Messages

1

24.1 Legacy Series / Bridge or LAGG with VLANs ?

« on: May 23, 2024, 05:41:41 am »

Hello Members,

I have an obvious requirement.

My OPNsense is on proxmox with 2 NIC ports pass-through to vm(1 for WAN, another for LAN with VLANS). And I have few other VM/LXC servers on same host.

Till now what I do is, pass the server data through virt-bridge on proxmox management port --> Switch and Switch --> OPNsense.

I want to have, OPNsense to servers communication through proxmox backplane (virt-bridge), bypassing the switch and cables.

What I did:

created vmbr1 on proxmox with vlan-aware. added vlan200 with ip on top of vmbr1. Added vmbr1 to OPNsense. so now I have 3 physical port seen from OPNsense(vtnet1, igb0, igb1)

1) Created LAG with vtnet1 with igb1. and then vlan on top of lagg. -- that didnt work. Probably that is not the right approach to use LAG.

2) Created vlans on igb0 and vtnet1 simultaneously. created bridge on same vlans from vtnet1 & igb0. set IP for bridge. -- that didnt work either.

What will be the right approach to do this?

2

24.1 Legacy Series / Re: DHCP relay issues

« on: May 19, 2024, 04:11:04 pm »

I was testing with this and that. Narrowed down to move the freerad server to different vlan, where I didnt enable relay. That worked.

Seems like server and relay on same vlan is not permitted for some reason. Anyway I'm happy ...for now.

3

24.1 Legacy Series / Re: DHCP relay stops working in 24.1.6

« on: May 19, 2024, 04:07:24 pm »

Well, so far what I did was moved the dhcp server to different vlan, and I didnt enable relay on that vlan.

So far config is working since last 15 days. My doubt is, packets were looping (I read from someones advise on the forum) for some reason while server and relay are on same vlan. But the catch is, I didnt have to do this up till earlier version, and it was working no issues.

Hopefully, will not broke in near future.

4

24.1 Legacy Series / DHCP relay issues

« on: May 04, 2024, 07:29:49 am »

Hello members,

Its an unexpected behavior from DHCP Relay agents I couldn't find solution by myself.

Situation: I have 4 vlans and vlan1 is being management one, having a freeradius box as a dhcp server. All 4 vlans have dhcp relay agents configured pointed to the freeradius box.
What I expect that clients on vlans will broadcast for DHCP and the requests will be forwarded to freerad with gateway ip (interface ip) of concerned vlan.
Case1: Sometimes vlan3 or vlan4 (not noticed for vlan2 yet) client dhcp-request is received at freerad box having vlan1 gateway ip and vlan1 Network-subnet.
In freerad, I've created conditions on gateway ip or network-subnet to assign right vlan group attributes, but these misleading gateway ip is creating trouble to proper group assignment.

Case2: After 24.1.6 update, dhcp-discovery packets from vlan1 clients, are received at freerad box having gateway ip 0.0.0.0 and network-subnet 0.0.0.0/32. "ps aux" says dhcrelay process stat "R" for vlan1.
When I hit restart of dhcrelay service for vlan1 from ui, all started working normal. Now gateway-ip is the interface ip and Subnet is the correct subnet of vlan1, as expected. "ps aux" shows dhcrelay stat as "I" for vlan1 now.

I don't understand the source of the issue.

5

24.1 Legacy Series / Re: DHCP relay stops working in 24.1.6

« on: May 04, 2024, 05:43:34 am »

Similar issue here as well. I use dhcrelay to a freeradius box as dhcp server. Since last few days (probably after 24.1.6 update) dhcrelay is boken. Here is a snap of running dhcrelay stat -

# ps aux | grep dhcrelay
USER      PID  %CPU %MEM    VSZ   RSS TT  STAT STARTED       TIME COMMAND
_dhcp   33776 100.0  0.0  12644    788  -  R    21:33    526:09.32 /usr/local/sbin/dhcrelay -d -i vlan01 192.168.20.1
root    31008   0.0  0.0  12724    588  -  Is   21:33      0:00.00 daemon: /usr/local/sbin/dhcrelay[31060] (daemon)
_dhcp   31060   0.0  0.0  12644    788  -  I    21:33      0:00.00 /usr/local/sbin/dhcrelay -d -i vlan04 192.168.20.1
root    31789   0.0  0.0  12724    644  -  Is   21:33      0:00.01 daemon: /usr/local/sbin/dhcrelay[32464] (daemon)
_dhcp   32464   0.0  0.1  12644   1076  -  I    21:33      0:00.07 /usr/local/sbin/dhcrelay -d -i vlan03 192.168.20.1
root    32873   0.0  0.0  12724    592  -  Is   21:33      0:00.01 daemon: /usr/local/sbin/dhcrelay[33776] (daemon)
root    93171   0.0  0.0  12724    652  -  Is   21:35      0:00.00 daemon: /usr/local/sbin/dhcrelay[93896] (daemon)
_dhcp   93896   0.0  0.1  12644   1096  -  I    21:35      0:00.00 /usr/local/sbin/dhcrelay -d -i vlan02 192.168.20.1
root    28592   0.0  0.0    436    256  0  R+   08:20      0:00.00 grep dhcrelay

after I hit restart vlan01 dhcrelay service, things started working again. Stats are now showing like -

# ps aux | grep dhcrelay
USER      PID  %CPU %MEM    VSZ   RSS TT  STAT STARTED       TIME COMMAND
root     4195   0.0  0.1  12724  2016  -  Is   08:47      0:00.00 daemon: /usr/local/sbin/dhcrelay[4460] (daemon)
_dhcp    4460   0.0  0.1  12644  2144  -  I    08:47      0:00.00 /usr/local/sbin/dhcrelay -d -i vlan01 192.168.20.1
root    31008   0.0  0.0  12724   588  -  Is   21:33      0:00.00 daemon: /usr/local/sbin/dhcrelay[31060] (daemon)
_dhcp   31060   0.0  0.0  12644   788  -  I    21:33      0:00.00 /usr/local/sbin/dhcrelay -d -i vlan04 192.168.20.1
root    31789   0.0  0.0  12724   644  -  Is   21:33      0:00.02 daemon: /usr/local/sbin/dhcrelay[32464] (daemon)
_dhcp   32464   0.0  0.0  12644  1028  -  I    21:33      0:00.07 /usr/local/sbin/dhcrelay -d -i vlan03 192.168.20.1
root    93171   0.0  0.0  12724   652  -  Is   21:35      0:00.00 daemon: /usr/local/sbin/dhcrelay[93896] (daemon)
_dhcp   93896   0.0  0.0  12644  1000  -  I    21:35      0:00.00 /usr/local/sbin/dhcrelay -d -i vlan02 192.168.20.1
root    53374   0.0  0.1  12720  2196  0  S+   08:47      0:00.00 grep dhcrelay

Note: I doubt vlan02, vlan03, vlan04 are working all the time, but they cannot connect because APs are on vlan01 and most of my clients are wireless.