Bridge LAN + WLAN not working in last snapshot

MaxPF · Jan 24, 2013, 4:33 AM

After updating to the latest snapshot (Jan 23 05:47:30) my LAN + WLAN bridge stopped working completely.
I have an Alix 2d13 with a USB RT2870 wireless adapter (run driver) that I used in hotspot mode bridged to the LAN. Up until today everything worked like this:

WAN - vr1 DHCP
LAN - vr0 none
WLAN - run0 none
BRIDGE - Bridge0 - 192.168.1.1

net.link.bridge.pfil_member 0
net.link.bridge.pfil_bridge 1

DHCP server running on BRIDGE and all the outgoing FW rules for LAN and WLAN clients were set on the BRIDGE interface.

After updating today, the interface assignments and IPs stayed the same, but I lost access to the web interface and internet. 192.168.1.1 is not pingable anymore. Restoring to factory default (from serial console) restored access to internet and web interface.

Once I got in the web interface I tried to restore my latest backup, but after rebooting nothing was working again. I did another factory default and this time I recreated the bridge configuration, firewall and nat rules by hand and everything worked at first… until I rebooted and I was locked out again without internet access.

After yet another factory reset I tried:

WAN - vr1 DHCP
LAN - Bridge0 - 192.168.1.1
WLAN - run0 none
BRIDGE - vr0 none

net.link.bridge.pfil_member 0
net.link.bridge.pfil_bridge 1

with the same results: works at first when setup by hand, but stops working after reboot. I watched the boot messages on the console and there were no errors or anything out of the ordinary and the interface settings above the console menu reflect exactly the configuration I want and that used to work.

Has anything changed in the last few days that could have caused this behavior?

xbipin · Jan 24, 2013, 8:06 AM

+1

eri-- · Jan 24, 2013, 9:20 AM

Can you send me you config section of <interfaces></interfaces>and

so i can replicate locally?

xbipin · Jan 24, 2013, 9:46 AM

actually when i upgraded and then logged into the web gui it said there was a crash report and press yes to submit to developer so i did that, in the report there was some error related to php and timezone setting

eri-- · Jan 24, 2013, 10:59 AM

Can you paste those errors here.

MaxPF · Jan 24, 2013, 12:25 PM

This is from a backup that used to work:


 <interfaces><wan><enable><if>vr1</if>
			<ipaddr>dhcp</ipaddr>
			 <gateway><blockpriv>on</blockpriv>
			<blockbogons>on</blockbogons>
			 <media><mediaopt></mediaopt></media></gateway></enable></wan> 
		 <lan><enable><if>bridge0</if>

			<ipaddr>192.168.1.1</ipaddr>
			<subnet>24</subnet>
			 <spoofmac></spoofmac></enable></lan> 
		 <opt1><if>vr2</if>

			 <spoofmac><enable><ipaddr>10.10.10.1</ipaddr>
			<subnet>24</subnet></enable></spoofmac></opt1> 
		 <opt2><if>vr0</if>
			 <enable><spoofmac></spoofmac></enable></opt2> 
		 <opt3><if>run0</if>
			 <wireless><standard>11g</standard>
				<mode>hostap</mode>
				<protmode>off</protmode>
				<ssid>LHC</ssid>
				<channel>0</channel>
				 <authmode><txpower>99</txpower>
				 <distance><regdomain><regcountry><reglocation><wpa><macaddr_acl><auth_algs>1</auth_algs>
					<wpa_mode>2</wpa_mode>
					<wpa_key_mgmt>WPA-PSK</wpa_key_mgmt>
					<wpa_pairwise>CCMP</wpa_pairwise>
					<wpa_group_rekey>120</wpa_group_rekey>
					<wpa_gmk_rekey>3600</wpa_gmk_rekey>
					<passphrase></passphrase>
					 <ext_wpa_sw><ieee8021x><enable></enable></ieee8021x></ext_wpa_sw></macaddr_acl></wpa> 
				 <auth_server_addr><auth_server_port><auth_server_shared_secret><wme><pureg><enable></enable></pureg> 
				 <auth_server_addr2><auth_server_port2><auth_server_shared_secret2></auth_server_shared_secret2></auth_server_port2></auth_server_addr2></wme></auth_server_shared_secret></auth_server_port></auth_server_addr></reglocation></regcountry></regdomain></distance></authmode></wireless> 
			 <enable><spoofmac></spoofmac></enable></opt3></interfaces>


