Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfSense won't get IP from Frontier Fiber.

    Scheduled Pinned Locked Moved General pfSense Questions
    43 Posts 8 Posters 10.4k Views 7 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J Offline
      Jarhead
      last edited by

      So I'm connecting someone to Frontier 500M internet with a pfSense 2.6 box but it will not get an IP.
      Does anyone know if there's any advanced settings needed for the WAN port and Frontier?
      The only other Frontier I connected was using 802.1x so I had to bridge 'their' router and that worked but this one doesn't use 802.1x.

      I have tried 2 different pfSense boxes, one 2.6, the other latest pfSense+, 22.1?, and neither would get an IP.
      I can plug a laptop into the ONT and I get an address.
      I can plug their provided Eero 6 Pro in and get an address.
      Just can't with pfSense.

      K stephenw10S 2 Replies Last reply Reply Quote 0
      • K Offline
        ktheed @Jarhead
        last edited by

        @jarhead I am having similar issues with Gigafast here in the UK from Vodafone.....I know they use a VLAN so maybe yours does too that has to be applied to the PPPoE interface.

        J 1 Reply Last reply Reply Quote 0
        • J Offline
          Jarhead @ktheed
          last edited by

          @ktheed I just tried the router at my house, and my brothers house.
          Works fine at both.
          The only difference is the ONT. My brothers and mine are both FOX222's, the white model, the new install uses a black ONT. I didn't get the model number but that's the only difference so it's has to be that.
          Talked to Frontier and they refuse to swap it for a FOX222.
          The homeowner is gonna try to get a tech out, who would probably swap it without any issue. Funny how the "phone techs" don't want to help at all but the in-person tech will do anything to help.
          If they won't swap it, gonna have to cancel.

          1 Reply Last reply Reply Quote 0
          • stephenw10S Offline
            stephenw10 Netgate Administrator @Jarhead
            last edited by

            @jarhead said in pfSense won't get IP from Frontier Fiber.:

            I can plug a laptop into the ONT and I get an address.
            I can plug their provided Eero 6 Pro in and get an address.

            How are they connecting?

            Does pfSense even link to the ONT correctly?

            Steve

            J 1 Reply Last reply Reply Quote 0
            • J Offline
              Jarhead @stephenw10
              last edited by

              @stephenw10 Not sure what "how are they connecting?" means?

              pfSense does link but will not pull an address.
              Tried the advanced settings of 'FreeBSD default' and 'pfSense default' and neither made a difference.

              1 Reply Last reply Reply Quote 0
              • stephenw10S Offline
                stephenw10 Netgate Administrator
                last edited by stephenw10

                I mean DHCP, PPPoE, something more unusual?

                Sounds like DHCP though. I would try a packet capture on the interface to see what's actually being sent.

                One thing that could apply here is pfSense dropping reply packet that are tagged VLAN0 (priority tagged). We have seen that before on other ISPs. If that is the case a managed switch in between will usually drop the tags and allow pfSense to see it.

                https://redmine.pfsense.org/issues/12070

                Steve

                J 1 Reply Last reply Reply Quote 0
                • J Offline
                  Jarhead @stephenw10
                  last edited by

                  @stephenw10 said in pfSense won't get IP from Frontier Fiber.:

                  https://redmine.pfsense.org/issues/12070

                  Good info! Thanks.
                  I'll try it tonight.

                  J 1 Reply Last reply Reply Quote 0
                  • J Offline
                    Jarhead @Jarhead
                    last edited by

                    That was it.
                    Might be time for FreeBSD to allow Vlan0 since more and more ISP's are now using it.

                    1 Reply Last reply Reply Quote 0
                    • stephenw10S Offline
                      stephenw10 Netgate Administrator
                      last edited by

                      Indeed. Add a note to the open bug if you can. It would be good to get it supported upstream but we will need significant evidence it's required.

                      So you were able to connect using a switch?

                      Steve

                      J 1 Reply Last reply Reply Quote 0
                      • J Offline
                        Jarhead @stephenw10
                        last edited by

                        @stephenw10 I was. Just put two ports into a separate untagged vlan and connected one to the ONT, the other to WAN and instant IP address.

                        J 1 Reply Last reply Reply Quote 1
                        • J Offline
                          Jarhead @Jarhead
                          last edited by

                          Has anyone seen this?
                          Couldn't it be implemented?

                          FreeBSD man ifconfig
                          pcp priority_code_point
                          Priority code point (PCP) is an 3-bit field which refers to the
                          IEEE 802.1p class of service and maps to the frame priority
                          level.

