Same VLAN traffic being logged (blocked) by the FW

[opn_nwo]

In my home network I have a MEDIA VLAN I use for all kinds of devices (gaming consoles, STB, Google Home, Chromecasts, Smart TVs etc). Some are wired others are WiFi. I used Ubiqiti Unifi APs and switches.

Over the past few days I noticed in the FW logs entries of some Google devices trying to connect to my TV STB (Android TV based). Being on the same VLAN and broadcast domain (192.168.177.0/24) I would not expect to see any traffic "captured" by the log. Those devices should be able to connect to each other without going through OPNsense.

However in the logs (attached) I can see a bunch of 192.168.177.xx devices trying to reach my STB box (192.168.177.55) on UDP 10006. In order to keep the logs "clean" I added an allow rule for that traffic, but I do not understand why this is happening. It does not make sense to me.

[thogru]

Hi opn_nwo,

TO my understanding packets having source and destination in the same net (in your case 192.168.177.0/24) do not need a router to reach the target machine.

On the other hand your router is part of 192.168.177.0/24 as well. So I assume the router take the packets and discard them based on your rules.

Base on this I would think that everything works fine before you added the "log suppressing" rule.

Kind Regards,
Thomas