I am going crazy at this point and need some help.
OPNSense is currently running on proxmox with 2 physical NICs attached.
I currently have LAN interface working perfectly fine with DNSMASQ as DHCP as well. I am now trying to introduce a VLAN and testing with one machine.
I have added the DHCP range for vlan0.30 interface and enabled it in dnsmasq as well.
Also enabled VLAN tag in proxmox LXC settings.
The traffic is reaching vtnet1 with correct vlan tag but nothing on vlan0.30.
VLAN HARDWARE Filtering is also disabled.
Here are some command outputs:
root@fw:~ # ifconfig vtnet1
vtnet1: flags=1028943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST,PPROMISC,LOWER_UP> metric 0 mtu 1500
description: LAN (lan)
options=980008<VLAN_MTU,LINKSTATE,NETMAP,HWSTATS>
ether bc:24:11:24:95:74
inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
inet6 fe80::be24:11ff:fe24:9574%vtnet1 prefixlen 64 scopeid 0x2
media: Ethernet autoselect (10Gbase-T <full-duplex>)
status: active
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
root@fw:~ # ifconfig vlan0.30
vlan0.30: flags=1008943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500
description: lab (opt3)
options=80000<LINKSTATE>
ether bc:24:11:24:95:74
inet 192.168.30.1 netmask 0xffffff00 broadcast 192.168.30.255
groups: vlan
vlan: 30 vlanproto: 802.1q vlanpcp: 0 parent interface: vtnet1
media: Ethernet autoselect (10Gbase-T <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
root@fw:~ # tcpdump -i vtnet1 -e -nn vlan 30
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on vtnet1, link-type EN10MB (Ethernet), snapshot length 262144 bytes
14:16:41.408803 bc:24:11:a5:01:a1 > 33:33:00:00:00:16, ethertype 802.1Q (0x8100), length 94: vlan 30, p 0, ethertype IPv6 (0x86dd), :: > ff02::16: HBH ICMP6, multicast listener report v2, 1 group record(s), length 28
14:16:41.450275 bc:24:11:a5:01:a1 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 346: vlan 30, p 0, ethertype IPv4 (0x0800), 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from bc:24:11:a5:01:a1, length 300
14:16:41.594714 bc:24:11:a5:01:a1 > 33:33:00:00:00:16, ethertype 802.1Q (0x8100), length 94: vlan 30, p 0, ethertype IPv6 (0x86dd), :: > ff02::16: HBH ICMP6, multicast listener report v2, 1 group record(s), length 28
14:16:42.867763 bc:24:11:a5:01:a1 > 33:33:00:00:00:16, ethertype 802.1Q (0x8100), length 94: vlan 30, p 0, ethertype IPv6 (0x86dd), fe80::be24:11ff:fea5:1a1 > ff02::16: HBH ICMP6, multicast listener report v2, 1 group record(s), length 28
14:16:43.163732 bc:24:11:a5:01:a1 > 33:33:00:00:00:16, ethertype 802.1Q (0x8100), length 94: vlan 30, p 0, ethertype IPv6 (0x86dd), fe80::be24:11ff:fea5:1a1 > ff02::16: HBH ICMP6, multicast listener report v2, 1 group record(s), length 28
14:16:44.144804 bc:24:11:a5:01:a1 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 346: vlan 30, p 0, ethertype IPv4 (0x0800), 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from bc:24:11:a5:01:a1, length 300
14:16:47.189384 bc:24:11:a5:01:a1 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 346: vlan 30, p 0, ethertype IPv4 (0x0800), 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from bc:24:11:a5:01:a1, length 300
^C
7 packets captured
4091 packets received by filter
0 packets dropped by kernel
root@fw:~ # tcpdump -i vlan0.30
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on vlan0.30, link-type EN10MB (Ethernet), snapshot length 262144 bytes
^C
0 packets captured
0 packets received by filter
0 packets dropped by kernel
For the love of god I can't figure what's wrong here. I have also tried enabling promiscuous mode on LAN interface. But I can't seem to get DHCP working.
Also adding some screenshots.