Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Latest snapsot wireless bridged as well as static not working

    Scheduled Pinned Locked Moved 1.2.3-PRERELEASE-TESTING snapshots - RETIRED
    140 Posts 12 Posters 76.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      DeCex
      last edited by

      Here´my firewall rules

      1 for LAN
      1 for OPT1

      LAN.png
      LAN.png_thumb
      OPT1.png
      OPT1.png_thumb

      1 Reply Last reply Reply Quote 0
      • X
        xbipin
        last edited by

        its the same rules i got, mayb if u read in older posts ull see that all the debug has been done and config is all perfect and firewall is also not blocking any dhcp packets but its just that dhcp isnt replying properly or something like that

        1 Reply Last reply Reply Quote 0
        • M
          matrix200
          last edited by

          I think it is not a firewall issue at all because in my setup I don't have dhcp and just have my laptop with an ip in my lan subnet and unless I do the bridging from lan to wifi interface , I simply can't access it (ping , telnet etc).
          Sounds like bridging/routing issue to me.

          Current network "hardware" :
          Running 2.2RC in Virtualbox 4.2.16.

          Retired:
          ALIX2C2 , 4 gigabyte disk cf card running 2.0 (official release).

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            I would probably also help to see the output of "ifconfig -a" and also a copy of the rules for the wireless interface for both those who say it works, and those who say it doesn't.

            Perhaps there is some telling difference between the two.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • X
              xbipin
              last edited by

              doesnt work for me now doesnt even with static ips on wireless bridged to lan

              $ ifconfig -a
vr0: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 1500
	options=2809 <rxcsum,vlan_mtu,wol_ucast,wol_magic>ether 00:0d:b9:13:47:84
	inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
	inet6 fe80::20d:b9ff:fe13:4784%vr0 prefixlen 64 scopeid 0x1 
	media: Ethernet autoselect (100baseTX <full-duplex>)
	status: active
vr1: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
	options=280b <rxcsum,txcsum,vlan_mtu,wol_ucast,wol_magic>ether 00:0d:b9:13:47:85
	inet6 fe80::20d:b9ff:fe13:4785%vr1 prefixlen 64 scopeid 0x2 
	media: Ethernet autoselect (100baseTX <full-duplex>)
	status: active
vr2: flags=8802 <broadcast,simplex,multicast>metric 0 mtu 1500
	options=280b <rxcsum,txcsum,vlan_mtu,wol_ucast,wol_magic>ether 00:0d:b9:13:47:86
	media: Ethernet autoselect (none)
	status: no carrier
ath0: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 2290
	ether 00:0b:6b:2c:d4:61
	inet6 fe80::20b:6bff:fe2c:d461%ath0 prefixlen 64 scopeid 0x4 
	media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>status: associated
	ssid "1mbps Blazing" channel 11 (2462 Mhz 11g) bssid 00:0b:6b:2c:d4:61
	authmode WPA2/802.11i privacy MIXED deftxkey 2 TKIP 2:128-bit
	txpower 31.5 scanvalid 60 bgscan bgscanintvl 300 bgscanidle 250
	roam:rssi11g 7 roam:rate11g 5 pureg protmode RTSCTS burst dtimperiod 1
pfsync0: flags=41 <up,running>metric 0 mtu 1460
	pfsync: syncdev: lo0 syncpeer: 224.0.0.240 maxupd: 128
enc0: flags=0<> metric 0 mtu 1536
lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384
	inet 127.0.0.1 netmask 0xff000000 
	inet6 ::1 prefixlen 128 
	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x7 
pflog0: flags=100 <promisc>metric 0 mtu 33204
ng0: flags=88d1 <up,pointopoint,running,noarp,simplex,multicast>metric 0 mtu 1492
	inet6 fe80::20d:b9ff:fe13:4784%ng0 prefixlen 64 scopeid 0x9 
	inet 92.99.242.71 --> 195.229.252.44 netmask 0xffffffff 
bridge0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
	ether aa:44:2b:7b:c5:65
	id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
	maxage 20 holdcnt 6 proto rstp maxaddr 100 timeout 1200
	root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
	member: vr0 flags=143 <learning,discover,autoedge,autoptp>ifmaxaddr 0 port 1 priority 128 path cost 200000
	member: ath0 flags=143 <learning,discover,autoedge,autoptp>ifmaxaddr 0 port 4 priority 128 path cost 370370</learning,discover,autoedge,autoptp></learning,discover,autoedge,autoptp></up,broadcast,running,simplex,multicast></up,pointopoint,running,noarp,simplex,multicast></promisc></up,loopback,running,multicast></up,running></hostap></up,broadcast,running,promisc,simplex,multicast></rxcsum,txcsum,vlan_mtu,wol_ucast,wol_magic></broadcast,simplex,multicast></full-duplex></rxcsum,txcsum,vlan_mtu,wol_ucast,wol_magic></up,broadcast,running,simplex,multicast></full-duplex></rxcsum,vlan_mtu,wol_ucast,wol_magic></up,broadcast,running,promisc,simplex,multicast>
              1 Reply Last reply Reply Quote 0
              • AhnHELA
                AhnHEL
                last edited by

                MTU on ath0 is 2290

                Is this proper?

