Latest snapsot wireless bridged as well as static not working

matrix200

I think it is not a firewall issue at all because in my setup I don't have dhcp and just have my laptop with an ip in my lan subnet and unless I do the bridging from lan to wifi interface , I simply can't access it (ping , telnet etc).
Sounds like bridging/routing issue to me.

jimp

I would probably also help to see the output of "ifconfig -a" and also a copy of the rules for the wireless interface for both those who say it works, and those who say it doesn't.

Perhaps there is some telling difference between the two.

xbipin

doesnt work for me now doesnt even with static ips on wireless bridged to lan

$ ifconfig -a
vr0: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 1500
	options=2809 <rxcsum,vlan_mtu,wol_ucast,wol_magic>ether 00:0d:b9:13:47:84
	inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
	inet6 fe80::20d:b9ff:fe13:4784%vr0 prefixlen 64 scopeid 0x1 
	media: Ethernet autoselect (100baseTX <full-duplex>)
	status: active
vr1: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
	options=280b <rxcsum,txcsum,vlan_mtu,wol_ucast,wol_magic>ether 00:0d:b9:13:47:85
	inet6 fe80::20d:b9ff:fe13:4785%vr1 prefixlen 64 scopeid 0x2 
	media: Ethernet autoselect (100baseTX <full-duplex>)
	status: active
vr2: flags=8802 <broadcast,simplex,multicast>metric 0 mtu 1500
	options=280b <rxcsum,txcsum,vlan_mtu,wol_ucast,wol_magic>ether 00:0d:b9:13:47:86
	media: Ethernet autoselect (none)
	status: no carrier
ath0: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 2290
	ether 00:0b:6b:2c:d4:61
	inet6 fe80::20b:6bff:fe2c:d461%ath0 prefixlen 64 scopeid 0x4 
	media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>status: associated
	ssid "1mbps Blazing" channel 11 (2462 Mhz 11g) bssid 00:0b:6b:2c:d4:61
	authmode WPA2/802.11i privacy MIXED deftxkey 2 TKIP 2:128-bit
	txpower 31.5 scanvalid 60 bgscan bgscanintvl 300 bgscanidle 250
	roam:rssi11g 7 roam:rate11g 5 pureg protmode RTSCTS burst dtimperiod 1
pfsync0: flags=41 <up,running>metric 0 mtu 1460
	pfsync: syncdev: lo0 syncpeer: 224.0.0.240 maxupd: 128
enc0: flags=0<> metric 0 mtu 1536
lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384
	inet 127.0.0.1 netmask 0xff000000 
	inet6 ::1 prefixlen 128 
	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x7 
pflog0: flags=100 <promisc>metric 0 mtu 33204
ng0: flags=88d1 <up,pointopoint,running,noarp,simplex,multicast>metric 0 mtu 1492
	inet6 fe80::20d:b9ff:fe13:4784%ng0 prefixlen 64 scopeid 0x9 
	inet 92.99.242.71 --> 195.229.252.44 netmask 0xffffffff 
bridge0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
	ether aa:44:2b:7b:c5:65
	id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
	maxage 20 holdcnt 6 proto rstp maxaddr 100 timeout 1200
	root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
	member: vr0 flags=143 <learning,discover,autoedge,autoptp>ifmaxaddr 0 port 1 priority 128 path cost 200000
	member: ath0 flags=143 <learning,discover,autoedge,autoptp>ifmaxaddr 0 port 4 priority 128 path cost 370370</learning,discover,autoedge,autoptp></learning,discover,autoedge,autoptp></up,broadcast,running,simplex,multicast></up,pointopoint,running,noarp,simplex,multicast></promisc></up,loopback,running,multicast></up,running></hostap></up,broadcast,running,promisc,simplex,multicast></rxcsum,txcsum,vlan_mtu,wol_ucast,wol_magic></broadcast,simplex,multicast></full-duplex></rxcsum,txcsum,vlan_mtu,wol_ucast,wol_magic></up,broadcast,running,simplex,multicast></full-duplex></rxcsum,vlan_mtu,wol_ucast,wol_magic></up,broadcast,running,promisc,simplex,multicast> 

AhnHEL

MTU on ath0 is 2290

Is this proper?

