@dumdedumda said in [SOLVED] Large file transfers between interfaces dropping:

@netnewb2 said in [SOLVED] Large file transfers between interfaces dropping:

Problem solved by adding static routes to VLANs that weren't in the same network as FreeNAS. I assume it had something to do with asymmetric routing and with FreeNAS not setting gateways on VLAN.

Currently dealing with a similar scenario myself-- where transferring large files inter-VLAN between FreeNAS and a client crashes the network.

Can you explain the process of "adding static routes to VLANs that weren't in the same network as FreeNAS"? Thanks!

Well, it’s been a while since the initial post and right now even I don’t understand what I was trying to do. Looks needlessly complicated.

AFAIR, it has something to do with FreeNAS on multiple VLANs and asymmetric routing. Example:

PC on 192.168.1.5
FreeNAS on 192.168.1.100 and 192.168.100.100

PC tries to access FreeNAS on 192.168.100.100. Works initially but after a while FreeNAS will try to respond via 192.168.1.100, as in, from the same VLAN as the PC.

Or another issue when FReenas tries to answer back from 100.100 but doesn’t have a gateway set on that interface. The solution was to add a gateway on 192.168.100.0/24 but that wasn’t an option (in the freenas gui). So I had to set a static route from Freenas something like, 192.168.1.0/24 via 192.168.100.1 (router interface on that VLAN that can talk between VLANs).

Tbh I can’t remember details and since then, I’ve moved on from freenas and pfsense

If "My PC" is not tagged you may need to set the correct native VLAN on the switch. I had that problem.

@pzanga said in VLAN priority setting question:

Let me ask you this - are you using the VLAN priority set option in your traffic shaper rules? I am figuring I will end up using that option to tag the VLAN priority on the incoming SIP traffic, while the phones tag the outgoing traffic.

No I'm not using VLAN priority set option in our traffic shaper rules.

@johnpoz It's on my own hardware that is on the FreeBSD hcl. It's the default untagged VLAN that stops working. It's the physical network. ex. eth0 192.168.1.1 eth0.10 192.168.10.1 As soon as I add the eth0.10 and assign it to the parent eth0 it all stops working. luckily I can get in over WAN but not on the LAN at all from anywhere. So I'm not even sure the VLAN is working or not because nothing works. The switch has the VLANs assigned and tagged and the native vlan, VLAN(1) is untagged.

@viragomann Hello,

thats it.
I had to enable the switch ports with tagged VLANs and enable the same on the Proxmox bridges. Now my VLANs are working properly and i can start over with the pfSense :-)

Thank you
Michael

@webdawg said in VLANS, Promiscuous Mode, and Mac Addresses:

Just a bridge to a different network...

Yeah there you go - that can cause all kinds of weirdness, especially with mac addresses that get seen with different IPs on them. Like with vlans on the same physical interface. Which should be isolated and devices in different vlans should really never know that interface with IP X on it has the same mac as IP Y.

Glad you got it sorted.

@johnpoz said in VLAN confusion:

unifi prob cheapest option - but I really don't think any of their stuff actually does L3, even though they have been talking about it for years. My sg300-28 does L3, and I got it new under 200, but it not any poe.

yep, that has been my unfortunate experience with Ubi and L3.

The "L3" 24 PoE I bought from Ubi was $800 so a Cisco for a bit more with better functionality will be worth it.

OK, so I used IX0 for VLAN10.

alt text

alt text

and here are the results:

alt text

and the CPU usage:
alt text

I'll update also the Netgate ticket

@bingo600 Yep... got it working. Thank you so much again.. :)

@jknott anything that hairpins could be considered on a stick. But the 6100 is not going to force that type of setup for anything, it has plenty of interfaces to work with.

He could chose to setup vlans that hairpin when they talk to each other - or he could set it up so vlans that talk use different physical interfaces. He has plenty of interfaces to work with ;)

But to me the whole router on a stick term came from being forced to run a router with only 1 actual physical interface. I would not consider a router 8 physical interfaces "on a stick" ;)

@ninthwave

I have a pfSense with two LAN's : one for the company, with all the ethernet printers, and a second quest LAN (using the captive portal).
I have a firewall rule on this second LAN that permits to contact user from the captive portal to contact the IP's of my printers.

I've installed Avahi, so phones and devices can discover network services.
This is what they see :

313e6945-7183-4c6d-a15c-cfb7341607ad-image.png

btw : no need for 'cups' ....

@rafterx Your port on the switch should look something like GE2, GE1 is my router to switch interlink :-

Screenshot 2021-10-24 at 10.11.03.png

Screenshot 2021-10-24 at 10.11.26.png

Screenshot 2021-10-24 at 10.18.37.png

The only difference would be that I have my management network for my Aruba AP22 & switches on the untagged vlan 4903.