No DHCP on one network port under bridge
I wish I can get some ideas here.
My previous setting was as follow:
LAN(igb1) -> Network Switch 1 (unmanaged for vlan1) -> Network Switch 2 (managed) (vlan1 & vlan67)
Switch2 was daisy-chained to Switch 1.
I wanted to make use of the idle igb2 to achieve the following:
LAN (lan) -> bridge0 -> v4: 192.168.1.1/24 WIREDLAN2 (opt1) -> igb2 -> IOT (opt4) -> igb1.67 -> v4: 192.168.67.1/24 WIREDLAN1 (opt5) -> igb1 -> net.link.bridge.pfil_member: 0 net.link.bridge.pfil_bridge: 1
Basically I was following the "reassign" instructions there:
Then I connected igb1 to Switch 1 and igb2 to Switch 2. Unfortunately, anything on Switch 2 failed to get any ip.
When I looked at the system log, I found
Aug 23 15:07:23 php-fpm 7903 /rc.linkup: Ignoring link event for bridge member without IP config Aug 23 15:07:22 check_reload_status Linkup starting igb2
According to instructions, configuration type for Wiredlan1 (igb1) and Wiredlan2 (igb2) were set to None.
I had tried adding rules for Wiredlan1 and WiredLan2 interface to allow all traffic but problem still persists.
What am I missing in the configuration?
I assume you disconnected the link between switch 1 and switch 2 otherwise you would have created a loop.
Check the firewall logs for blocked traffic.
If you set the bridge sysclts after creating the bridge you would have to re-create the bridge or reboot.
You might have firewall rules that refer to subnets that no-longer exist, like lan2net etc.
DHCP requests are usually allowed by default but things can get a little more complex when you add a bridge.
I assume you are still able to pull a dhcp lease on switch1 and on vlan67?
Thank Steve for your reply.
Switch 2 was connected to igb2 and was not communicating.
DHCP works correctly for both vlan1 and vlan67 on Switch 1, which connects to igb1.
I had added rules to both LAN (bridge0) and WiredLAN2 (igb2) to log any rejected events but there were nothing when Switch 2 was plugged in/out igb2.
Worst still, I started to observe about 0.5% errors out in LAN interface even with igb2 open. Snort was not reporting anything on LAN under the bridge config. These 2 factors are enough for me to pull back from this bridged config.
Thanks again for your advice anyway.