Having Problems Setting Up VLAN's
-
I've only got a 4Mb connection , but I've had squid cache on a pfSense deliver over 700Megabit/second so I'm making sure to use gig Ethernet. That's why I'm not keen on the PC Card 10/100 NIC's.
I picked the Latitude is because I had it lying around for a while and it's worthless due to screen problems, missing keys on the keyboard and broken plastic panels, yet it's still a decent powerful machine that's optimised to use low power and has it's own UPS.
I could spend a little more than it will cost for the dock + pro MT on a newer latitude E Series with Intel NIC that I'm guessing would give me no headache, but I like the idea of turning something that otherwise will probably be scrapped into a very high spec router.
-
I was thinking use the Trendnet card on the WAN. WAN will not be fast enough to bother it.
That would free up your onboard network interface to use with a switch. So, you would have no bottlenecks anywhere.
However, that gives you 1 WAN / 1 LAN
Gigabit through and through between PFsense and the clients (Your built in port is GB right?)BUT - No real possibility of expanding beyond a simple 1 WAN 1 LAN and switches setup. (Unless you figure out VLAN later)
-
True, but I've just managed to set it up as desired in ESXi. Hopefully it performs well.
Bonus - hopefully I can run another VM with nagios.
-
On a Latitude D620?
I'm surprised thats enough machine to do that well. Cool. -
So you got VLANs working on the hardware using esxi? Must be a config/driver problem in pfSense then.
Running virtualised is probably a good option for your 4Mbps connection, your C2D is unlikely to run above idle almost any time.Steve
-
Spoke too soon again. Setup in ESXi worked much better, but kept getting random packet loss on the WAN side.
I'm guessing the FreeBSD bge0 driver has big problems with VLAN's and whatever ESXi uses works a little better but still not perfect.
Looks like I'll have to wait for the docking station and quad port mt.
-
You could still try disabling hardware vlan tagging. There loads of reports of NICs reporting capabilities they don't fully or correctly support. Surprised to see it from a Broadcom NIC though. I believe the command to do it would be:
ifconfig bge0 -vlanhwtagSteve
-
Thanks Steve although I read the bge driver doesn't support disabling hardware vlan.
Anyway just thought I would report back, thought I would forget about VLAN's and got a docking bay with intel MT dual port, still getting intermittent packet loss on WAN. Using ifconfig I realised the Draytek modem I had plugged straight into one of the MT ports only connected at 10Mb!
Connected them via a managed switch instead and noticed the Draytek only connected at half duplex! Locked the switch port to full duplex and it all started behaving itself.
I'm wondering if duplex mismatch was the problem all along - but I currently have run out of patience to try messing around any further. However my gut feeling is the the ESXi config was perfect but the native install may not have been working right.
I'll see if I've regained the will to mess around further next week to see if we can determine throughput with one port VLAN'ed.
-
A duplex auto-negotiation failure can cause all sorts of weird and wonderful issues. Normally it reduces throughput to a crawl though. Sounds like a promising lead. ;)
Steve
-
That seems to have done the trick except that every few days however it looses pppoe connection and fails to reconnect (normally reconnects quickly). Need to setup a syslog server to determine what's going on there.
However, I was thinking it would be nice to have a direct connection between the modem and pfSense to free up the managed switch for other purposes. Unfortunately the modem doesn't have facility to set autonegotiation/duplex so I thought I would do it on pfSense.
If I use
ifconfig em0 media 100baseTX mediaopt full-duplex
at command line and then unplug/replug the wan network lead it works, but if I follow the instructions on this page it doesn't http://doc.pfsense.org/index.php/Forcing_Interface_Speed_or_Duplex_SettingsI suspect this is because the <wan>section in my config.xml describes a pppoe interface rather than the em0 interface I am trying to configure.
I do realise the "proper" thing to do when autonegotiation fails and we can only set one device is to set half duplex on that device but forcing fdx is working fine with this equipment.
I could really do with something that will persist after reboots, but my *nix skills are very limited - I would be very grateful for any suggestions.</wan>
-
Setup another interface on em0 and set it as type 'none'. Then set the speed and duplex on that instead.
Steve
-
Perfect!
Just tried it out and rebooted and the change has stuck.
Thanks a million for all your advise :)
