captured
4 packets received by filter
0 packets dropped by kernel
My Network card is an Emulex OCE11102-NT and I use the driver found on the freebsd kernel module 10.1 (oce.ko).

Do you know what I do in the wrong way ?

Thanks
Romain
« Last Edit: July 07, 2015, 06:00:02 pm by romain »
Logged

lucifercipher

  • Jr. Member
  • **
  • Posts: 55
  • Karma: 9
    • View Profile
Re: Bridge between two vlans
« Reply #1 on: July 06, 2015, 10:58:52 am »
dear romain,

Since the ideology of bridging is same among BSD style routing platforms, please take a look here for really detailed documentation. https://doc.pfsense.org/index.php/Interface_Bridges

You must read everything in order to grab knowledge :) Afterall, knowledge is power .

P.S: Just a tip. You have to create firewall rules to allow the traffic among bridged / to and fro on bridges too.
« Last Edit: July 06, 2015, 11:01:57 am by lucifercipher »
Logged

romain

  • Full Member
  • ***
  • Posts: 101
  • Karma: 9
    • View Profile
[SOLVED] - Re: Bridge between two vlans
« Reply #2 on: July 07, 2015, 05:59:44 pm »
it was something related to the driver. Everything I've done as configuration was okay.

Thank you for the reply.
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 15.7 Legacy Series »
  • [SOLVED] - Bridge between two vlans
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2