Failover WAN - VLAN creates trouble getting public IP (5G router in bridge mode)
-
I just got a new 5G router with Bridge Mode to use as failover connection.
At the pfsense (VM) side, I have configured the Proxmox port used for WAN2 as VLAN 300. And the switch port it connects to is a trunk port with VLAN 300 as one of several members (it is used by other VM's as well),
At the 5G router side I have that switch port set to VLAN 300, untagged.
The connection works, and it has actually worked fine for a long time with my previous 4G router. It did not have Bridge Mode however, and was handing out 192 subnet.
Now, instead of getting the public IP, pfsense picks up a 192 IP handed out by the 5G router... the connection actually works though, and I do have internet, just not the public IP on pfsense...
When testing with an EdgeRouter X, directly connected to the 5G router, it picked up the public IP immediately.
Knowing that the router did actually pass on the public IP, I thought of putting a dumb switch between the 5G router and my VLAN switch. And this actually works and is my workaround for the moment...
My expectation was however, that packets in and out of the port that is set to untagged, would be just that (empty of VLAN taggs), no different from what the dumb switch delivers. But something that TPLink does makes it not work and the dumb switch removes that tag or whatever it is, which makes it work...
And I don't know how bridge mode actually works, since you still have access the UI at the defined IP. But why would pfsense even get a DHCP response from the 5G router? I thought setting that mode turned off DHCP... And if I block DHCP handouts from 192.168.3.2 on the interface, it just sits there and waits "Pending"...
Surely there must be something that I'm missing here? I have not tried setting VLAN 300 on the pfsense interface, skipping the VLAN tagging on Proxmox. But I doubt that would make a difference give that the switch solved it at the other end?
Working topology
5G router - dumb switch - TPLink (native 300 untagged) - TPLink (300 Tagged) - (Proxmox ID 300) - pfsenseVMAnd removing the dumb switch breaks the setup...