Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Zenarmor (Sensei)
»
Adding trunk interface breaks vlan routing
« previous
next »
Print
Pages: [
1
]
Author
Topic: Adding trunk interface breaks vlan routing (Read 1733 times)
greY
Newbie
Posts: 40
Karma: 4
Adding trunk interface breaks vlan routing
«
on:
October 22, 2022, 08:41:53 pm »
Hi,
looks like adding the trunk interface to the protected interfaces breaks the routing between VLANs.
Can anybody confirm?
Adding single VLANs seems to be OK, but then not able to protect the LAN...
Deployment mode: Routed Mode (L3 Mode, Reporting + Blocking) with native netmap driver
Engine Version: 1.11.5 View Release Notes Version History
UI Version: 22.9.22
Database Version: 1.11.22092202
OPNsense 22.7.6-amd64
HW offload is default/disabled
greY
«
Last Edit: October 22, 2022, 08:45:30 pm by greY
»
Logged
mb
Hero Member
Posts: 941
Karma: 99
Re: Adding trunk interface breaks vlan routing
«
Reply #1 on:
October 22, 2022, 09:33:04 pm »
Hi @greY,
What happens if you put zenarmor into Bypass Mode? Is it the same?
Logged
greY
Newbie
Posts: 40
Karma: 4
Re: Adding trunk interface breaks vlan routing
«
Reply #2 on:
October 23, 2022, 12:45:40 am »
yes, forgot to mention that. The bypass mode has no impact, only removing the interface enables the vlan routing again. This box is a Hyper-V guest.
I also tested the behavior on a business edition hardware box which seems not to have this issue.
«
Last Edit: October 23, 2022, 10:58:32 am by greY
»
Logged
mb
Hero Member
Posts: 941
Karma: 99
Re: Adding trunk interface breaks vlan routing
«
Reply #3 on:
October 23, 2022, 08:04:49 pm »
Hi @greY,
Thanks for the additional information. Very helpful.
This suggests that this is a netmap issue. Because zenarmor in bypass mode does nothing more than basically switching packets back and forth. It behaves like a dummy bridge.
Having said that, if this config is working in a different scenario, that might be a useful hint.
By business edition, are you referring to OPNsense Business edition? If so, can you share the exact version information?
Logged
greY
Newbie
Posts: 40
Karma: 4
Re: Adding trunk interface breaks vlan routing
«
Reply #4 on:
October 24, 2022, 11:13:14 am »
Hi @mb
yes I'm referring to th OPNsense Business Edition.
Versions
OPNsense 22.4.3_1-amd64
FreeBSD 13.0-STABLE
OpenSSL 1.1.1q 5 Jul 2022
Zenarmor
Engine Version: 1.11.5
UI Version: 22.9.22
Database Version: 1.11.22092202
Logged
mb
Hero Member
Posts: 941
Karma: 99
Re: Adding trunk interface breaks vlan routing
«
Reply #5 on:
October 24, 2022, 07:43:02 pm »
@greY thanks, very helpful.
Most probably, there has been a driver update in the meantime causing a regression on the netmap support.
These days, we're working on a project which tries to bring a driver-agnostic methodology with regard to netmap support, this feedback will be very helpful.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Zenarmor (Sensei)
»
Adding trunk interface breaks vlan routing