Ran the following commands in console to set all interfaces to 1500 mtu including bridge0 and thats how it started to work again for me.

ifconfig vr0 mtu 1500
ifconfig ath0 mtu 1500
ifconfig bridge0 destroy
ifconfig bridge create

Change the vr0 above with your interface name for LAN

$ ifconfig
vr0: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 1500
options=2809 <rxcsum,vlan_mtu,wol_ucast,wol_magic>ether xx:xx:xx:xx:xx:xx
inet xxx.xxx.xxx.x netmask 0xfffffff0 broadcast xxx.xxx.xxx.xxx
inet6 xxxx::xxxx:xxxx:xxxx:xxxx%vr0 prefixlen 64 scopeid 0x1
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
vr1: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
options=284b <rxcsum,txcsum,vlan_mtu,polling,wol_ucast,wol_magic>ether xx:xx:xx:xx:xx:xx
inet6 xxxx::xxxx:xxxx:xxxx:xxxx%vr1 prefixlen 64 scopeid 0x2
inet xxx.xxx.xxx.xxx netmask 0xfffff000 broadcast 255.255.255.255
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
ath0: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 1500
ether xx:xx:xx:xx:xx:xx
inet6 xxxx::xxxx:xxxx:xxxx:xxxx%ath0 prefixlen 64 scopeid 0x3
media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>status: associated
ssid Taino1 channel 11 (2462 Mhz 11g) bssid xx:xx:xx:xx:xx:xx
authmode WPA1+WPA2/802.11i privacy MIXED deftxkey 3 TKIP 2:128-bit
TKIP 3:128-bit txpower 31.5 scanvalid 60 bgscan bgscanintvl 300
bgscanidle 250 roam:rssi11g 7 roam:rate11g 5 protmode OFF burst
-apbridge dtimperiod 1
pfsync0: flags=41 <up,running>metric 0 mtu 1460
pfsync: syncdev: lo0 syncpeer: 224.0.0.240 maxupd: 128
enc0: flags=0<> metric 0 mtu 1536
lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6
pflog0: flags=100 <promisc>metric 0 mtu 33204
tun0: flags=8051 <up,pointopoint,running,multicast>metric 0 mtu 1500
inet6 xxxx::xxxx:xxxx:xxxx:xxxx%tun0 prefixlen 64 scopeid 0x9
inet xxx.xxx.xxx.xxx –> xxx.xxx.xxx.xxx netmask 0xffffffff
Opened by PID 446
tun1: flags=8051 <up,pointopoint,running,multicast>metric 0 mtu 1500
inet6 xxxx::xxxx:xxxx:xxxx:xxxx%tun1 prefixlen 64 scopeid 0xa
inet xxx.xxx.xxx.xxx --> xxx.xxx.xxx.xxx netmask 0xffffffff
Opened by PID 453
bridge0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
ether xx:xx:xx:xx:xx:xx
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 100 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: vr0 flags=143 <learning,discover,autoedge,autoptp>ifmaxaddr 0 port 1 priority 128 path cost 200000
member: ath0 flags=143 <learning,discover,autoedge,autoptp>ifmaxaddr 0 port 3 priority 128 path cost 370370</learning,discover,autoedge,autoptp></learning,discover,autoedge,autoptp></up,broadcast,running,simplex,multicast></up,pointopoint,running,multicast></up,pointopoint,running,multicast></promisc></up,loopback,running,multicast></up,running></hostap></up,broadcast,running,promisc,simplex,multicast></full-duplex></rxcsum,txcsum,vlan_mtu,polling,wol_ucast,wol_magic></up,broadcast,running,simplex,multicast></full-duplex></rxcsum,vlan_mtu,wol_ucast,wol_magic></up,broadcast,running,promisc,simplex,multicast>

