Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    No DHCP on one network port under bridge

    Scheduled Pinned Locked Moved
    General pfSense Questions
    bridge dhcp
    2
    3
    444
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bchan
      last edited by bchan

      Hi,

      I wish I can get some ideas here.

      My previous setting was as follow:
      LAN(igb1) -> Network Switch 1 (unmanaged for vlan1) -> Network Switch 2 (managed) (vlan1 & vlan67)
      Switch2 was daisy-chained to Switch 1.

      I wanted to make use of the idle igb2 to achieve the following:

      LAN (lan)       -> bridge0    -> v4: 192.168.1.1/24
WIREDLAN2 (opt1) -> igb2       ->
IOT (opt4)      -> igb1.67    -> v4: 192.168.67.1/24
WIREDLAN1 (opt5) -> igb1       ->
net.link.bridge.pfil_member: 0
net.link.bridge.pfil_bridge: 1

      Basically I was following the "reassign" instructions there:
      https://docs.netgate.com/pfsense/en/latest/book/bridging/bridging-and-interfaces.html.

      Then I connected igb1 to Switch 1 and igb2 to Switch 2. Unfortunately, anything on Switch 2 failed to get any ip.

      When I looked at the system log, I found

      Aug 23 15:07:23 	php-fpm 	7903 	/rc.linkup: Ignoring link event for bridge member without IP config
Aug 23 15:07:22 	check_reload_status 		Linkup starting igb2

      According to instructions, configuration type for Wiredlan1 (igb1) and Wiredlan2 (igb2) were set to None.
      I had tried adding rules for Wiredlan1 and WiredLan2 interface to allow all traffic but problem still persists.

      What am I missing in the configuration?

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        I assume you disconnected the link between switch 1 and switch 2 otherwise you would have created a loop.

        Check the firewall logs for blocked traffic.

        If you set the bridge sysclts after creating the bridge you would have to re-create the bridge or reboot.

        You might have firewall rules that refer to subnets that no-longer exist, like lan2net etc.

        DHCP requests are usually allowed by default but things can get a little more complex when you add a bridge.
        I assume you are still able to pull a dhcp lease on switch1 and on vlan67?

        Steve

        B 1 Reply Last reply Reply Quote 0
        • B
          bchan @stephenw10
          last edited by

          @stephenw10
          Thank Steve for your reply.
          Switch 2 was connected to igb2 and was not communicating.
          DHCP works correctly for both vlan1 and vlan67 on Switch 1, which connects to igb1.

          I had added rules to both LAN (bridge0) and WiredLAN2 (igb2) to log any rejected events but there were nothing when Switch 2 was plugged in/out igb2.

          Worst still, I started to observe about 0.5% errors out in LAN interface even with igb2 open. Snort was not reporting anything on LAN under the bridge config. These 2 factors are enough for me to pull back from this bridged config.

          Thanks again for your advice anyway.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post