[SOLVED] help me answer the mystery unplugging LAN device drops WAN

Started by vale, December 30, 2023, 01:27:21 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 30, 2023, 01:27:21 PM Last Edit: December 30, 2023, 06:45:29 PM by vale
howdy folks  :).
pfsense convert here. I'm happy to begin using opnsense for my network.

I have a fun problem I would appreciate help debugging.

When I unplug the ethernet cable from a Linux client igc0 device (LAN), clients connected to the AP interface lose all upstream network access. They cannot reach the upstream router (opnsense).
I'm curious why this happens.

The  box is a Qotom J4105 that has 5 Intel I225-V ethernet ports. I have installed the latest opnsense with all patches.
I have stayed close to a default installation; some firewall and unbound configuration applied.
I am using IPv4 and have turned off IPv6 as far as I can tell.

I have 3 interfaces assigned to the first 3 ports:

  • LAN on igc0 Static IPv4 192.168.1.1/24
  • WAN on igc1 DHCP IPv4
  • AP on igc2 Static IPv4 (a bridged wireless access point running OpenWrt)


If I leave the LAN ethernet cable plugged into my Linux client, the clients connected to the AP can reach opnsense and WAN.
When I unplug the  LAN ethernet cable only from the Linux clients, the clients connected to the AP cannot reach opnsense or WAN.

This issue seemed similar to https://forum.opnsense.org/index.php?topic=27299.150
. I tried spoofing WAN and LAN MAC addresses but that did not resolve the issue.

I've also verified the ISP router retains the default route when I unplug the client ethernet cable on LAN.

Now for questions!

  • Is some kind of bridging behavior at work here?
  • What configuration should I post to focus the troubleshooting?

Thank you for reading and any insight.

(edited for formatting and incorrect LAN details)
December 30, 2023, 03:20:10 PM #1
You cannot have two interfaces with DHCP. What is the DHCP server for LAN and why?

Are LAN and AP bridged in OPNsense, possibly?
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
December 30, 2023, 03:34:40 PM #2
QuoteWhat is the DHCP server for LAN and why?

oops, I posted incorrectly. I have LAN set to a static interface.
I would like to have 1 DHCP server on the local network.

QuoteAre LAN and AP bridged in OPNsense, possibly?
Great question. How can I disconfirm this or view the status in the interface?
December 30, 2023, 06:32:16 PM #3
Did or didn't you manually create a bridge interface? Do LAN and AP use two separate IP networks or the same one?

If different, do clients on AP use the IP address of LAN on the OPNsense as a DNS server, possibly?

The first thing to consider: the moment you unplug an interface it goes "down". All IP addresses on that interface are not reachable, anymore. All services that are reached via these IP addresses are not reachable, anymore. All routes via that interface are deleted from the routing table.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
December 30, 2023, 06:45:06 PM #4
QuoteYou cannot have two interfaces with DHCP

Thanks for the insight Patrick!

I pondered this and realized how I had misconfigured LAN and AP to both use a DHCP server.
I then unchecked "Enable DHCP server on the LAN interface" in Services > DHCPv4 for LAN.

Then, unplugging the ethernet cable in igc0 did not cause clients connected to the AP interface by way of wifi to lose their WAN access.

Quote
Did or didn't you manually create a bridge interface?
I have not manually created a bridge interface.

Quote
Do LAN and AP use two separate IP networks or the same one?

LAN and AP are on the same IP network but different subnets.
LAN is 192.168.1.x.
AP is 192.168.30.x

Thanks for the reminder of all that happens when an interface drops.
December 30, 2023, 09:07:42 PM #5
But don't you need a DHCP service for your LAN clients? You can have only one interface configured with DHCP. That is your WAN. You can have as many statically configured interfaces as you like and of course you can run a DHCP server on all of them.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
January 04, 2024, 06:37:14 PM #6
I do need the ability to have LAN and other free interfaces offer connected clients an IP address via DHCP.

As a beginner, I was confused by configuring DHCP versus enabling DHCP service for an interface.

QuoteYou can have as many statically configured interfaces as you like and of course you can run a DHCP server on all of them.

This highlights what I missed.

To restate in my own words:
In OPNsense, you may only have one interface configured as DHCP.
You may have any of the other interfaces configured to use a DHCPv4 or DHCPv6 server.

This distinction was new to me!
Print
Go Up Pages1
User actions