VLANs and PFsense
-
BUGS
Hardware-assisted VLAN processing is disabled by default. You can enable
it on an em interface using ifconfig(8).I'm not reading where that says its broken - just that the bug is that is comes disabled by default.
Of course, I've never gone in turning it on and off either… If the only bug you have is that it only works when Hardware-assist is on, then leave it off.
Does leaving it off give you a noticed performance hit?No, my system only works when vlan hardware tagging is turned OFF
It's on by default…I think they didn't trust hardware vlan tagging then and decided to turn it off by default.
Nowadays it's turned on by default.But now I would like to start drinking beers...
-
Why the heck are you referring to some 2009 thread regarding m0n0wall/FreeBSD 6.4? Additionally involving Xen? ::) :o
Still could not be bothered with replacing the Netgears with another switch brand to do some basic debugging?
I've done more debugging than I'm capable of writing here.
I have at least found a solution to my problem and I wasn't coming for a solution here…
You are all presuming too much.I'm not even sure I had these Netgear switches then (3 years ago). I still had a HP Procurve.
But let me guess... these are shite too?I have no problem using other brands of hardware like VoIP phones to walk through my network and go where I want them to go.
Only pfsense has a problem and that's solved by turning off vlan hardware tagging.
Again... maybe pfsense does things the proper way and all the other hardware the wrong way.
Maybe there is some user error when we finally find out.
But all of you already ruled out the option that it's indeed PFsense (FreeBSD) having issues with (certain) Intel cards.I'm off for my beers and try to resist coming back to this forum the next month.
I think I was able to stay away for more than 2 years the last time. -
I mean, instead of wasting days googling for completely irrelevant reasons why FreeBSD sucks…
- Try different NICs
- Try different switch
Instead of this very basic troubleshooting/diagnostics we repeatedly get tirades about DSL modem and laptops?!
-
We have several managed switches. All of them Netgear.
I have tried several NICs. They all didn't work and paid too much for it.
I am waiting now for that Netgate motherboard.
It has 4 NICs and 1 NIC I plan to dedicate to the 50 Mbit fibre.
I will of course test it first with my current config.And now I'm really gone…
-
OK, none of NICs worked. All switches Netgear… Either VLAN's HW tagging is completely broken for any NIC on FreeBSD, or Netgear is POS. Guess which is more likely.
-
model: GS108Tv2
boot: B5.1.0.2
revision: 5.0.5.10Case, if, but, and, there is a firmware revision 5.4.2.13 8)
-
Either VLAN's HW tagging is completely broken for any NIC on FreeBSD, or Netgear is POS. Guess which is more likely.
He won't hear you. Even if you'd tattoo it on his forehead he wouldn't.
Unfortunately, the Netgate won't solve his problem either for obvious reason. Go figure what he's doing then…Nature of a forum is that we're all talking at once.
Every time questions come too close to the Netgear switches he prefers to answer other posts instead.
We cannot "win" this thread unless we get someone on-site, swap-in another brand switch and show it is working (or solve other unrecognized problems).One of the other problems might be ground loops! He's connecting different buildings and only mentioned two fiber connections. Without proper isolation and unless this is a three building only campus it screams for ground loop problems. The L2/L3 problems might only be mediocre compared to L1...
-
@hda:
…there is a firmware revision 5.4.2.13
As I just wrote: every time we come close to his Netgear Babies he jumps on another post.
-
I haven't read this (just stumbled on it) and it mentions hardware vlan tagging:
http://wiki.wireshark.org/CaptureSetup/VLANWhich is why, for anything but the simplest of captures, I like to use a switch mirror port.
If you want to have a prayer at solving this problem, you need to consider the possibility that you are seeing a problem with the combination of your NIC and your switching gear. This is a combination apparently nobody else on the planet is experiencing, meaning it's unique to something about the way your network is rigged. Pretty much nobody else ever feels the need to touch vlanhwtag on em(4) NICs.
Considering you've tried multiple NICs and they all do the same thing…..
It might be as simple as another switch that accepts all VLANs tagged on two ports between the NIC and the netgear switch.
I presume all these switch ports also pass VLAN1 untagged to manage all these netgear switches. Or do they support a management VLAN? I know my GS108PE doesn't.
-
-
Can see 5.4.2.18 as latest. Overall, this looks like quality stuff, e.g. 5.0.5.10 release notes:
Fixed the problem that the device in management VLAN100 is not able to communicate with devices in other VLANs or other devices on the Internet after running over about 6 to 8 hours.
LULz?
