OPNsense Forum
Archive => 22.7 Legacy Series => Topic started by: N#h27 on December 04, 2022, 03:04:03 pm
-
Hello,
I'm on 22.7.6 on a protectli. I had a native interface and added vlan's over it with DHCP. I am tagging with a Unifi switch on my "LAN" Port.
It didn't work so I rebooted. After a reboot, it works for something like 10 minutes (DHCP works well on every vlan), firewall to. Then, for seamingly no reason at all, it stops working. No DHCP and not possible to ping the gateway even if I set my IP's manually in the vlan's (native interface still works). After that happen's, I get a small cut in all interfaces and PPPoE's are restarting.
I get this in the log's. No idea from where it comes. Any idea on where to start searching or what I could give to help to track the problem down?
SOLVED ! Solution was this :
What are the hardware offloading settings? Have you tried various variants of these, already? I'd start with "disable everything".
Thanks mate. I had left everything by default. I explicitely dissabled the VLAN Hardware Filtering and it seems to be stable now :)
Now I would like to find out why it works until it doesn't anymore
-
The IPv6 config also seems to be messing with the entire thing
-
It is generally recommended not to mix tagged and untagged traffic on a single port.
-
I tried to put all my tagged vlan's on a dedicated port and keep the untaged (legacy) port apart. It sadly didn't helped
-
What are the hardware offloading settings? Have you tried various variants of these, already? I'd start with "disable everything".
-
Hello,
I didn't enable anything else then the default's. The strange thing is that it works for a while, then it stops for seamingly no reason and will not work again until reboot. Tell me if I can provide you with more info and what
-
Hello,
I'm on 22.7.6 on a protectli. I had a native interface and added vlan's over it with DHCP. I am tagging with a Unifi switch on my "LAN" Port.
It didn't work so I rebooted. After a reboot, it works for something like 10 minutes (DHCP works well on every vlan), firewall to. Then, for seamingly no reason at all, it stops working. No DHCP and not possible to ping the gateway even if I set my IP's manually in the vlan's (native interface still works). After that happen's, I get a small cut in all interfaces and PPPoE's are restarting.
I get this in the log's. No idea from where it comes. Any idea on where to start searching or what I could give to help to track the problem down?
Just so I understand, the native VLAN continues to work, but the other tagged vlans do not?
The port that's uplijnking from the OPNsense port into the Unifi switch, do you have the port profile on the switch ports set to All ?
-
I did try with a custom trunk profile. And that's when I got the problem's
-
I did try with a custom trunk profile. And that's when I got the problem's
Well you shouldn't need to create a custom trunking profile honestly. Just mark the ports with the Profile "ALL"
That will automatically take your native vlan and pass it, and treat the others as tagged.
-
That doesn't sort the problem though. My Vlan client's can still ping each other through all the switches and the native vlan continues to work. But I completely loose all the vlan interfaces on the opnsense after a few minutes where it was working. The only log I get is the one I did put on the first post...
-
That doesn't sort the problem though. My Vlan client's can still ping each other through all the switches and the native vlan continues to work. But I completely loose all the vlan interfaces on the opnsense after a few minutes where it was working. The only log I get is the one I did put on the first post...
Do you have static IPs configured on those interfaces? I've used VLANs on OPNsense for years and never have I see this issue.
-
Yes I do. Static IP's, DHCPv4 server and RA for IPv6 that does tracking on my PPPoE Interface. (fun fact, when I loose the vlan's, I also loose IPv6 everywhere. So I suspect there might be some link somewhere)
-
Yes I do. Static IP's, DHCPv4 server and RA for IPv6 that does tracking on my PPPoE Interface. (fun fact, when I loose the vlan's, I also loose IPv6 everywhere. So I suspect there might be some link somewhere)
Interesting, can you disable IPv6 on those interfaces just to test?
-
I disabled it on the vlan's. I still get the same problem.
Here is the log dump.
What is really strange is that it's working for a while and then, it crashes out of nowhere
-
Also, I can see the devices are still in the ARP table. However, they are completely unreachable through ping, even with static ip's set up. It really looks like it forget's how to use vlan's even though I can see the interfaces existing in the CLI. The strangest thing is that it works fine, no packet loss, nothing. And then, it sudently just crashes
-
I just did a PCAP on the firewall side (Ubiquiti switch not capable of doing it on his side) to see what is actually hapening.
I see the trafic going out to the Vlan (vlan ID 4 in this case) but I don't see it come back. I wanted to disqualify the switch, so I unplugged/plugged it back in, no change what so ever. I rebooted the switch, no change. It really only works for 10 minutes or so when the firewall only is rebooted.
Maybe that the fact that traffic is going out and that the firewall doesn't see it come back might sugget some module/offload things in the background that I'm not aware off?
-
What are the hardware offloading settings? Have you tried various variants of these, already? I'd start with "disable everything".
Thanks mate. I had left everything by default. I explicitely dissabled the VLAN Hardware Filtering and it seems to be stable now :)
Now I would like to find out why it works until it doesn't anymore