Problem with pppoe over vlan
-
@stephenw10 said in Problem with pppoe over vlan:
Hmm, I can't replicate that. Though interestingly the box I'm testing on (my home edge device) has all its interfaces, including pppoe, as VLANs on the same lagg0 parent. You might expect it to force a vlan reload in the situation but it does not....
Its strange because I have nothing special here and i have not made any change to the pfsense Installation - its a simply firewall-router with a few packages (see signature). The vlan7 on the pppoe is required by the Internet-Provider.
HmmmmPS. Until a few weeks I have used my pfsense without vlan7 thats why the problem had not occured in the past (I suppose).
PPS. I have now, made an extra check of the patch pppoe-patch
and it confirms that the patch is allready on the system. -
On other test systems where I have VLANs on different parent interfaces they are not rebuilt:
Aug 18 14:10:46 check_reload_status 425 Syncing firewall Aug 18 14:10:53 check_reload_status 425 Restarting ipsec tunnels Aug 18 14:10:56 check_reload_status 425 updating dyndns lan Aug 18 14:10:58 check_reload_status 425 Reloading filterThat's resaving LAN with no changes.....
Either not all that patch code is in your system somehow or you config is triggering the VLAN rebuild with something. Hmm
-
@stephenw10 said in Problem with pppoe over vlan:
On other test systems where I have VLANs on different parent interfaces they are not rebuilt:
Aug 18 14:10:46 check_reload_status 425 Syncing firewall Aug 18 14:10:53 check_reload_status 425 Restarting ipsec tunnels Aug 18 14:10:56 check_reload_status 425 updating dyndns lan Aug 18 14:10:58 check_reload_status 425 Reloading filterThat's resaving LAN with no changes.....
Either not all that patch code is in your system somehow or you config is triggering the VLAN rebuild with something. Hmm
Hi Steve, would you mind to send me your interfaces.inc and interfaces.php? Thanks a lot!
-
Hmm, one thing I notice here is that the igb0 link goes down when you saved that. That would not normally happen if you save an interface without changing anything.
I assume igb0 is your LAN there? What settings do you have on that interface?Steve
-
@stephenw10 said in Problem with pppoe over vlan:
Hmm, one thing I notice here is that the igb0 link goes down when you saved that. That would not normally happen if you save an interface without changing anything.
I assume igb0 is your LAN there? What settings do you have on that interface?Steve
Look:
I also downloaded the original files from github
https://github.com/pfsense/pfsense/blob/RELENG_2_4_5/src/etc/inc/interfaces.inc
https://github.com/pfsense/pfsense/blob/RELENG_2_4_5/src/usr/local/www/interfaces.php
and have compared with mine and they are identical.
-
Do you have Snort or Suricata running? That can cause interfaces to reconnect sometimes. In in-line mode perhaps.
If you assign/enable igb1 does that also go down/up when you resave LAN?
Steve
-
@stephenw10 said in Problem with pppoe over vlan:
Do you have Snort or Suricata running? That can cause interfaces to reconnect sometimes. In in-line mode perhaps.
Yes, i have Snort but not in in-line mode.
If you assign/enable igb1 does that also go down/up when you resave LAN?
igb1 is assigned to vlan7 and to pppoe ...
Steve
PS. Its only the vlan that get renewed, igb1 is left untouched.
In conclusion - when settings are applied (in my case) on LAN (igb0) or WiFi (ath0_wlan0) only the vlan gets affected! (When applying settings on LAN (igb0) its normal that igb0 go down/up) -
Right, but I'm saying if you assign igb1 as a new interface and enable it with no config but just so it's up does that also go down when you make a change. That would explain why the vlan is rebuilt, but not why igb1 goes down.
Steve
-
@stephenw10 said in Problem with pppoe over vlan:
Right, but I'm saying if you assign igb1 as a new interface and enable it with no config but just so it's up does that also go down when you make a change. That would explain why the vlan is rebuilt, but not why igb1 goes down.
Steve
Yes it also goes down, here the dmesg output:
igb1: link state changed to DOWN
igb1.7: link state changed to DOWN
igb1: link state changed to UP
igb1.7: link state changed to UP
vlan0: changing name to 'igb1.7'PS. Maybe its helpful to know that my system was continuously updatet from 2.4.3 (I'm using pfsense longer but 2.4.3 was a fresh install with config recovery)
PPS. Another Idea: Snort needs interfaces in promiscuous mode - could that be a possible culprit?
-
Mmm, exactly Snort applies promiscuous mode when it starts.
What happens if you just restart Snort?
What interfaces do you have Snort running on?
It looks like the VLAN here is correctly being recreated because the parent interface is brought down. That's why I can't replicate it here. I'll try with Snort....
Steve
-
@stephenw10 said in Problem with pppoe over vlan:
Mmm, exactly Snort applies promiscuous mode when it starts.
What happens if you just restart Snort?
Snort restarts without any issue.
What interfaces do you have Snort running on?
WAN interface only.
It looks like the VLAN here is correctly being recreated because the parent interface is brought down. That's why I can't replicate it here. I'll try with Snort....
Thanks, a lot!
Here are all the pkgs I use: Cron, iftop, iperf, LCDproc, nmap, pfBlockerNG-devel, RRD_Summary, Shellcmd, snort
-
Hmm, I can't replicate seeing the NIC link go down however I try to apply it....
-
@stephenw10 said in Problem with pppoe over vlan:
Hmm, I can't replicate seeing the NIC link go down however I try to apply it....
I crashed myself my head - I have no clou where to set the axe ... definitiv clear is that every time I save a interface (without any changes) (LAN or WIFI or the OPT2 igb1-temporary created) the vlan gets remade ... and that kills the pppoe!
-
Yup. I see it it happening for you I just can't re-create it here...yet.
-
@stephenw10 said in Problem with pppoe over vlan:
Yup. I see it it happening for you I just can't re-create it here...yet.
Thanks for not giving up!
-
-
No I've been unable to replicate it. Something you have set there is causing the NIC to flap and I'm not sure what.
We might need to review your config somehow...Steve
-
@stephenw10 said in Problem with pppoe over vlan:
No I've been unable to replicate it. Something you have set there is causing the NIC to flap and I'm not sure what.
We might need to review your config somehow...Steve
OK, understood!
Thanks anyway!
fireodo -
This post is deleted! -
BTW: I set up a identical machine (APU2C0) with a fresh pfsense 2.4.5-RELEASE-p1 with no other packages and the behavior is exactly like my productive pfsense. Saving the LAN(igb0) or the WIFI(ath0_wlan0) interface without any changes made, make the vlan to be remade! (Vlan is on igb1). Anyway seems I have to live with it