                Ran the following commands in console to set all interfaces to 1500 mtu including bridge0 and thats how it started to work again for me.

                ifconfig vr0 mtu 1500
                ifconfig ath0 mtu 1500
                ifconfig bridge0 destroy
                ifconfig bridge create

                Change the vr0 above with your interface name for LAN

                $ ifconfig
                vr0: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 1500
                options=2809 <rxcsum,vlan_mtu,wol_ucast,wol_magic>ether xx:xx:xx:xx:xx:xx
                inet xxx.xxx.xxx.x netmask 0xfffffff0 broadcast xxx.xxx.xxx.xxx
                inet6 xxxx::xxxx:xxxx:xxxx:xxxx%vr0 prefixlen 64 scopeid 0x1
                media: Ethernet autoselect (100baseTX <full-duplex>)
                status: active
                vr1: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
                options=284b <rxcsum,txcsum,vlan_mtu,polling,wol_ucast,wol_magic>ether xx:xx:xx:xx:xx:xx
                inet6 xxxx::xxxx:xxxx:xxxx:xxxx%vr1 prefixlen 64 scopeid 0x2
                inet xxx.xxx.xxx.xxx netmask 0xfffff000 broadcast 255.255.255.255
                media: Ethernet autoselect (100baseTX <full-duplex>)
                status: active
                ath0: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 1500
                ether xx:xx:xx:xx:xx:xx
                inet6 xxxx::xxxx:xxxx:xxxx:xxxx%ath0 prefixlen 64 scopeid 0x3
                media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>status: associated
                ssid Taino1 channel 11 (2462 Mhz 11g) bssid xx:xx:xx:xx:xx:xx
                authmode WPA1+WPA2/802.11i privacy MIXED deftxkey 3 TKIP 2:128-bit
                TKIP 3:128-bit txpower 31.5 scanvalid 60 bgscan bgscanintvl 300
                bgscanidle 250 roam:rssi11g 7 roam:rate11g 5 protmode OFF burst
                -apbridge dtimperiod 1
                pfsync0: flags=41 <up,running>metric 0 mtu 1460
                pfsync: syncdev: lo0 syncpeer: 224.0.0.240 maxupd: 128
                enc0: flags=0<> metric 0 mtu 1536
                lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384
                inet 127.0.0.1 netmask 0xff000000
                inet6 ::1 prefixlen 128
                inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6
                pflog0: flags=100 <promisc>metric 0 mtu 33204
                tun0: flags=8051 <up,pointopoint,running,multicast>metric 0 mtu 1500
                inet6 xxxx::xxxx:xxxx:xxxx:xxxx%tun0 prefixlen 64 scopeid 0x9
                inet xxx.xxx.xxx.xxx –> xxx.xxx.xxx.xxx netmask 0xffffffff
                Opened by PID 446
                tun1: flags=8051 <up,pointopoint,running,multicast>metric 0 mtu 1500
                inet6 xxxx::xxxx:xxxx:xxxx:xxxx%tun1 prefixlen 64 scopeid 0xa
                inet xxx.xxx.xxx.xxx --> xxx.xxx.xxx.xxx netmask 0xffffffff
                Opened by PID 453
                bridge0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
                ether xx:xx:xx:xx:xx:xx
                id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
                maxage 20 holdcnt 6 proto rstp maxaddr 100 timeout 1200
                root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
                member: vr0 flags=143 <learning,discover,autoedge,autoptp>ifmaxaddr 0 port 1 priority 128 path cost 200000
                member: ath0 flags=143 <learning,discover,autoedge,autoptp>ifmaxaddr 0 port 3 priority 128 path cost 370370</learning,discover,autoedge,autoptp></learning,discover,autoedge,autoptp></up,broadcast,running,simplex,multicast></up,pointopoint,running,multicast></up,pointopoint,running,multicast></promisc></up,loopback,running,multicast></up,running></hostap></up,broadcast,running,promisc,simplex,multicast></full-duplex></rxcsum,txcsum,vlan_mtu,polling,wol_ucast,wol_magic></up,broadcast,running,simplex,multicast></full-duplex></rxcsum,vlan_mtu,wol_ucast,wol_magic></up,broadcast,running,promisc,simplex,multicast>

                AhnHEL (Angel)

