IPv6 Broadcasts since Bridge
-
Hi there,
I use a ALIX APU to provide some OpenVPN Connection to a provider like hidemyass. It's working really well!
Now I want to use re2 as "Switch-Port" for re1.So I created a new Interface for re2 (OPT1) and brigded it with LAN (Bridge = LAN, OPT1).
Set Firewall-Rule to allow OPT1 traffic.Works well!
But now I always get blocked IPv6 traffic although I disabled IPv6 on all Interfaces and OpenVPN connections
block/1000000105 Mar 7 20:10:39 LAN [fe80::c225:6ff:fec1:cd43]:42654 [ff02::c]:1900 UDP block/1000000105 Mar 7 20:10:39 bridge0 [fe80::c225:6ff:fec1:cd43]:42654 [ff02::c]:1900 UDP block/1000000105 Mar 7 20:10:39 LAN [fe80::c225:6ff:fec1:cd43]:42654 [ff02::c]:1900 UDP block/1000000105 Mar 7 20:11:20 LAN [fe80::c225:6ff:fec1:cd43]:42654 [ff02::c]:1900 UDP block/1000000105 Mar 7 20:11:20 bridge0 [fe80::c225:6ff:fec1:cd43]:42654 [ff02::c]:1900 UDP block/1000000105 Mar 7 20:11:20 LAN [fe80::c225:6ff:fec1:cd43]:42654 [ff02::c]:1900 UDP block/1000000105 Mar 7 20:11:25 LAN [fe80::c225:6ff:fec1:cd43]:42654 [ff02::c]:1900 UDP block/1000000105 Mar 7 20:11:25 bridge0 [fe80::c225:6ff:fec1:cd43]:42654 [ff02::c]:1900 UDP block/1000000105 Mar 7 20:11:25 LAN [fe80::c225:6ff:fec1:cd43]:42654 [ff02::c]:1900 UDP block/1000000105 Mar 7 20:11:30 LAN [fe80::c225:6ff:fec1:cd43]:42654 [ff02::c]:1900 UDP block/1000000105 Mar 7 20:11:30 bridge0 [fe80::c225:6ff:fec1:cd43]:42654 [ff02::c]:1900 UDP block/1000000105 Mar 7 20:11:30 LAN [fe80::c225:6ff:fec1:cd43]:42654 [ff02::c]:1900 UDP block/1000000105 Mar 7 20:11:35 LAN [fe80::c225:6ff:fec1:cd43]:42654 [ff02::c]:1900 UDP block/1000000105 Mar 7 20:11:35 bridge0 [fe80::c225:6ff:fec1:cd43]:42654 [ff02::c]:1900 UDP block/1000000105 Mar 7 20:11:35 LAN [fe80::c225:6ff:fec1:cd43]:42654 [ff02::c]:1900 UDP block/1000000105 Mar 7 20:11:40 LAN [fe80::c225:6ff:fec1:cd43]:42654 [ff02::c]:1900 UDP block/1000000105 Mar 7 20:11:40 bridge0 [fe80::c225:6ff:fec1:cd43]:42654 [ff02::c]:1900 UDP block/1000000105 Mar 7 20:11:40 LAN [fe80::c225:6ff:fec1:cd43]:42654 [ff02::c]:1900 UDP
-
"Now I want to use re2 as "Switch-Port" for re1."
Bad idea to be honest.
But yeah you got some device with link local fe80::c225:6ff:fec1:cd43 spewing SSDP or UPnP which what port 1900 is.. I would sniff and find the mac of what is sending it, track it down and make it stop..
-
"Now I want to use re2 as "Switch-Port" for re1."
Bad idea to be honest.
Why is that a bad idea? So should I created another subnet instead?
I just want to use the re2 port for my other devices.
re0 -> WAN
re1 -> Switch -> 5 Devices
re2 -> Switch -> 3 DevicesI'm kinda lazy to put the other 3 devices on my first switch because I dont want to change my cables.
-
pfSense is not a switch.
-
"I dont want to change my cables."
So you would rather setup a bridge… <rolleyes> WTF....
As derelict stated pfsense is not a switch.. If you want switch ports get switch.. Bridging ports does not a switch port make that is for damn sure!!</rolleyes>
-
Oh, okay. Thats true. pfSense is, like the name already says, a "packet firewall".
I'm sorry and I suggest every pfSense user NOT to bridge ports for "like a switch". Just don't do that.