Show Posts
1
22.1 Legacy Series / TCP stream stops being routed
« on: February 19, 2022, 10:39:58 pm »
Hello, I'm having some connection issues between two vlans for which OPNsense is the router.
I believe (but am not sure) that this started with the upgrade to 22.1.
I'm running OPNsense as a VM, with a network card being passed in via PCI passthrough.
It's a router on a stick with a bunch of vlans on a trunk port. The relevant ones for this path are
vlan 100 - 192.168.0.1/24
vlan 102 - 192.168.2.1/24
Both vlans are dual stack, using a delegated prefix from upstream.
When I SSH from a device on vlan100 (192.168.0.53) to a device on vlan102 (192.168.2.23) using IPv4 the connection works for a little bit before hanging, and eventually disconnecting.
I have attached packet captures for both interfaces which show packets making it in both directions just fine for a while, but after frame 76, nothing makes it out vlan 102.
When I ssh over v6 between the same two hosts the connection seems unaffected.
At first I thought his might be arp related, but watching the arp table on opnsense shows no issues.
Any ideas for what I should be looking at next, or how I can debug this?
I believe (but am not sure) that this started with the upgrade to 22.1.
I'm running OPNsense as a VM, with a network card being passed in via PCI passthrough.
It's a router on a stick with a bunch of vlans on a trunk port. The relevant ones for this path are
vlan 100 - 192.168.0.1/24
vlan 102 - 192.168.2.1/24
Both vlans are dual stack, using a delegated prefix from upstream.
When I SSH from a device on vlan100 (192.168.0.53) to a device on vlan102 (192.168.2.23) using IPv4 the connection works for a little bit before hanging, and eventually disconnecting.
I have attached packet captures for both interfaces which show packets making it in both directions just fine for a while, but after frame 76, nothing makes it out vlan 102.
When I ssh over v6 between the same two hosts the connection seems unaffected.
At first I thought his might be arp related, but watching the arp table on opnsense shows no issues.
Any ideas for what I should be looking at next, or how I can debug this?