Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfSense won't get IP from Frontier Fiber.

    Scheduled Pinned Locked Moved General pfSense Questions
    43 Posts 8 Posters 10.4k Views 7 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • stephenw10S Offline
      stephenw10 Netgate Administrator
      last edited by

      Hmm, I wasn't aware that had changed in any FreeBSD version. You have a link to that?

      J 1 Reply Last reply Reply Quote 0
      • BogusExceptionB Offline
        BogusException
        last edited by

        @Jarhead You might already have this resolved, but I've had a hell of a time with customers trying to put the Frontier modems in bridge mode (what I prefer). It hosed up their static address assignments, too.

        I am forced to disable bridge mode on them. Will switching over to whichever one (bridged/non-bridged) you aren't on now make a difference?

        J 1 Reply Last reply Reply Quote 0
        • stephenw10S Offline
          stephenw10 Netgate Administrator
          last edited by stephenw10

          Are you able to test a 2.7 snapshot?

          I don't have any easy way of testing it but it looks like that's included there already:

          [2.7.0-DEVELOPMENT][admin@cedev.stevew.lan]/root: ifconfig em0 pcp 4
          [2.7.0-DEVELOPMENT][admin@cedev.stevew.lan]/root: ifconfig em0
          em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
          	description: webserver
          	options=81209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,VLAN_HWFILTER>
          	ether d2:43:8f:91:74:e7
          	pcp 4
          	inet6 fe80::d043:8fff:fe91:74e7%em0 prefixlen 64 scopeid 0x1
          	inet 172.25.10.1 netmask 0xffffff00 broadcast 172.25.10.255
          	media: Ethernet autoselect (1000baseT <full-duplex>)
          	status: active
          	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
          

          Unclear what behavior that sets for incoming tagged traffic.

          J 1 Reply Last reply Reply Quote 0
          • J Offline
            Jarhead @stephenw10
            last edited by

            @stephenw10
            The snippet I posted was from 13.1 man page where it's applied to all interfaces. If you look at the 12.3 man page it's only applied to vlans. It's actually called vlanpcp or something like that.

            1 Reply Last reply Reply Quote 0
            • J Offline
              Jarhead @BogusException
              last edited by

              @bogusexception I don't use their router (no modem needed with fiber) anymore. This install wasn't mine though and they don't even provide a router anymore. Actually they provide an Eero 6 Pro but it's not much of a router and I would never use it as one.
              But before learning this (yesterday) I did still use their router (Arris NVGsomething) and it worked fine. Their newer, not sure when, firmware added a 'transparent bridge' mode which was more of a true bridge than the more common DHCP reservation suedo-bridge instructions you find all over the internet. If you're using one of their arris routers go to advanced/connection and you'll find the bridge mode there. My biggest thing was I didn't want another device plugged in so I changed my install to the switch in between yesterday and it's working perfectly.

              1 Reply Last reply Reply Quote 0
              • J Offline
                Jarhead @stephenw10
                last edited by

                @stephenw10 I actually do have a "lab" box I have pfSense+ on. If I get time tomorrow maybe I'll give that a shot!

                1 Reply Last reply Reply Quote 1
                • stephenw10S Offline
                  stephenw10 Netgate Administrator
                  last edited by stephenw10

                  Mmm, it might 'just work'. pfSense is built on 12-stable. So whilst it still shows as 12.3 it's actually newer.
                  Though it looks like that code has actually been in ifconfig for some years:
                  https://github.com/pfsense/FreeBSD-src/commit/9de215608cfe3e871e92c6d6444063dd8be2b5c9
                  And it specifically mentions only tagging outbound traffic and that incoming traffic may be filtered by the driver.

                  Steve

                  J 1 Reply Last reply Reply Quote 0
                  • J Offline
                    Jarhead @stephenw10
                    last edited by

                    @stephenw10
                    Just tried with no luck.
                    Can't find too much info on pcp though so I may not be implementing properly.
                    All I did was "ifconfig em0 -pcp 0"
                    It did show as applied but made no difference.
                    Is that all that's needed?

                    R 1 Reply Last reply Reply Quote 0
                    • stephenw10S Offline
                      stephenw10 Netgate Administrator
                      last edited by

                      I would try ifconfig em0 pcp 0 which should enable tagging. However after reading I don't think it does anything for the replies which are the problem here.

                      Steve

                      1 Reply Last reply Reply Quote 0
                      • R Offline
                        random_pawn @Jarhead
                        last edited by

                        How is this going? Frontier is running fiber here soon. I would love to dump Charter (Spectrum).

