OPNsense Forum

Archive => 20.7 Legacy Series => Topic started by: bobpaul on August 10, 2020, 05:47:41 am

Title: [Solved] Bridge isn't passing traffic between physical ports
Post by: bobpaul on August 10, 2020, 05:47:41 am

I followed the guide for Bridged LAN (https://docs.opnsense.org/manual/how-tos/lan_bridge.html) and it appeared to work, but it turns out it's only half working.

I have igb0 set as WAN, bridge0 set as LAN. Bridge0 contains igb1, igb2, and igb3 (though only igb2 and 3 are plugged in).

All connected links can talk to the router; DHCP works, hosts have internet access, etc. But hosts on igb2 can't talk to hosts on igb3.

Any suggestions on how to proceed?

Title: Re: [Solved] Bridge isn't passing traffic between physical ports
Post by: bobpaul on August 11, 2020, 02:01:35 am

Derp, ok. I'm dumb.

Today I noticed in FreeBSD's handbook (https://www.freebsd.org/doc/handbook/network-bridging.html) that bridges are affected by the packet filter. Specifically, pf treats packets flowing through the bridge as entering the physical port, not the bridge port. So for each interface, I added a Firewall Rule to OPNsense for "for this interface with source LAN NET and destination LAN NET, pass". And it worked!

So then I looked back at the guide and Step 6 is setup tunables so pf filters based on the bridge rather than the member ports (https://docs.opnsense.org/manual/how-tos/lan_bridge.html#step-six).

So if anyone else has this problem... either add explicit firewall rules, or follow all the steps in the guide >_<