                1 Reply Last reply Reply Quote 0
                • C
                  covex
                  last edited by

                  updated to the recent snapshot and the same thing again. dhcp wont work on the wireless. alix, atheros 5212, full install.
                  ifconfig shows mtu of 2290 on ath0 and on bridge0
                  also, after upgrade I'm getting error message invalid parameter while loading firewall rules 2 and 3.
                  Here are those rules from config file (nothing was changed, this is how they are in config file):
                  <rule><type>pass</type>
                  <interface>optXXXX</interface>
                  <max-src-nodes><max-src-states><statetimeout><statetype>keep state</statetype>
                  <os><source>
                  <any><destination><any></any></destination></any></os></statetimeout></max-src-states></max-src-nodes></rule>
                  <rule><type>pass</type>
                  <interface>opt2</interface>
                  <max-src-nodes><max-src-states><statetimeout><statetype>keep state</statetype>
                  <os><source>
                  <any><destination><any></any></destination></any></os></statetimeout></max-src-states></max-src-nodes></rule>
                  what these rules do? opt2 is my wireless.

                  1 Reply Last reply Reply Quote 0
                  • AhnHELA
                    AhnHEL
                    last edited by

                    Did you run the ifconfig commands i listed above to see if that resolves your wireless problem?

                    I'd reboot my Alix box and try again myself to see if the commands consistently resolve the issue but my Alix box is remote to my location and I cant afford the downtime if the commands dont help.

                    AhnHEL (Angel)

                    1 Reply Last reply Reply Quote 0
                    • C
                      covex
                      last edited by

                      screenshot in your post, is it before you've recreated the bridge or after?
                      your card is in promiscuous mode here

                      ath0: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 1500</up,broadcast,running,promisc,simplex,multicast>

                      mine does not have it after I change mtu on it.

                      1 Reply Last reply Reply Quote 0
                      • AhnHELA
                        AhnHEL
                        last edited by

                        Screenshot is taken after.

                        Wont both vr0 and ath0 be in promiscuous mode because they are bridged?

                        AhnHEL (Angel)

                        1 Reply Last reply Reply Quote 0
                        • C
                          covex
                          last edited by

                          I don't know what is going on!  ???
                          My wireless works right now but vr1 (LAN) mtu is 1500, ath0 mtu is 2290 and bridge0 is 1500.
                          The only thing I changed was switching from channel 6 to channel 10 in the wireless settings. I'm afraid to reboot my router now!  :)

                          1 Reply Last reply Reply Quote 0
                          • X
                            xbipin
                            last edited by

                            after changing the mtu of ath0 to 1500, still wireless clients dont get ip from dhcp nor with static ip clients works

                            1 Reply Last reply Reply Quote 0
                            • M
                              matrix200
                              last edited by

                              Hope it will be helpful for others , here is my ifconfig -a output
                              Like I said it works after the bridging from lan to wireless interface is performed.

                              vr0: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 1500
        options=2809 <rxcsum,vlan_mtu,wol_ucast,wol_magic>ether 00:0d:b9:15:33:f0
        inet6 fe80::20d:b9ff:fe15:33f0%vr0 prefixlen 64 scopeid 0x1
        inet 192.168.0.2 netmask 0xffffff00 broadcast 192.168.0.255
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
vr1: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        options=280b <rxcsum,txcsum,vlan_mtu,wol_ucast,wol_magic>ether 00:0d:b9:15:33:f1
        inet6 fe80::20d:b9ff:fe15:33f1%vr1 prefixlen 64 scopeid 0x2
        inet 10.0.0.1 netmask 0xffffff00 broadcast 10.0.0.255
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
ath0: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 1500
        ether 00:0b:6b:dc:66:c6
        inet6 fe80::20b:6bff:fedc:66c6%ath0 prefixlen 64 scopeid 0x3
        media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>status: associated
        ssid Cyberspace channel 8 (2447 Mhz 11g) bssid 00:0b:6b:dc:66:c6
        authmode WPA2/802.11i privacy MIXED deftxkey 2 TKIP 2:128-bit
        TKIP 3:128-bit txpower 18 scanvalid 60 bgscan bgscanintvl 300
        bgscanidle 250 roam:rssi11g 7 roam:rate11g 5 protmode RTSCTS burst
        dtimperiod 1
pfsync0: flags=41 <up,running>metric 0 mtu 1460
        pfsync: syncdev: lo0 syncpeer: 224.0.0.240 maxupd: 128
enc0: flags=0<> metric 0 mtu 1536
lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384
        inet 127.0.0.1 netmask 0xff000000
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6
pflog0: flags=100 <promisc>metric 0 mtu 33204
ng0: flags=89d1 <up,pointopoint,running,noarp,promisc,simplex,multicast>metric 0 mtu 1492
        inet 62.0.92.255 --> 212.143.205.175 netmask 0xffffffff
        inet6 fe80::20d:b9ff:fe15:33f0%ng0 prefixlen 64 scopeid 0x9
bridge0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        ether d6:46:73:a0:9f:39
        id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
        maxage 20 holdcnt 6 proto rstp maxaddr 100 timeout 1200
        root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
        member: ath0 flags=143 <learning,discover,autoedge,autoptp>ifmaxaddr 0 port 3 priority 128 path cost 55
        member: vr0 flags=143 <learning,discover,autoedge,autoptp>ifmaxaddr 0 port 1 priority 128 path cost 200000</learning,discover,autoedge,autoptp></learning,discover,autoedge,autoptp></up,broadcast,running,simplex,multicast></up,pointopoint,running,noarp,promisc,simplex,multicast></promisc></up,loopback,running,multicast></up,running></hostap></up,broadcast,running,promisc,simplex,multicast></full-duplex></rxcsum,txcsum,vlan_mtu,wol_ucast,wol_magic></up,broadcast,running,simplex,multicast></full-duplex></rxcsum,vlan_mtu,wol_ucast,wol_magic></up,broadcast,running,promisc,simplex,multicast>

