Missing something
-
@jrey said in Missing something:
LAN to LAGG
https://docs.netgate.com/pfsense/en/latest/recipes/migrate-assigned-lan-to-lagg.html
LAN to BRIDGE
https://protectli.com/kb/how-to-enable-lan-bridge-with-pfsense/no need for any of these things. Your 2100 has a switch on LAN1-4.
If you're using LAGGs and Bridges... remove them.
I highly recommend you do one of two things:
-
Factory default and start over from scratch importing only sections of your old config that are absolutely necessary or
-
Remove those things and re-configure the switch as 802.1Q. All that is covered in the switch-config link earlier in the thread.
-
-
It looks like you may not have set the PVID on ports 2,3 and 4 to match the untagged VLANs on them. That is required for inbound traffic. There is a separate tab for that in the switch config.
Yes, you don't need to bridge anything, the switch does a better job of acting as a switch. Unless you need to filter between network segments in the same subnet.
You cannot use the switched LAN ports as LAGG members. The switch does not pass the required layer 2 packets to connect to and external LAG device.
Steve
-
-
Ryan
Thanks
I assumed I had to have discrete ports to build the LAGG group, initially when I looked at (LAGG) there was nothing listed to build it with.There is also nothing currently on the device for LAGG or Bridge.
So what you are saying is the LAGG does not need to be built on the device? just plug in the 2 wires from the switch down the hall. Guess I'm not clear on how it would know they are a LAGG if you can't build it (or then would act as the LAN interface)
Is there another document on that (because the one I provided above seems to be the only discussion on LAN to LAGG I could find)Do I still need to make them discrete ports? (I'm not that far in that I can't factory reset and start fresh)
Much appreciated.
-
The switch ports (LAN 1-4 on the 2100) do not support LACP LAGG. The switch can only do a load-balance LAGG to something external. If your external switch supports that you could use it but there is little point since a single link provides all the bandwidth the 2100 will pass and there is no redundancy in a load-balance LAGG.
Steve
-
Thanks Steve
that's rather unfortunate, the previous wifi router supported LAGG, and when it was the first point after the modem, wired stations through the switch the modem was LADD'd with enjoyed roughly double the speed to the internet (speedtest). Now that the NetGate has replaced the Wifi router with LAGG, and only a single wire to the NetGate (now the first step after the modem) those same wired clients enjoy roughly half the throughput they did previously. I'm considering going back to the wifi with LAGG as the first point after the modem, and/or trying to determine if the 2100 is the issue. (I did restore to factory defaults, and take a basic approach to connecting, wan/lan (single port connected at this time to the switch) internet works, just slower IMHO. (also did remove the LAGG group at the switch end, because it was showing only one wire connected, that had no impact, other than the switch is no longer complaining the that lagg is only half there)Much appreciate the feedback. Thanks
-
What bandwidth is your WAN?
Each link in the LAGG will pass 1G which is more then the 2100 will pass for most traffic. If your external switch support load-balanced static lagg you can use it there though. That will increase available bandwidth between the external switch and the 2100 internal switch but it won't effect bandwidth to/from the internet.Steve
-
Thanks again for the reply.
The WAN is nowhere near the cap. (evidenced by their attainable speed through the old router/switch) The devices on the switch are not even getting close to cap and still they are not even close to what they could achieve before.
Now that the 2100 is running, I hesitant to try and make changes, but what would be the general strategy for placing the LAN in a LAGG, which is what I was trying to accomplish when I started breaking the ports apart as noted earlier following the documents that had been linked. (I get it don't need the Bridge part, because this is a switch) When I look now, as before, nothing shows up under LAGGS to even try and build the it on.(ie when you click on ADD LAGG, the Parent Interfaces list is empty) Can you give me a couple of bullet points steps to follow? (I currently have two empty Lan ports, having plugged a small hub into one of the others, for testing) so 2/4 lan ports are used at this time, and everything is still connected.Much appreciate the feedback, Thank you
-
You have to configure the 2100 switch ports as a lagg. It's independent of the Interfaces > Lagg setup in pfSense.
There is still a single 1G link between the internal NIC (mvneta1) and the switch in the 2100. And the WAN side can only be 1G at most so I really would not expect this make any difference.What available WAN bandwidth is your ISP providing?
What speed differences were you seeing with and without the LAGG using the previous router?
Steve
-
@jrey said in Missing something:
nothing shows up under LAGGS to even try and build the it on.(ie when you click on ADD LAGG, the Parent Interfaces list is empty)
Because these ports do not exist in the pfSense software -- they are a single in-bound port of mvneta1.
The Marvell (the M of mvneta, the rest being Virtual NETwork Adapter, I believe -- if not it works so ¯\_(ツ)_/¯ ) are all handled by the SoC and not by the pfSense base.
-
Thanks Steve and Ryan for your assistance. As it turns out, after connecting and testing on a second port at the netgate (not through the switch) the slowness to internet was also observed.
Cable tester to the rescue -- turns out the cable Wan port to Modem must have been damaged in the move. it was still working, just not well. Replaced that cable and presto.
looking into installing a "speedtest" on the netgate. I saw something about that somewhere, would have been handy to have there a couple of days ago.
Also what is the correct forum (please) for apcupsd questions?
Thanks again
-
@jrey said in Missing something:
looking into installing a "speedtest" on the netgate.
At the command line:
[22.05-RELEASE][admin@cedev-3.stevew.lan]/root: pkg search speedtest py38-speedtest-cli-2.1.3 Command line interface for testing internet bandwidth [22.05-RELEASE][admin@cedev-3.stevew.lan]/root: pkg install py38-speedtest-cli Updating pfSense-core repository catalogue... pfSense-core repository is up to date. Updating pfSense repository catalogue... pfSense repository is up to date. All repositories are up to date. The following 1 package(s) will be affected (of 0 checked): New packages to be INSTALLED: py38-speedtest-cli: 2.1.3 [pfSense] Number of packages to be installed: 1 38 KiB to be downloaded. Proceed with this action? [y/N]: y [1/1] Fetching py38-speedtest-cli-2.1.3.pkg: 100% 38 KiB 39.0kB/s 00:01 Checking integrity... done (0 conflicting) [1/1] Installing py38-speedtest-cli-2.1.3... [1/1] Extracting py38-speedtest-cli-2.1.3: 100% [22.05-RELEASE][admin@cedev-3.stevew.lan]/root: rehash [22.05-RELEASE][admin@cedev-3.stevew.lan]/root: speedtest-cli --secure Retrieving speedtest.net configuration... Testing from Plusnet (x.x.x.x)... Retrieving speedtest.net server list... Selecting best server based on ping... Hosted by 1Ago (Sint-Niklaas) [303.34 km]: 17.173 ms Testing download speed................................................................................ Download: 61.46 Mbit/s Testing upload speed...................................................................................................... Upload: 18.56 Mbit/s
Questions about apcupds should be in the Packages sub-forum.
Steve