PfSense stripping info on broadcasts?



  • Dear All,

    This is my first post in the forum. I've been using pfsense for years and never really needed to do much as everything's been working fine. Now i have a problem that i am really struggling to understand.

    I have a Zipatile (android) home automation unit that should communicate with a Doorbird IP doorbell. The Zipatile scans the IP range in the subnet hoping for an answer from the Doorbird. There is some sort of ONVIF setup for this.

    I get it to work by using a Asus home router behind my pfsense and having both network components on that router, but ofcourse i'd like to get this to function with pfsense.

    I've done some traces with wireshark, see attached screenshot. One observation I've made is that it seems that the pfSense router strips one byte of information from a Broadcast packet from the DoorBird.

    Anybody have an idea why pfSense does this?
    Any other tips that might lead to a solution?

    Hope someone has some ideas on this :)

    BR
    Takstein

    ![2018-03-27_10-43-47 - Copy.jpg](/public/imported_attachments/1/2018-03-27_10-43-47 - Copy.jpg)
    ![2018-03-27_10-43-47 - Copy.jpg_thumb](/public/imported_attachments/1/2018-03-27_10-43-47 - Copy.jpg_thumb)


  • Galactic Empire

    The Zipatile & Doorbird sit on different networks when you have pfSense in place?


  • Rebel Alliance Global Moderator

    Pfsense has ZERO to do with traffic between devices on the same L2 network.. ZERO..

    Your looking just looking at different broadcast traffic on these 2 networks. Broadcast traffic is not sent across a router!!!



  • @NogBadTheBad:

    The Zipatile & Doorbird sit on different networks when you have pfSense in place?

    No, they are on the same LAN. Which is why this is so strange..



  • @johnpoz:

    Pfsense has ZERO to do with traffic between devices on the same L2 network.. ZERO..

    Your looking just looking at different broadcast traffic on these 2 networks. Broadcast traffic is not sent across a router!!!

    Hi!

    That's what i would like to believe as well. But then i cannot explain why this works with the ASUS set up as a router (ofcourse it is the switch in that router on the L2 acting on the LAN) but not if i use pfsense as router and ASUS as a AP point??

    Did you see the wireshark picture? Any idea why one byte is stripped on one option and not on the other? I am using the exact same HW, just not utilizinpg pfsense on the option where the ASUS is setup as a router…


  • Galactic Empire

    Are both devices Wi-Fi or is one ethernet ?



  • @NogBadTheBad:

    Are both devices Wi-Fi or is one ethernet ?

    One is ethernet (poe) and one is wifi 2.4ghz!


  • Galactic Empire

    @Takstein:

    @NogBadTheBad:

    Are both devices Wi-Fi or is one ethernet ?

    One is ethernet (poe) and one is wifi 2.4ghz!

    Is there any way to connect both to Ethernet for testing, I think it's the Asus.

    You may be better off getting a decent AP rather than trying to use the Asus.



  • Did you do something stupid, like bridging some ports for a poor man's switch, instead of using a proper switch.

    Detail your network layout and configuration.



  • @NogBadTheBad:

    @Takstein:

    @NogBadTheBad:

    Are both devices Wi-Fi or is one ethernet ?

    One is ethernet (poe) and one is wifi 2.4ghz!

    Is there any way to connect both to Ethernet for testing, I think it's the Asus.

    You may be better off getting a decent AP rather than trying to use the Asus.

    This is usually on a TP link AP, i am just using the ASUS for testing.

    But i might be onto something now; i realized that i had made a firewall rule to allow any traffic internally but the protocol was set to TCD/UDP. Changed it to any and the discovery worked on pfsense as well. Still not 100% as i can still not go to the next step and add the doorbird unit but will try some hard resets and check again..

    Thank you for your help!



  • @Grimson:

    Did you do something stupid, like bridging some ports for a poor man's switch, instead of using a proper switch.

    Detail your network layout and configuration.

    i do a lot of stupid things probably but bridging ports is not one of them :)


  • Rebel Alliance Global Moderator

    You have 2 IP ranges shown 192.168.3 and 192.168.1 so your saying your using a 192.168.0/22 or larger network?  So it would include both of these networks..

    And all the clients are using this same mask..

    If you were using /16 lets say even - pfsense would have ZERO to do with traffic on this L2.. ZERO!!  Pfsense routes traffic at L3, it doesn't route L2 traffic.. So if your devices are in the same broadcast domain pfsense doesn't even touch this traffic.