Problem with pppoe over vlan
-
@stephenw10 said in Problem with pppoe over vlan:
On other test systems where I have VLANs on different parent interfaces they are not rebuilt:
Aug 18 14:10:46 check_reload_status 425 Syncing firewall Aug 18 14:10:53 check_reload_status 425 Restarting ipsec tunnels Aug 18 14:10:56 check_reload_status 425 updating dyndns lan Aug 18 14:10:58 check_reload_status 425 Reloading filterThat's resaving LAN with no changes.....
Either not all that patch code is in your system somehow or you config is triggering the VLAN rebuild with something. Hmm
Hi Steve, would you mind to send me your interfaces.inc and interfaces.php? Thanks a lot!
-
Hmm, one thing I notice here is that the igb0 link goes down when you saved that. That would not normally happen if you save an interface without changing anything.
I assume igb0 is your LAN there? What settings do you have on that interface?Steve
-
@stephenw10 said in Problem with pppoe over vlan:
Hmm, one thing I notice here is that the igb0 link goes down when you saved that. That would not normally happen if you save an interface without changing anything.
I assume igb0 is your LAN there? What settings do you have on that interface?Steve
Look:
I also downloaded the original files from github
https://github.com/pfsense/pfsense/blob/RELENG_2_4_5/src/etc/inc/interfaces.inc
https://github.com/pfsense/pfsense/blob/RELENG_2_4_5/src/usr/local/www/interfaces.php
and have compared with mine and they are identical.
-
Do you have Snort or Suricata running? That can cause interfaces to reconnect sometimes. In in-line mode perhaps.
If you assign/enable igb1 does that also go down/up when you resave LAN?
Steve
-
@stephenw10 said in Problem with pppoe over vlan:
Do you have Snort or Suricata running? That can cause interfaces to reconnect sometimes. In in-line mode perhaps.
Yes, i have Snort but not in in-line mode.
If you assign/enable igb1 does that also go down/up when you resave LAN?
igb1 is assigned to vlan7 and to pppoe ...
Steve
PS. Its only the vlan that get renewed, igb1 is left untouched.
In conclusion - when settings are applied (in my case) on LAN (igb0) or WiFi (ath0_wlan0) only the vlan gets affected! (When applying settings on LAN (igb0) its normal that igb0 go down/up) -
Right, but I'm saying if you assign igb1 as a new interface and enable it with no config but just so it's up does that also go down when you make a change. That would explain why the vlan is rebuilt, but not why igb1 goes down.
Steve
-
@stephenw10 said in Problem with pppoe over vlan:
Right, but I'm saying if you assign igb1 as a new interface and enable it with no config but just so it's up does that also go down when you make a change. That would explain why the vlan is rebuilt, but not why igb1 goes down.
Steve
Yes it also goes down, here the dmesg output:
igb1: link state changed to DOWN
igb1.7: link state changed to DOWN
igb1: link state changed to UP
igb1.7: link state changed to UP
vlan0: changing name to 'igb1.7'PS. Maybe its helpful to know that my system was continuously updatet from 2.4.3 (I'm using pfsense longer but 2.4.3 was a fresh install with config recovery)
PPS. Another Idea: Snort needs interfaces in promiscuous mode - could that be a possible culprit?
-
Mmm, exactly Snort applies promiscuous mode when it starts.
What happens if you just restart Snort?
What interfaces do you have Snort running on?
It looks like the VLAN here is correctly being recreated because the parent interface is brought down. That's why I can't replicate it here. I'll try with Snort....
Steve
-
@stephenw10 said in Problem with pppoe over vlan:
Mmm, exactly Snort applies promiscuous mode when it starts.
What happens if you just restart Snort?
Snort restarts without any issue.
What interfaces do you have Snort running on?
WAN interface only.
It looks like the VLAN here is correctly being recreated because the parent interface is brought down. That's why I can't replicate it here. I'll try with Snort....
Thanks, a lot!
Here are all the pkgs I use: Cron, iftop, iperf, LCDproc, nmap, pfBlockerNG-devel, RRD_Summary, Shellcmd, snort
-
Hmm, I can't replicate seeing the NIC link go down however I try to apply it....
-
@stephenw10 said in Problem with pppoe over vlan:
Hmm, I can't replicate seeing the NIC link go down however I try to apply it....
I crashed myself my head - I have no clou where to set the axe ... definitiv clear is that every time I save a interface (without any changes) (LAN or WIFI or the OPT2 igb1-temporary created) the vlan gets remade ... and that kills the pppoe!
-
Yup. I see it it happening for you I just can't re-create it here...yet.
-
@stephenw10 said in Problem with pppoe over vlan:
Yup. I see it it happening for you I just can't re-create it here...yet.
Thanks for not giving up!
-
-
No I've been unable to replicate it. Something you have set there is causing the NIC to flap and I'm not sure what.
We might need to review your config somehow...Steve
-
@stephenw10 said in Problem with pppoe over vlan:
No I've been unable to replicate it. Something you have set there is causing the NIC to flap and I'm not sure what.
We might need to review your config somehow...Steve
OK, understood!
Thanks anyway!
fireodo -
This post is deleted! -
BTW: I set up a identical machine (APU2C0) with a fresh pfsense 2.4.5-RELEASE-p1 with no other packages and the behavior is exactly like my productive pfsense. Saving the LAN(igb0) or the WIFI(ath0_wlan0) interface without any changes made, make the vlan to be remade! (Vlan is on igb1). Anyway seems I have to live with it
-
Hmm, wondering if it's because of the bridge maybe... Though without igb1 in the bridge you would not expect that to hit WAN...
-
@stephenw10 said in Problem with pppoe over vlan:
Hmm, wondering if it's because of the bridge maybe... Though without igb1 in the bridge you would not expect that to hit WAN...
igb1 is not in the bridge. The bridge is between LAN (igb0) and WIFI (ath0_wlan0). igb1 has no interface assign on it (only the vdsl-modem is connected to it) and is only parent for vlan7 and pppoe connects via vlan7.
Regards and fine weekend,
fireodo
