VLAN tag on WAN not working
-
Hmm, frustrating!
If you can use a actual mirror port on a switch that will show for certain that packet are being tagged correctly.
I have no reason think they would not be however, VLANs are used extensively with igb NICs.
Steve
-
finally had time to do some more testing.
- i did a clean install (twice) on the BRIX (re0) with 2.3.5 and can consistently get an dhcp IP
- clean install 2.3.5 on the Qotom (igb0) dit not work
- reset'ed back to default and old Firebox (sk0) with 2.4.1 also got the dhcp IP
- clean install 2.3.5 on an PC-Engines APU2C4 (igb0) did not work
- put a smart switch (TP-Link) between router and fiber converter on port 1 and 2 and set them to PVID 128
- both draytek and pfsense can then connect without any problems
- comparing the packets from pfsense qotom going to ISP with and without the smart switch in between, both packets are identical except for datagram protocol checksum.
but this doesn't help me, because i still don't know what's causing the problem. i can see the packets with vlan id 128 tagged going through the tp-link switch. but since i don't have any packets that are coming in not through the tp-link switch, i can't compare packets to see if anything is different. i am new to vlan, managed switches, so if i shoudl set it up differently for capturring, please let me know.
how can i use the smart switch to capture raw packets coming in? i.e. the raw packets that are responding to the DHCP Dicover coming from pfsense without setting PVID 128 on port 1 and 2? without PVID i could not get an IP from the isp testing both with teh Qotom and Draytek.
-
Did you disable checksum off-loading in System > Advanced > Networking?
You can probably configure a mirror port on the switch to send all the packets going to/from the ISP to a capture device.
Steve