                        1 Reply Last reply Reply Quote 0
                        • stephenw10S Offline
                          stephenw10 Netgate Administrator
                          last edited by

                          You will still require a switch to strip the tags if they are sending vlan0 tagged traffic.

                          Steve

                          R 1 Reply Last reply Reply Quote 0
                          • R Offline
                            random_pawn @stephenw10
                            last edited by

                            My concern is not getting it to work if we take the plunge and losing money. Probably can get it to work, but I cannot get any answers from Frontier about what their network does here. No surprise, these companies treat people like cattle anyway. If you read their website about the eero, they are all like you have to use it blah blah blah. The fine print says you have to sign with Amazon account too (lol, what??).

                            Anyway, I found so many posts out there regarding this. This one was most interesting. One person says a linux router distro works out of the box (did not say which). Another said Proxmox worked. My pfsense is on Hyper-V, so hopefully Hyper-V will handle it if it is there (back up is on the Netgate appliance though). Otherwise, I will be finagling two of my SFP+ 10 Gb ports for their own little VLAN.

                            What is it with these telecomm companies pushing half-brained services? Regulation is a joke lol.

                            1 Reply Last reply Reply Quote 0
                            • stephenw10S Offline
                              stephenw10 Netgate Administrator
                              last edited by

                              Hmm, not sure if I've seen Hyper-V used with vlan0 tags. There's a pretty good chance that would strip the tags in the vswitch though.

                              J 1 Reply Last reply Reply Quote 0
                              • J Offline
                                Jarhead @stephenw10
                                last edited by

                                I have a couple of Frontier installs going through a managed switch and they work fine. Yours will too.
                                You won't be using the sfp+ ports though, all copper since you'll have to use their ONT.

                                R 1 Reply Last reply Reply Quote 0
                                • R Offline
                                  random_pawn @Jarhead
                                  last edited by random_pawn

                                  Good to have options. These are combo SFP+ ports supporting 10 Gbe. My pfsense box uses one already using a copper module. Although I bet Hyper-V will handle it as is.

                                  The waiting game now... Have to wait for construction in the neighborhood first.

                                  Q 1 Reply Last reply Reply Quote 0
                                  • Q Online
                                    q54e3w @random_pawn
                                    last edited by

                                    Just had Frontier 1gbps service installed with the new black ONT. Engineer connected it to my pfSense 2.5.2 routers WAN port replacing my Spectrum S33 modem and it picked up a public WAN address without hiccup or any VLAN0 messing.

                                    1 Reply Last reply Reply Quote 0
                                    • S Offline
                                      scottv
                                      last edited by

                                      Anyone figure out how enable the PfSense box to get an IP address on the WAN port for Frontier Fiber?

                                      I also have a White Frontier ONT and an Arris NVG468MQ router they provided. My Pfsense box has never been able to grab a WAN IP address unless the Arris router is in front of it. If I plug my Mac or other PCs directly to the ONT they can obtain a WAN IP without a problem without the Arris router.

                                      I just recently upgraded to the 2GB service but the tech wasn't trained or didn't know that you needed new hardware so I'm still waiting for the new hardware that supports 2GB connections; however, I have a new PfSense box from Protecli that supports 2.5GB connections and a Zyxel 2.5GB unmanaged switch, so I thought I would again try to plug the ONT directly into the PfSense box but it still won't grab an IP address on the WAN port.

                                      J 1 Reply Last reply Reply Quote 0
                                      • J Offline
                                        Jarhead @scottv
                                        last edited by

                                        @scottv
                                        You have a few options.
                                        Search the forum for vlan0.

                                        There's a script you can use, you can put a switch in between the ONT and pfSense or you can put their router in bridge mode depending on which they give you.

                                        R S 2 Replies Last reply Reply Quote 0
                                        • R Offline
                                          rcoleman-netgate Netgate @Jarhead
                                          last edited by

                                          @jarhead said in pfSense won't get IP from Frontier Fiber.:

                                          There's a script you can use

                                          Should be noted here the script is technically side-loading and if you have a TAC support subscription that can possibly result in not receiving support. Not an absolute but an advisory.

                                          Ryan
                                          Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
                                          Requesting firmware for your Netgate device? https://go.netgate.com
                                          Switching: Mikrotik, Netgear, Extreme
                                          Wireless: Aruba, Ubiquiti

                                          J 1 Reply Last reply Reply Quote 0
                                          • J Offline
                                            Jarhead @rcoleman-netgate
                                            last edited by

                                            @rcoleman-netgate Can he have a TAC subscription with a Protectli? Thought that was just for Netgate equipment.

                                            R 1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.