How can I verify VLAN support for my NIC?
-
"The re driver provides support for various NICs based on the RealTek RTL8139C+, RTL8169, RTL816xS, RTL811xS, RTL8168, RTL810xE and RTL8111 PCI and PCIe Ethernet controllers." - https://www.freebsd.org
Can I infer full support (VLAN tagging) for my RTL8111GR would be included under 'RTL8111' in that driver?
Is there somewhere I can verify that pfSense 2.4.4_p1 is including this support in it's kernel too?
I'm having trouble using VLANs in pfSense and a router to punt on managed switching. Here is the router config thus far:
ethernet eth0 { address 192.168.0.1/24 duplex auto speed auto } ethernet eth1 { description WAN duplex auto speed auto } ethernet eth2 { description LAN duplex auto speed auto } ethernet eth3 { description OPT1 duplex auto speed auto } ethernet eth4 { description TRUNK duplex auto poe { output off } speed auto } loopback lo { } switch switch0 { description SWITCH mtu 1500 switch-port { interface eth1 { vlan { pvid 10 } } interface eth2 { vlan { pvid 100 } } interface eth3 { vlan { pvid 200 } } interface eth4 { vlan { vid 10 vid 100 vid 200 } } vlan-aware enable } -
Yeah have fun with vlans and unifi stuff..
why are you using their edge router if you have pfsense?
Do a ifconfig on your pfsense.. What does it show your nic supports?
-
Why use the ER-X? The machine only has the onboard NIC atm. I'm disabled so anyway I can save money has to be leveraged. Plus, I figure it's a good excuse to try to learn more about VLANs and hairpinning.
I'm not sure what I would be looking for in the interface data..? Seems to include options for VLANs..?
The site won't let me include the ifconfig (it's marking my post as spam), so you can find it here: pastebin
-
Your options clearly show VLAN support
My question is why are you using unifi router if you have pfsense?
What does hairpinning have to do with vlans? Other than yeah intervlan traffic between 2 vlans on the same physical interface would be a hairpin ;)
What exactly are you wanting to do? Where is your pvid on eth4.. What vlan would traffic that shows up untagged on eth4 be put in?
How exactly do you have this stuff physically connected? So this eth4 is connected to what interface on pfsense and how do you have it configured.. Lets see your pfsense vlan setup for the interface your eth4 of your router is connect too. You have those 3 vlan IDs setup?
What exactly is not working?
Have you sniffed on pfsense port and validated traffic has tags? You can do that with tcpdump -e on pfsense.Why exactly would you need to send these 3 vlans over to pfsense? If you have a router already... Just confused at what exactly your trying to accomplish if you already have a router? And how is this all connected.. You trying to leverage your edge router as a switch?
If you want pfsense to be a downstream router to your edge router, then you would only connect psfense to the other router via a transit network... Not trunking 3 vlans over to it, etc.
Please draw up the vision of your network.
-
That's what I've been trying to setup. I added PVID 1 to eth4. I've tried just about every interface configuration on pfSense I could imagine tbh. I can get all the interfaces connected but can't get the PPPoE to connect. It occurs to me...do I have to setup another transparent bridge to eth4 (or is that what you mean by transit network)? How would that be added to the config, if so?
-
that makes ZERO sense.. So you want a vlan switch not router!! Replace yoru edge router with a SWITCH!!
Or just put pfsense in place of that edge router.. Why would you be using a router as switch?
-
@johnpoz Like I said, I'm disabled and am on a fixed income. I don't have a managed switch but I did have the ER-X already. Using the ER-X as a switch is not unusual (I've read all kinds of threads to that effect). If you're offering a managed switch though I'd be happy to use it.
-
Dude a switch cost $30... Save up your pennies vs trying to do such nonsense..
I love that term fixed income - dude we are ALL fixed income.. Do you think I get a raise every other week? Do you think anyone does?
Sell your USG - you can get more than enough to buy a actual switch that does vlans.. Your trying to use a screwdriver to hit a nail..
-
@johnpoz I love that you want to compare Social Security Disability (which is well under minimum wage) to income from any employer.
-
My point is they are "FIXED"
Someone below poverty shouldn't be playing with this sort of stuff ;) If you can not afford the correct equipment, then find a cheaper hobby!
Not saying you need to go spend 3k... They are BRAND new for $30 anywhere...
Here
https://www.ebay.com/itm/Dell-PowerConnect-2824-24-Port-Managed-Ethernet-Switch-Gigabit-SFP-/36251498183310$ for a 24 port...
Sorry crying POOR when you have a USGp3 and a computer to run pfsense sent on, a bridge - and clearly internet..
You have NO need of pfsense, or even the electric run the computer its on.. You should prob find a NEW hobby.. if you can not spend the couple of bucks needed to buy the appropriate tools..
Your usg is a layer 3 router, its not a layer 2 switch. If you want to play with pfsense as your hobby and break out networks then give up something for the amount of time you need to give it up to afford the "TOY" you want to play with.
You might be able to bridge those interfaces.. But how you going to correctly handle the tags, etc. Use the CORRECT TOOL!!!
-
What you're doing there should work if the edge router passes the VLANs correctly between the ports. My understanding is that it has some sort of "switch mode" that should enable that but I've never used one.
Are you seeing traffic between the other VLANs correctly?
Have you ever used the PPPoE connection with the modem bridged like that before? Like does it require a VLAN maybe?
Steve
-
I need to do some more checking but so far it looks like it's moving VLAN traffic correctly.
The PPPoE requirements are weird b/c CenturyLink's configuration on their consumer modems have a VLAN ("PTM Tagged - VLAN 201") but whenever I enter that on the ER-X or my old pfSense box it won't connect (otherwise connecting is no issue on either device).
I think my problem is I need to figure out if including a PPPoE client interface in their VLAN aware switch is possible or a way to transparent bridge between eth1 and eth4. This may be a lost cause but I'm not entirely convinced this isn't feasible yet.
At a minimum, I continue to learn tangential things along the path. :)
I've run through a couple of wizards on the ER-X to study the configs they generate. Hopefully I can get some ideas from those.
-
here
https://help.ubnt.com/hc/en-us/articles/217990978-EdgeRouter-Configure-an-EdgeRouter-as-a-Layer-2-SwitchWhat a waste of actual router..
-
Ok so either the modem or pfSense is going to have to configure VLAN 201 for the PPPoE connection to succeed I imagine.
If pfSense is doing so then the edge router will have to pass that traffic tagged to the modem.
Steve
-
@stephenw10 Ya. I'm working on how on to setup firewall rules to port forward PPPoE within a level 3 switch but using the router to move it across interfaces. It's been like a decade since I've done stuff like this so I'm rusty. :)
-
If you haven't tried it yet I would try connecting pfSense directly to the modem to be sure the PPPoE link comes up as expected. That will verify the VLAN tag required. (or not required).
Once that's known to work then try to get it passing through the edge router.Steve
-
@stephenw10 The VLAN info for the PPPoE isn't required on other devices. My current pfSense box and the ER-X work fine without it.
-
Ah, well then it shouldn't be required through the edge router either. Just a matter of getting it to pass the traffic.
Steve