covex

updated to the recent snapshot and the same thing again. dhcp wont work on the wireless. alix, atheros 5212, full install.
ifconfig shows mtu of 2290 on ath0 and on bridge0
also, after upgrade I'm getting error message invalid parameter while loading firewall rules 2 and 3.
Here are those rules from config file (nothing was changed, this is how they are in config file):
<rule><type>pass</type>
<interface>optXXXX</interface>
<max-src-nodes><max-src-states><statetimeout><statetype>keep state</statetype>
<os><source>
<any><destination><any></any></destination></any></os></statetimeout></max-src-states></max-src-nodes></rule>
<rule><type>pass</type>
<interface>opt2</interface>
<max-src-nodes><max-src-states><statetimeout><statetype>keep state</statetype>
<os><source>
<any><destination><any></any></destination></any></os></statetimeout></max-src-states></max-src-nodes></rule>
what these rules do? opt2 is my wireless.

AhnHEL

Did you run the ifconfig commands i listed above to see if that resolves your wireless problem?

I'd reboot my Alix box and try again myself to see if the commands consistently resolve the issue but my Alix box is remote to my location and I cant afford the downtime if the commands dont help.

covex

screenshot in your post, is it before you've recreated the bridge or after?
your card is in promiscuous mode here

ath0: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 1500</up,broadcast,running,promisc,simplex,multicast>

mine does not have it after I change mtu on it.

AhnHEL

Screenshot is taken after.

Wont both vr0 and ath0 be in promiscuous mode because they are bridged?

covex

I don't know what is going on!  ???
My wireless works right now but vr1 (LAN) mtu is 1500, ath0 mtu is 2290 and bridge0 is 1500.
The only thing I changed was switching from channel 6 to channel 10 in the wireless settings. I'm afraid to reboot my router now!  :)

xbipin

after changing the mtu of ath0 to 1500, still wireless clients dont get ip from dhcp nor with static ip clients works

matrix200

Hope it will be helpful for others , here is my ifconfig -a output
Like I said it works after the bridging from lan to wireless interface is performed.

vr0: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 1500
        options=2809 <rxcsum,vlan_mtu,wol_ucast,wol_magic>ether 00:0d:b9:15:33:f0
        inet6 fe80::20d:b9ff:fe15:33f0%vr0 prefixlen 64 scopeid 0x1
        inet 192.168.0.2 netmask 0xffffff00 broadcast 192.168.0.255
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
vr1: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        options=280b <rxcsum,txcsum,vlan_mtu,wol_ucast,wol_magic>ether 00:0d:b9:15:33:f1
        inet6 fe80::20d:b9ff:fe15:33f1%vr1 prefixlen 64 scopeid 0x2
        inet 10.0.0.1 netmask 0xffffff00 broadcast 10.0.0.255
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
ath0: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 1500
        ether 00:0b:6b:dc:66:c6
        inet6 fe80::20b:6bff:fedc:66c6%ath0 prefixlen 64 scopeid 0x3
        media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>status: associated
        ssid Cyberspace channel 8 (2447 Mhz 11g) bssid 00:0b:6b:dc:66:c6
        authmode WPA2/802.11i privacy MIXED deftxkey 2 TKIP 2:128-bit
        TKIP 3:128-bit txpower 18 scanvalid 60 bgscan bgscanintvl 300
        bgscanidle 250 roam:rssi11g 7 roam:rate11g 5 protmode RTSCTS burst
        dtimperiod 1
pfsync0: flags=41 <up,running>metric 0 mtu 1460
        pfsync: syncdev: lo0 syncpeer: 224.0.0.240 maxupd: 128
enc0: flags=0<> metric 0 mtu 1536
lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384
        inet 127.0.0.1 netmask 0xff000000
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6
pflog0: flags=100 <promisc>metric 0 mtu 33204
ng0: flags=89d1 <up,pointopoint,running,noarp,promisc,simplex,multicast>metric 0 mtu 1492
        inet 62.0.92.255 --> 212.143.205.175 netmask 0xffffffff
        inet6 fe80::20d:b9ff:fe15:33f0%ng0 prefixlen 64 scopeid 0x9
bridge0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        ether d6:46:73:a0:9f:39
        id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
        maxage 20 holdcnt 6 proto rstp maxaddr 100 timeout 1200
        root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
        member: ath0 flags=143 <learning,discover,autoedge,autoptp>ifmaxaddr 0 port 3 priority 128 path cost 55
        member: vr0 flags=143 <learning,discover,autoedge,autoptp>ifmaxaddr 0 port 1 priority 128 path cost 200000</learning,discover,autoedge,autoptp></learning,discover,autoedge,autoptp></up,broadcast,running,simplex,multicast></up,pointopoint,running,noarp,promisc,simplex,multicast></promisc></up,loopback,running,multicast></up,running></hostap></up,broadcast,running,promisc,simplex,multicast></full-duplex></rxcsum,txcsum,vlan_mtu,wol_ucast,wol_magic></up,broadcast,running,simplex,multicast></full-duplex></rxcsum,vlan_mtu,wol_ucast,wol_magic></up,broadcast,running,promisc,simplex,multicast> 

DeCex

@xbipin:

after changing the mtu of ath0 to 1500, still wireless clients dont get ip from dhcp nor with static ip clients works

Sorry if this questionn sound stupid,

• you have not tick the "Deny unknown clients" in the DHCP setting?
• you´v tried changing the default channel on the OPT1 card ad see if the MTU changes? (try choosing another from Auto,Save and check MTU after saving and see what it say)

xbipin

i have already played around with all those settings a lot but doesnt make a difference bcoz its not the wireless that the issue but its just the dhcp or routing due to which the wireless client doesnt get an ip and with the same config the march release works perfectly fine

covex

well, onhel's commands are helping but in my case I also have to disable/enable wireless interface in gui so it would start dealing ip addresses to the clients.

xbipin

the commands for me when i run them then the LAN and wireless as well as the bridge interface all have 1500 as mtu but it still doesnt give out ips so i disable and then enable wireless from the gui but still it doesnt doesnt give ips and when i check the mtu go back to the wierd values, they r not getting saved.

in the system logs i saw certain packets were dropped,
UDP from 0.0.0.0:68 to 255.255.255.255:67

dont know if thats affecting it or no

xbipin

i thing i dont understand is earlier if the wireless client was assigned fixed ips then atleast wireless bridged to lan used to work but that doesnt now and i was checking the filter log and saw this entry
pass in on ath0: 192.168.0.18 > 224.0.0.251: igmp v2 report 224.0.0.251

192.168.0.18 being the ip manually configured in the wireless client and shouldnt it be going to 192.168.0.1 which is the firewall ip instead of 224.0.0.251, plz correct me if im wrong as i am a newbie to dhcp etc

cmb

This all seems to be related to ath changing MTU on its own, which appears to be a "feature" of the patched ath(4) we're using in 7.1 based snapshots. It should be impossible to end up with a 2290 MTU on a bridged ath interface, we set it to 1500 twice and never set it to anything other than 1500.

Try a 7.2 based snapshot which doesn't have the ath patch.
http://snapshots.pfsense.org/FreeBSD_RELENG_7_2/pfSense_RELENG_1_2/

AhnHEL

Thanks for the heads up Chris.

Is this patched ath(4) driver going to be continued in 1.2.3 stable because that "feature" is too important for ath(4) to be reverted back to being unpatched?

The patched version seems to have made using a wireless interface on pfSense very problematic.

cmb

I don't know what to think about that ath patch at this point….it's better for some people, worse for others. Also we're not yet sure which FreeBSD version 1.2.3 final release will end up using, it may be switched to 7.2 for unrelated reasons.

There will be no patched ath on 7.2 builds. I upgraded my primary production AP yesterday and it's worked fine since, but it usually took a couple weeks to start displaying problems with the previous version so it's hard to say at this point. It hasn't magically changed MTU on me though.

AhnHEL

I'll be trying the 7.2 build next I'm at my ALIX site within the week and report back my results then.  Thanks again.