Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
22.7 Legacy Series
»
[SOLVED] Routing traffic to an IPVLAN network
« previous
next »
Print
Pages: [
1
]
Author
Topic: [SOLVED] Routing traffic to an IPVLAN network (Read 1213 times)
swILeZBa
Newbie
Posts: 28
Karma: 2
[SOLVED] Routing traffic to an IPVLAN network
«
on:
November 01, 2022, 09:28:55 am »
Hello,
I am trying to use a RPi with containers connected in an IPVLAN network.
For those that may not know about this in IPVLAN the host (RPi in this case) acts as a router and the containers are in subnets within the host which by default are not connected to anything.
Therefore I need to tell OPNSense to know how to get to them.
The first thing that I have tried is to use Static Routes even though there is a warning that you should use this with external routers (mine is in the same subnet).
This mainly works apart from an issue with SSH. When SSH'ing into the container the connection will drop after 30 seconds if FW Optimizations are set to normal or 15 minutes if they are set to conservative. You can notice that into the Live View because the rule Default Deny/state violation rule will fire. Another way is to go to Diagnostics -> Sessions and notice the expiration value.
As far as I understand this is caused because the SSH connection does not send anything to keep alive the connection and only works so far as its original expiration. I have tried tampering with TCPKeepAlive, ServerAliveInterval options in the SSH client side and server side but nothing seems to change it.
What I would like to try is to replicate the static route with a firewall rule in hopes that this will behave better and will allow the SSH connection to understand that it is still alive but I am not sure how to set that up.
I tried a pass FW rule with source LAN net and destination the subnet in IPVLAN and to setup the RPi as a gateway but this does not work.
Has anyone had the same problem? Can you advise on what I am missing?
«
Last Edit: November 02, 2022, 03:54:46 pm by swILeZBa
»
Logged
swILeZBa
Newbie
Posts: 28
Karma: 2
Re: Routing traffic to an IPVLAN network
«
Reply #1 on:
November 02, 2022, 03:52:45 pm »
Yeah, I figured it out. And to give credit wherever it's due I think I saw it in
this
HomeNetworkGuy article.
This may be a workaround but it will serve me for now.
So to solve go to Firewall ->Settings -> Advanced -> Static route filtering and tick/enable Bypass firewall rules for traffic on the same interface.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
22.7 Legacy Series
»
[SOLVED] Routing traffic to an IPVLAN network