                           -pcp    Stop tagging packets on the interface w/ the priority code	point.
                          
                          1 Reply Last reply Reply Quote 0
                          • stephenw10S Offline
                            stephenw10 Netgate Administrator
                            last edited by

                            You can set priority tags, there's a field for it in the pfSense gui, but you can only do it on VLAN tagged packets. FreeBSD won't allow you to set VLAN0 which is what is used for priority only tagging.

                            Steve

                            J 1 Reply Last reply Reply Quote 0
                            • J Offline
                              Jarhead @stephenw10
                              last edited by

                              @stephenw10
                              Saw that after posting. Looks like FreeBSD 13.1 will be the fix for this. Any idea when pfSense will use 13.1?

                              1 Reply Last reply Reply Quote 0
                              • stephenw10S Offline
                                stephenw10 Netgate Administrator
                                last edited by

                                Hmm, I wasn't aware that had changed in any FreeBSD version. You have a link to that?

                                J 1 Reply Last reply Reply Quote 0
                                • BogusExceptionB Offline
                                  BogusException
                                  last edited by

                                  @Jarhead You might already have this resolved, but I've had a hell of a time with customers trying to put the Frontier modems in bridge mode (what I prefer). It hosed up their static address assignments, too.

                                  I am forced to disable bridge mode on them. Will switching over to whichever one (bridged/non-bridged) you aren't on now make a difference?

                                  J 1 Reply Last reply Reply Quote 0
                                  • stephenw10S Offline
                                    stephenw10 Netgate Administrator
                                    last edited by stephenw10

                                    Are you able to test a 2.7 snapshot?

                                    I don't have any easy way of testing it but it looks like that's included there already:

                                    [2.7.0-DEVELOPMENT][admin@cedev.stevew.lan]/root: ifconfig em0 pcp 4
                                    [2.7.0-DEVELOPMENT][admin@cedev.stevew.lan]/root: ifconfig em0
                                    em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
                                    	description: webserver
                                    	options=81209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,VLAN_HWFILTER>
                                    	ether d2:43:8f:91:74:e7
                                    	pcp 4
                                    	inet6 fe80::d043:8fff:fe91:74e7%em0 prefixlen 64 scopeid 0x1
                                    	inet 172.25.10.1 netmask 0xffffff00 broadcast 172.25.10.255
                                    	media: Ethernet autoselect (1000baseT <full-duplex>)
                                    	status: active
                                    	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
                                    

                                    Unclear what behavior that sets for incoming tagged traffic.

                                    J 1 Reply Last reply Reply Quote 0
                                    • J Offline
                                      Jarhead @stephenw10
                                      last edited by

                                      @stephenw10
                                      The snippet I posted was from 13.1 man page where it's applied to all interfaces. If you look at the 12.3 man page it's only applied to vlans. It's actually called vlanpcp or something like that.

                                      1 Reply Last reply Reply Quote 0
                                      • J Offline
                                        Jarhead @BogusException
                                        last edited by

                                        @bogusexception I don't use their router (no modem needed with fiber) anymore. This install wasn't mine though and they don't even provide a router anymore. Actually they provide an Eero 6 Pro but it's not much of a router and I would never use it as one.
                                        But before learning this (yesterday) I did still use their router (Arris NVGsomething) and it worked fine. Their newer, not sure when, firmware added a 'transparent bridge' mode which was more of a true bridge than the more common DHCP reservation suedo-bridge instructions you find all over the internet. If you're using one of their arris routers go to advanced/connection and you'll find the bridge mode there. My biggest thing was I didn't want another device plugged in so I changed my install to the switch in between yesterday and it's working perfectly.

                                        1 Reply Last reply Reply Quote 0
                                        • J Offline
                                          Jarhead @stephenw10
                                          last edited by

                                          @stephenw10 I actually do have a "lab" box I have pfSense+ on. If I get time tomorrow maybe I'll give that a shot!

                                          1 Reply Last reply Reply Quote 1
                                          • stephenw10S Offline
                                            stephenw10 Netgate Administrator
                                            last edited by stephenw10

                                            Mmm, it might 'just work'. pfSense is built on 12-stable. So whilst it still shows as 12.3 it's actually newer.
                                            Though it looks like that code has actually been in ifconfig for some years:
                                            https://github.com/pfsense/FreeBSD-src/commit/9de215608cfe3e871e92c6d6444063dd8be2b5c9
                                            And it specifically mentions only tagging outbound traffic and that incoming traffic may be filtered by the driver.

                                            Steve

                                            J 1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.