	 <bridges><bridged><members>opt2,opt3</members>

			 <maxaddr><timeout><maxage><fwdelay><hellotime><priority><proto>rstp</proto>
			 <holdcount><ifpriority><ifpathcost><bridgeif>bridge0</bridgeif></ifpathcost></ifpriority></holdcount></priority></hellotime></fwdelay></maxage></timeout></maxaddr></bridged></bridges>

xbipin · Jan 24, 2013, 12:46 PM

@ermal:

Can you paste those errors here.

i simply submitted that and then it deleted the crash report after which i reverted to the previous working snapshot. u would be having access to the place where this crash report got submitted i guess

MaxPF · Jan 25, 2013, 11:40 AM

Just tried the Jan 24 07:37:42 build, but same thing is happening. I found a workaround that maybe can help troubleshoot this issue.

After restoring my backup and rebooting I have this setup for the interface:

WAN (wan) -> vr1 -> v4/DHCP4: XX.XX.XX.161/23
BRIDGE (lan) -> bridge0 -> v4: 192.168.1.1/24
GUEST (opt1) -> vr2 -> v4: 10.10.10.1/24
LAN (opt2) -> vr0 ->
WLAN (opt3) -> run0_wlan0 ->

with OPT2 and OPT3 bridged in bridge0 and nothing is working. However if in the serial console I choose option #2 and assign an IP address to LAN (opt2) like this:

WAN (wan) -> vr1 -> v4/DHCP4: XX.XX.XX.161/23
BRIDGE (lan) -> bridge0 -> v4: 192.168.1.1/24
GUEST (opt1) -> vr2 -> v4: 10.10.10.1/24
LAN (opt2) -> vr0 -> v4: 192.168.1.2/24
WLAN (opt3) -> run0_wlan0 ->

then everything starts working again!

UPDATE:
Not sure what happened overnight, but this morning it didn't work again (it was fine yesterday evening after the workaround) so I had to do another factory reset.

t3h0th3r · Jan 25, 2013, 12:14 PM

+1

zetar · Jan 25, 2013, 1:06 PM

Hello
I too have the same problem.
Until the version built on Tue Jan 22 17:56:08 EST 2013
Everything works fine, no longer works after the bridge.
My setup only bridge Wan-Lan Ip Wan With the gateway.
Use public IP, I do not need it use the NAT only firewall packet filtering, it will not work the Traffic Shaper.
Thank you.

eri-- · Jan 25, 2013, 7:50 PM

Please try the next snapshot coming out.

zetar · Jan 25, 2013, 9:10 PM

I tried that today, but it's still not try the next one.

MaxPF · Jan 26, 2013, 1:21 AM

Just tried build Jan 25 11:42:18 and it is still the same with bridged interfaces not working at all.

xbipin · Jan 26, 2013, 9:37 AM

still doesnt work but i guess its something to do with dhcp and the bridge as my wireless devices remain on obtaining ip address but never gets one

zetar · Jan 26, 2013, 1:35 PM

I use manual IP addresses but should not be the same, I have changed something.

MaxPF · Jan 26, 2013, 2:59 PM

@xbipin:

still doesnt work but i guess its something to do with dhcp and the bridge as my wireless devices remain on obtaining ip address but never gets one

No it's not just dhcp that breaks. Even with static ip's nothing works with bridges interfaces.

eri-- · Jan 26, 2013, 4:32 PM

I think i found the issues.
Please try tomorrows snapshot.

MaxPF · Jan 26, 2013, 4:37 PM

Great! I will and report back.
Is this the fix https://github.com/bsdperimeter/pfsense/commit/19defb88d4c7ff7e097b32702dee6e9b948e46b6?

xbipin · Jan 27, 2013, 5:07 AM

no luck for me as yet, i guess there were few more patches so will try the snap after that

xbipin · Jan 27, 2013, 2:07 PM

27th snap solved it