Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    XG-7100 config switch for 8 single interfaces

    Scheduled Pinned Locked Moved Official Netgate® Hardware
    8 Posts 4 Posters 2.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pfwhatisthis
      last edited by

      I have a XG-7100 and the initial config has a WAN (ETH1) and LAN (ETH2-ETH8) and the two OPT1, 2 (IX Ports) as Interfaces.

      I changed the config to 8 individual Interfaces, i need those for CARP SYNC, 2nd WAN Gateway and so on.

      The Switch is configured with 8 VLAN Groups  - every Group contains their corresponding Port

      Interfaces/VLANs have then the corresponding VLAN tags and in interface assignments the corresponding Network ports.

      This config seams logic to me.

      I set up an CARP SYNC Interface with an static ip and an 3G WAN Interface with DHCP - both ports are not working -  I can not ping the SYNC interface of the second pfsense and i do not get an IP address for the 3G WAN port - so something in my switch config might be wrong.

      What can I try?
      ![Screen Shot 2018-04-10 at 22.09.30.png](/public/imported_attachments/1/Screen Shot 2018-04-10 at 22.09.30.png)
      ![Screen Shot 2018-04-10 at 22.09.30.png_thumb](/public/imported_attachments/1/Screen Shot 2018-04-10 at 22.09.30.png_thumb)
      ![Screen Shot 2018-04-10 at 22.09.41.png](/public/imported_attachments/1/Screen Shot 2018-04-10 at 22.09.41.png)
      ![Screen Shot 2018-04-10 at 22.09.41.png_thumb](/public/imported_attachments/1/Screen Shot 2018-04-10 at 22.09.41.png_thumb)
      ![Screen Shot 2018-04-10 at 22.09.51.png](/public/imported_attachments/1/Screen Shot 2018-04-10 at 22.09.51.png)
      ![Screen Shot 2018-04-10 at 22.09.51.png_thumb](/public/imported_attachments/1/Screen Shot 2018-04-10 at 22.09.51.png_thumb)
      ![Screen Shot 2018-04-10 at 22.10.06.png](/public/imported_attachments/1/Screen Shot 2018-04-10 at 22.10.06.png)
      ![Screen Shot 2018-04-10 at 22.10.06.png_thumb](/public/imported_attachments/1/Screen Shot 2018-04-10 at 22.10.06.png_thumb)
      ![Screen Shot 2018-04-10 at 22.13.48.png](/public/imported_attachments/1/Screen Shot 2018-04-10 at 22.13.48.png)
      ![Screen Shot 2018-04-10 at 22.13.48.png_thumb](/public/imported_attachments/1/Screen Shot 2018-04-10 at 22.13.48.png_thumb)

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        You showed everything we need to see I think except Interfaces > Switches, VLANs

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • P
          pfwhatisthis
          last edited by

          forgot to upload that pic ;-)

          ![Screen Shot 2018-04-10 at 22.38.09.png](/public/imported_attachments/1/Screen Shot 2018-04-10 at 22.38.09.png)
          ![Screen Shot 2018-04-10 at 22.38.09.png_thumb](/public/imported_attachments/1/Screen Shot 2018-04-10 at 22.38.09.png_thumb)

          1 Reply Last reply Reply Quote 0
          • DerelictD
            Derelict LAYER 8 Netgate
            last edited by

            VLANs 2003 - 2008 need to have 9T and 10T. They are currently VLANs that talk to nobody. You need to tag them on the uplink ports to get the traffic back to the pfSense (layer 3) VLAN interfaces.

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 1
            • P
              pfwhatisthis
              last edited by

              perfect! it worked - thank you!!!!

              1 Reply Last reply Reply Quote 0
              • G
                getitexpert
                last edited by

                Can you reupload your screenshots please.
                Im very interested how you solved the problem.

                Thanks.

                E 1 Reply Last reply Reply Quote 0
                • E
                  EmeraldDeer @getitexpert
                  last edited by

                  I just joined and have not purchased an XG-7100 yet. But the documentation of the Marvell switch at https://www.netgate.com/docs/pfsense/solutions/xg-7100/switch-overview.html#vlans might have been created after this thread was created. It may have the screen shots you are looking for. VLANs from the Marvell switch which need to talk to pfSense do so through ports 9 and 10 of the switch which are LAGGed to another two port LAGG on the Denverton SoC. This is facilitated in your configuration by adding 9t and 10t as members of each VLAN. I have not figured out yet what the "t" does. Perhaps it retags with the PVID of ports 9 and 10 which in the example is 1, which I thought is not recommended as a PVID in general.

                  1 Reply Last reply Reply Quote 0
                  • G
                    getitexpert
                    last edited by

                    After a short sleep in the night i solved the problem myself.
                    Forget to add the members 9T and 10T. :)

                    Thanks all.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.