Messages

1

18.1 Legacy Series / Re: VLANs - Multiple LAN ports

« on: February 28, 2018, 09:51:44 am »

Yeah.

Buy.

Spend a couple hundred bucks on an out of the box solution that I can have up and running in 15 minutes vs spending untold hours trying to make an undocumented product work. As it stands, I've invested over 16 hours in attempting to get this extremely simple task running with absolutely zero success.

I am out of ideas on how to get this to work and the ideas that have been floated have been unsuccessful. That is not to say that I don't appreciate them. I definitely do. Sadly, the facts of the matter are that I have a network that is screwed, no idea how to fix it, no leads to follow to fix it, and no documentation to engross myself in to even attempt to troubleshoot this issue.

Every time I work with a community supported *nix product, I end up with a bitter taste in my mouth and the overarching feeling of "this is exactly why Linux will never be a mainstream product". I also swear that "this will be the last time"... right up until I try it again.

I've seen nothing to change that view - though I was hoping beyond hope to have an open source solution that actually worked for me.

Thanks for your amazingly insightful post though!

2

18.1 Legacy Series / Re: VLANs - Multiple LAN ports

« on: February 27, 2018, 07:08:48 am »

Yeah...

Might be time to scrap this project and buy a finished product.

3

18.1 Legacy Series / Re: VLANs - Multiple LAN ports

« on: February 25, 2018, 04:47:08 pm »

Also,

The only firewall rules I have are the "Default allow LAN to any rule" that allows everything else to communicate correctly.

Does a VLAN need an additional rule or..?

Why is there no documentation for any of this?! 

4

18.1 Legacy Series / Re: VLANs - Multiple LAN ports

« on: February 25, 2018, 04:44:19 pm »

Sorry for the delay in replying, I've been busy with other projects.

Here's a recap of where I'm at.

I want to have VLANs span across multiple LAN interfaces and be able to communicate across those interfaces.

I currently have the following configured:

bxe0 and bxe1 (my LAN interfaces) - Bridged as Bridge0

bxe0, VLAN10_a
bxe1, VLAN10_b
VLAN10_a & VLAN10_b bridged as "VLAN10" Bridge1

The DHCP IP assignments are handed out by VLAN10 under Bridge1

Now... I have a device connected to one of my switches that successfully pulls a DHCP IP address from the VLAN10 DHCP Pool.

But! - That device will not connect to the internet and I cannot ping to it from the router or ping the router from the device. I've set firewall rules on the Bridge as well as the two member VLANs with no success.

I really don't understand why this isn't working.

5

18.1 Legacy Series / Re: VLANs - Multiple LAN ports

« on: February 20, 2018, 04:19:32 am »

Well...

It made logical sense and I really thought it would work but - no dice.

I'm testing on VLAN 10 without success. No connectivity now but I do get IP addresses assigned from the VLAN 10 DHCP server.

Any ideas..?

6

18.1 Legacy Series / Re: VLANs - Multiple LAN ports

« on: February 19, 2018, 07:09:19 am »

I built a little rackmount router with a total of physical interfaces with the following configuration for the interfaces:

Doh! Should read "...total of 4 physical interfaces..."

7

18.1 Legacy Series / VLANs - Multiple LAN ports

« on: February 19, 2018, 07:07:31 am »

Hey guys,

I've got a fun one for ya! I have been unable to figure out what I'm doing wrong and could really use some insight here...

I built a little rackmount router with a total of physical interfaces with the following configuration for the interfaces:

re0 - DHCP WAN
re1 - 192.168.15.1/24 - VoIP router dedicated port
bxe0 - Basement Switch (TL-SG3216 v1.0)
bxe1 - 2nd Floor Switch (TL-SG3216 v2.0)

The following have also been created:

bridge0 - comprising bxe0 and bxe1
VLAN1 - 192.168.1.1/24 (parent bxe0)
VLAN10 - 192.168.10.1/24 (parent bxe0)

My network is configured as follows:

|-----Router-----|

bxe0|                       |bxe1

TL-SG3216-B<---->TL-SG3216-2

Disregard the link between the two switches - for the moment, I have disconnected this connection as I haven't had a chance to set up STP.

So here's my problem...

I've been trying to get the VLANs to apply to both switches (bxe0 & bxe1) but I can't seem to pull it off. I've tried adding the VLANs into my bridge interface to see if that would work but everything becomes inaccessible and I have to gui into the router through my VoIP port to change everything back.

Everything works fine out of bxe0 - all VLANs correctly deploy DHCP and all clients can successfully connect.

Aside from that, the bxe1 side of the network is basically inaccessible. I can manually ping from the router to the managed IP address of the bxe1 connected TL-SG3216 switch - but I have no other connectivity.

How does one go about putting the same VLAN in place across multiple LAN interfaces in OPNsense? Does the VLAN need to be on a bridge or..?

I'm so confused by how the VLAN interface assignments work in opnsense - it just doesn't seem very intuitive to me from anything else I've ever worked with.