[Solved] Bridge isn't passing traffic between physical ports

Started by bobpaul, August 10, 2020, 05:47:41 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 10, 2020, 05:47:41 AM Last Edit: August 11, 2020, 01:50:52 AM by bobpaul
I followed the guide for Bridged LAN and it appeared to work, but it turns out it's only half working.

I have igb0 set as WAN, bridge0 set as LAN. Bridge0 contains igb1, igb2, and igb3 (though only igb2 and 3 are plugged in).

All connected links can talk to the router; DHCP works, hosts have internet access, etc. But hosts on igb2 can't talk to hosts on igb3.

Any suggestions on how to proceed?
August 11, 2020, 02:01:35 AM #1
Derp, ok. I'm dumb.

Today I noticed in FreeBSD's handbook that bridges are affected by the packet filter. Specifically, pf treats packets flowing through the bridge as entering the physical port, not the bridge port. So for each interface, I added a Firewall Rule to OPNsense for "for this interface with source LAN NET and destination LAN NET, pass". And it worked!

So then I looked back at the guide and Step 6 is setup tunables so pf filters based on the bridge rather than the member ports.

So if anyone else has this problem... either add explicit firewall rules, or follow all the steps in the guide >_<
Print
Go Up Pages1
User actions