4. Inter VLAN Routing Problem with Trunk Ports

Inter VLAN Routing Problem with Trunk Ports

  • S

    Hi,

    I am using pfSense since several years and have been very satisfied with it.
    Recently i started using Docker with macvlan driver and got some problems.
    First i thought it was a Docker problem, but when i configured a linux box with a trunk connection the same prolems arised.
    So i am suspecting the problem lies within pfsense now.

    My Setup:

    Problem:
    The Linux box (cnt-host) with a trunk port (VLAN1, VLAN10 and VLAN20 on the same NIC) is reaching the pfSense box on all configured Interfaces, and pfSense box is reaching all the Interfaces on cnt-host.
    But the Laptop is only reaching the Interface of cnt-host which is in the same VLAN (VLAN20) despite reaching all other (nativ) Devices in all the other VLANS (Firewall is configured to allow all for testing)

    Some more Details:

    cnt-host is a APU2 Hardware running Ubuntu and vlans are configured in /etc/network/interfaces.d/enp2s0

    auto enp2s0
iface enp2s0 inet dhcp

auto enp2s0.10
iface enp2s0.10 inet dhcp
    vlan-raw-device enp2s0

auto enp2s0.20
iface enp2s0.20 inet dhcp
    vlan-raw-device enp2s0

    
#ip addr
...
3: enp2s0: <broadcast,multicast,up,lower_up>mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0d:b9:45:84:49 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.50/24 brd 10.0.0.255 scope global enp2s0
       valid_lft forever preferred_lft forever
    inet6 fe80::20d:b9ff:fe45:8449/64 scope link 
       valid_lft forever preferred_lft forever
5: enp2s0.10@enp2s0: <broadcast,multicast,up,lower_up>mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:0d:b9:45:84:49 brd ff:ff:ff:ff:ff:ff
    inet 10.0.10.50/24 brd 10.0.10.255 scope global enp2s0.10
       valid_lft forever preferred_lft forever
    inet6 fe80::20d:b9ff:fe45:8449/64 scope link 
       valid_lft forever preferred_lft forever
6: enp2s0.20@enp2s0: <broadcast,multicast,up,lower_up>mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:0d:b9:45:84:49 brd ff:ff:ff:ff:ff:ff
    inet 10.0.20.50/24 brd 10.0.20.255 scope global enp2s0.20
       valid_lft forever preferred_lft forever
    inet6 fe80::20d:b9ff:fe45:8449/64 scope link 
       valid_lft forever preferred_lft forever
...</broadcast,multicast,up,lower_up></broadcast,multicast,up,lower_up></broadcast,multicast,up,lower_up>

    Some Diagnostics like Ping, ip route, arp, traceroute and more are listed here: https://gist.github.com/stif/6b7eb100cf4f51b5dbea3b6c5bc7e33b

    I dont know how to go on, and i am very grateful for any tips or hints on how to solve this issue.

    Kind Regards,
    Stefan

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy