OPNsense Forum

Archive => 17.1 Legacy Series => Topic started by: bluefish on May 17, 2017, 11:38:31 am

Title: VLAN on OPT1 - driving me nuts
Post by: bluefish on May 17, 2017, 11:38:31 am

Hi,
I am a new OPNsense user trying to get a guest network up and running.
The exact setup worked fine on a simular box using endian.
OPT1 is on a managed netgear GS724TP, the port is in PVID 20 as are the other ports of the Wireless APs.  Traffic coming from the APs is tagged coming from a dedicated SSID.
I setup re2_VLAN0
re2_vlan20: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
   ether 00:06:4f:66:25:40
   inet6 fe80::206:4fff:fe66:2540%re2_vlan20 prefixlen 64 scopeid 0x9
   nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
   media: Ethernet autoselect (1000baseT <full-duplex>)
   status: active
   vlan: 20 vlanpcp: 0 parent interface: re2
   groups: vlan

Parent interface obviously is re2
re2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
   options=2008<VLAN_MTU,WOL_MAGIC>
   ether 00:06:4f:66:25:40
   inet6 fe80::206:4fff:fe66:2540%re2 prefixlen 64 scopeid 0x3
   inet 192.168.99.253 netmask 0xffffff00 broadcast 192.168.99.255
   nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
   media: Ethernet autoselect (1000baseT <full-duplex>)
   status: active

re2_vlan20: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
   ether 00:06:4f:66:25:40
   inet6 fe80::206:4fff:fe66:2540%re2_vlan20 prefixlen 64 scopeid 0x9
   nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
   media: Ethernet autoselect (1000baseT <full-duplex>)
   status: active
   vlan: 20 vlanpcp: 0 parent interface: re2
   groups: vlan

Did tcpdump on re2 and I am seeing a valid DHCP discover request coming in.  I don't see an offer going out though.  DHCP is listening on re2 and re1.  re1 works fine (LAN interface).
dhcp.log is not registering any activity for re2, it does for re1.

the re1 interface - when I tcpdump it for ports 67 or port 68 it shows the request coming in and the offer going out.  When I do the same on re2 I am not seeing anything coming in on those ports.  When I don't filter on those ports like I said before I do see the request coming in but not the offer going out.
The request on port 67 are coming in on the VLAN interface re2_vlan20.  Same behaviour though request comes in but no response back. This looks to be a VLAN interface issue for some reason.  The HW is supporting it though.  I got the last version for freebsd 1.93 on the REALTEK eth adapters (1Gb).

Desperate for help here guys.  Its driving me nuts.  Thanks