                              Current network "hardware" :
                              Running 2.2RC in Virtualbox 4.2.16.

                              Retired:
                              ALIX2C2 , 4 gigabyte disk cf card running 2.0 (official release).

                              1 Reply Last reply Reply Quote 0
                              • D
                                DeCex
                                last edited by

                                @xbipin:

                                after changing the mtu of ath0 to 1500, still wireless clients dont get ip from dhcp nor with static ip clients works

                                Sorry if this questionn sound stupid,

                                • you have not tick the "Deny unknown clients" in the DHCP setting?
                                • you´v tried changing the default channel on the OPT1 card ad see if the MTU changes? (try choosing another from Auto,Save and check MTU after saving and see what it say)

                                channel.png
                                channel.png_thumb

                                1 Reply Last reply Reply Quote 0
                                • X
                                  xbipin
                                  last edited by

                                  i have already played around with all those settings a lot but doesnt make a difference bcoz its not the wireless that the issue but its just the dhcp or routing due to which the wireless client doesnt get an ip and with the same config the march release works perfectly fine

                                  1 Reply Last reply Reply Quote 0
                                  • C
                                    covex
                                    last edited by

                                    well, onhel's commands are helping but in my case I also have to disable/enable wireless interface in gui so it would start dealing ip addresses to the clients.

                                    1 Reply Last reply Reply Quote 0
                                    • X
                                      xbipin
                                      last edited by

                                      the commands for me when i run them then the LAN and wireless as well as the bridge interface all have 1500 as mtu but it still doesnt give out ips so i disable and then enable wireless from the gui but still it doesnt doesnt give ips and when i check the mtu go back to the wierd values, they r not getting saved.

                                      in the system logs i saw certain packets were dropped,
                                      UDP from 0.0.0.0:68 to 255.255.255.255:67

                                      dont know if thats affecting it or no

                                      1 Reply Last reply Reply Quote 0
                                      • X
                                        xbipin
                                        last edited by

                                        i thing i dont understand is earlier if the wireless client was assigned fixed ips then atleast wireless bridged to lan used to work but that doesnt now and i was checking the filter log and saw this entry
                                        pass in on ath0: 192.168.0.18 > 224.0.0.251: igmp v2 report 224.0.0.251

                                        192.168.0.18 being the ip manually configured in the wireless client and shouldnt it be going to 192.168.0.1 which is the firewall ip instead of 224.0.0.251, plz correct me if im wrong as i am a newbie to dhcp etc

                                        1 Reply Last reply Reply Quote 0
                                        • C
                                          cmb
                                          last edited by

                                          This all seems to be related to ath changing MTU on its own, which appears to be a "feature" of the patched ath(4) we're using in 7.1 based snapshots. It should be impossible to end up with a 2290 MTU on a bridged ath interface, we set it to 1500 twice and never set it to anything other than 1500.

                                          Try a 7.2 based snapshot which doesn't have the ath patch.
                                          http://snapshots.pfsense.org/FreeBSD_RELENG_7_2/pfSense_RELENG_1_2/

                                          1 Reply Last reply Reply Quote 0
                                          • AhnHELA
                                            AhnHEL
                                            last edited by

                                            Thanks for the heads up Chris.

                                            Is this patched ath(4) driver going to be continued in 1.2.3 stable because that "feature" is too important for ath(4) to be reverted back to being unpatched?

                                            The patched version seems to have made using a wireless interface on pfSense very problematic.

                                            AhnHEL (Angel)

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.