Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Inter VLAN Routing Problem with Trunk Ports

    General pfSense Questions
    1
    1
    296
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      stif last edited by

      Hi,

      I am using pfSense since several years and have been very satisfied with it.
      Recently i started using Docker with macvlan driver and got some problems.
      First i thought it was a Docker problem, but when i configured a linux box with a trunk connection the same prolems arised.
      So i am suspecting the problem lies within pfsense now.

      My Setup:

      Problem:
      The Linux box (cnt-host) with a trunk port (VLAN1, VLAN10 and VLAN20 on the same NIC) is reaching the pfSense box on all configured Interfaces, and pfSense box is reaching all the Interfaces on cnt-host.
      But the Laptop is only reaching the Interface of cnt-host which is in the same VLAN (VLAN20) despite reaching all other (nativ) Devices in all the other VLANS (Firewall is configured to allow all for testing)

      Some more Details:

      cnt-host is a APU2 Hardware running Ubuntu and vlans are configured in /etc/network/interfaces.d/enp2s0

      auto enp2s0
iface enp2s0 inet dhcp

auto enp2s0.10
iface enp2s0.10 inet dhcp
    vlan-raw-device enp2s0

auto enp2s0.20
iface enp2s0.20 inet dhcp
    vlan-raw-device enp2s0

      
#ip addr
...
3: enp2s0: <broadcast,multicast,up,lower_up>mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0d:b9:45:84:49 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.50/24 brd 10.0.0.255 scope global enp2s0
       valid_lft forever preferred_lft forever
    inet6 fe80::20d:b9ff:fe45:8449/64 scope link 
       valid_lft forever preferred_lft forever
5: enp2s0.10@enp2s0: <broadcast,multicast,up,lower_up>mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:0d:b9:45:84:49 brd ff:ff:ff:ff:ff:ff
    inet 10.0.10.50/24 brd 10.0.10.255 scope global enp2s0.10
       valid_lft forever preferred_lft forever
    inet6 fe80::20d:b9ff:fe45:8449/64 scope link 
       valid_lft forever preferred_lft forever
6: enp2s0.20@enp2s0: <broadcast,multicast,up,lower_up>mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:0d:b9:45:84:49 brd ff:ff:ff:ff:ff:ff
    inet 10.0.20.50/24 brd 10.0.20.255 scope global enp2s0.20
       valid_lft forever preferred_lft forever
    inet6 fe80::20d:b9ff:fe45:8449/64 scope link 
       valid_lft forever preferred_lft forever
...</broadcast,multicast,up,lower_up></broadcast,multicast,up,lower_up></broadcast,multicast,up,lower_up>

      Some Diagnostics like Ping, ip route, arp, traceroute and more are listed here: https://gist.github.com/stif/6b7eb100cf4f51b5dbea3b6c5bc7e33b

      I dont know how to go on, and i am very grateful for any tips or hints on how to solve this issue.

      Kind Regards,
      Stefan

      1 Reply Last reply Reply Quote 0
      • First post
        Last post

      Products

      • Platform Overview
      • TNSR
      • pfSense
      • Appliances

      Services

      • Training
      • Professional Services

      Support

      • Subscription Plans
      • Contact Support
      • Product Lifecycle
      • Documentation

      News

      • Media Coverage
      • Press
      • Events

      Resources

      • Blog
      • FAQ
      • Find a Partner
      • Resource Library
      • Security Information

      Company

      • About Us
      • Careers
      • Partners
      • Contact Us
      • Legal
      Our Mission

      We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

      Subscribe to our Newsletter

      Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

      © 2021 Rubicon Communications, LLC | Privacy Policy