General Setup Help
-
wallabybob - I finally figure it out.
Thanks for reporting back. What was the key? Was there something missing from the instructions or something unclear?
I'm not exactly sure. I have it setup as you suggested but it's really sensitive to changes. I have already had to go back to the original settings to get it working after a reboot (I've been changing firewall rules and adding packages.)
I'll post the final settings when I get everything setup as I want it.
-
Update: I set up 4 static IP DHCP leases under the bridge and it stopped working. After playing around and changing the wireless adapter to 802.11b (from 802.11g), it fixed the problem. When I rebooted and tried to go back to 802.11g, it stopped working again. I don't know if this is a bug but this may have been my problem all along. I played with lots of different combinations before I got the whole setup to work. It's worth noting that 802.11g has worked in the past under different settings.
I don't think my wireless adapter is fully/properly supported (DLINK DWA-556). It's an 802.11n wireless adapter. I guess I'm just going to have to wait for v2.2 before everything will work as it should.
-
I'm surprised it works as 'b' and not 'g'.
Have you tried one of the 2.1 snapshots?In fact the DWA-556 is the one card that is listed as working!
Steve
-
I'm surprised it works as 'b' and not 'g'.
Have you tried one of the 2.1 snapshots?In fact the DWA-556 is the one card that is listed as working!
Steve
Yes, I'm getting strange and inconsistent results. How can setting up static DHCP IP address (using MAC addresses) stop the wireless from connecting? Why does it get fixed when I change the wireless settings?
I'm wondering if I should set up a firewall rule to force the DHCP port on all my bridge interfaces to go to the LAN interface (bridge). I think it's port 67 or 68. Right now I have firewall rules on every interface wide open.
Any advice would be appreciated.
-
I would still be suspicious of your slightly odd bridge setup. ;)
Try taking the wifi interface out of the bridge as a test.
Steve
-
I would still be suspicious of your slightly odd bridge setup. ;)
Try taking the wifi interface out of the bridge as a test.
Steve
Imagine my 6 port NIC had 1 port. How odd would it be then?
-WLAN on montherboard
-PCIE Adapter
-PCIE Wireless Adapter
-Bridge the 2 PCIE adaptersI'm sure lots of people have the above setup.
Thanks. I'm certain the wireless adapter is the problem. I'm just not sure what to do about it.
-
The odd thing about your bridge is not the six channel NIC it's the fact that you have a different subnet on each interface whilst they are all bridged together.
I think you have a danger of getting routing issues. If a packet arrives at em1 with destination em2 subnet then it can reach it either via the bridge (which will happen as all traffic is passed over the bridge) or be routed by pfSense to em2 which will also happen. Problem, possibly.You should really have it as Wallabybob laid out in his earlier post.
Did you ever set the sysctrls to move firewalling from bridge members to the bridge interface?
Steve
Edit: Actually I'm a bit confused about how you ended up configuring it. ???
-
The odd thing about your bridge is not the six channel NIC it's the fact that you have a different subnet on each interface whilst they are all bridged together.
I think you have a danger of getting routing issues. If a packet arrives at em1 with destination em2 subnet then it can reach it either via the bridge (which will happen as all traffic is passed over the bridge) or be routed by pfSense to em2 which will also happen. Problem, possibly.You should really have it as Wallabybob laid out in his earlier post.
Did you ever set the sysctrls to move firewalling from bridge members to the bridge interface?
Steve
Steve, I mentioned in a later post that I have it set up as wallabybob suggested. But it only works properly some of the time.
-The 6 channels and the WLAN are setup as Type (IPv4)="None".
-LAN = bridge0
-bridge0 has the 6 channels and the WLAN
-Only the LAN (bridge0) has Type=Static -> 192.168.1.1/24.
-Only the LAN (bridge0) is running a DHCP server 192.168.1.10 - 192.168.1.100
-I have 3 devices from the 6 port NIC set up as static under the bridge0 DHCP server. 192.168.1.2, 192.168.1.3, 192.168.1.4
-I have 3 devices from the WLAN set up as static under the bridge0 DHCP server. 192.168.1.5, 192.168.1.6, 192.168.1.7
-Firewall rules have been added to each interface and are wide open
-net.link.bridge.pfil_bridge is 1 and net.link.bridge.pfil_member is 0Sometimes when I make a small change and then reboot (i.e. assigning static DHCP), nothing will connect or get an IP assigned by the DHCP server. I have found that the fix is to change em0 to Type=Static -> 192.168.2.1 (no DHCP server). Then everything will reconnect and go back to their original setup including getting the right static IP assigned. If I change em0 to Type="None" and then save/apply, everything keeps working until I reboot.
Do you have any idea what's going on? Are there logs I can post that would help?
Thanks for your input.
-
See I told you I was confused! ::)
The only thing I can see is that you have open firewall rules on each interface but with net.link.bridge.pfil_member=0 you shouldn't need any rules on the member interfaces. I wonder if that may be an untested situation, rules set but filtering disabled? I doubt it.
You should certainly check the firewall logs however it will only show traffic that is blocked by the default block rule. Any traffic that is caught by one of your rules will not be shown unless you have ticked the 'Log packets that are handled by this rule' check box. Thus if, for what ever reason, you have rules that are catching traffic and routing it incorrectly you won't see that.
Since there is some suspicion over the wifi interface it would be a useful test to remove that from the bridge and see how that alters the behaviour.
Steve
-
See I told you I was confused! ::)
The only thing I can see is that you have open firewall rules on each interface but with net.link.bridge.pfil_member=0 you shouldn't need any rules on the member interfaces. I wonder if that may be an untested situation, rules set but filtering disabled? I doubt it.
You should certainly check the firewall logs however it will only show traffic that is blocked by the default block rule. Any traffic that is caught by one of your rules will not be shown unless you have ticked the 'Log packets that are handled by this rule' check box. Thus if, for what ever reason, you have rules that are catching traffic and routing it incorrectly you won't see that.
Since there is some suspicion over the wifi interface it would be a useful test to remove that from the bridge and see how that alters the behaviour.
Steve
Ok thank you. I will try that and post the results.
-
Also check the system log (Status -> System Logs) for interface events around the time the problem first appears.
-
I figured out the wireless problem. It turns out that the automatic channel feature is not working. I was getting tons of stuck beacons and it would eventually stop working. The solution was to look at the channels used and force a channel (in this case channel 3 was open). 802.11b was working fine because it wasn't being used by my neighbors.
Thanks everyone for the help. My general setup is working. Now I'm working on setting up packages and firewall rules, NAT, etc.