How to get pfSense WAN to accept VLAN 0
-
It's based on 12.3 now but that doesn't mean it will be.
The dhclient accepting vlan0 tagged packets doesn't address the fact that igb/em doesn't pass the packets to it. Otherwise the netgraph workaround would still work in 2.6.
AT&T is whole different problem. That's very unlikely to ever be supported natively.
Steve
-
Steve,
I would be happy if we can at least get this working for frontier. -
I just loaded some old hardware with current version of opnsense and it works like a charm. No netgraph script necessary. The interface drivers were re0 and em0. DO YOU HEAR THAT NETGATE!
I have frontier fiber. -
@michaellacroix said in How to get pfSense WAN to accept VLAN 0:
I just loaded some old hardware with current version of opnsense and it works like a charm. No netgraph script necessary. The interface drivers were re0 and em0. DO YOU HEAR THAT NETGATE!
I have frontier fiber.Michael,
I think the big challenge for PFS is actually the intel NICs (igb/em) as previously mentioned by steveSteve,
Please correct me if I am wrong... -
@michaellacroix said in How to get pfSense WAN to accept VLAN 0:
I just loaded some old hardware with current version of opnsense and it works like a charm. No netgraph script necessary. The interface drivers were re0 and em0. DO YOU HEAR THAT NETGATE!
I have frontier fiber.Just for clarification if others read this thread:
OPNsense is currently based on FreeBSD 13 while pfSense is using 12.3-STABLE. The OPNsense team had a number of growing pains with that move to FreeBSD 13. They continue to still have a few. There seems to be quite a few changes around VLANs in particular with FreeBSD 13.
So a willy-nilly jump to FreeBSD 13 may result in more bugs than fixes. The pfSense team will get there for sure, but they tend to be a bit more deliberate when making FreeBSD major version moves. If I recall the timeline correctly, the OPNsense team abandoned Hardened FreeBSD (11, I think) and jumped over to FreeBSD 13.
There are differences in the NIC drivers as you change among the FreeBSD versions.
-
In that note, my guess we just have to wait patiently...when the cake is fully bake we will eat it. :-)
-
...when the cake is fully bake we will eat it
yum. save me a piece!
-
@cucu007
Not really, please keep in mind this discussion was started for the issue of PFS not being able to grab an IP from DHCP on the WAN interface because of the vlan tag.
I poked the bear because netgate hid behind freebsd about this issue when they could have easily built something into the application to handle the traffic. Now we know when pfs goes to freebsd 13 issue resolved and that will be a sweet peice of cake... -
@michaellacroix said in How to get pfSense WAN to accept VLAN 0:
I just loaded some old hardware with current version of opnsense and it works like a charm. No netgraph script necessary. The interface drivers were re0 and em0. DO YOU HEAR THAT NETGATE!
I have frontier fiber.To be clear that was using em0 as the WAN interface?
That implies the driver issue there is fixed in FreeBSD 13 and will be inherited when we move to it.Steve
-
Let me double check Steve, I believe I was using emo as the wan interface but I will verify.
thanks -
@michaellacroix is this an issue with ix? I'm getting frontier in a couple weeks (2gig) and I assume it'll have the same problem. I have an Intel x520-da2.
If it is a problem with pfsense, could I put a mikrotik switch in front of it to strip the tag?
Thanks!
-
@schwiing Doesn't matter what equipment you have because frontier tags their internet connection you will either need to put a switch between your pfs router and ONT or use the netgraph script. Somewhere in this forum are directions to use netgraph. That's what I use.
-
@michaellacroix I'm open to either method. Does netgraph work with 22.05 or did/do you have to downgrade to 2.6 or below?
-
@schwiing I'm using 22.05 and it works great. If you look back in this forum I did run into a problem upgrading from 2.6 to 22.05 and needed to remove a couple of lines from the script. But other than that it works great.
-
@michaellacroix said in How to get pfSense WAN to accept VLAN 0:
@schwiing I'm using 22.05 and it works great. If you look back in this forum I did run into a problem upgrading from 2.6 to 22.05 and needed to remove a couple of lines from the script. But other than that it works great.
Thanks. That gives me some hope.
This is what my script looks like (Let me know if I did it right [the MAC is for my WAN port in PFsense):
https://pastebin.com/LMJhVphx
Do I still need to change my WAN from "ix0" to "ngeth0"? If so, how do I do that?
-
@schwiing Script looks good. Once you run the script you will have an option in the interface assignments section of pfs to change the adapter interface to netgraph
-
@michaellacroix Here is the original github for the netgraph instructions. We only need to worry about the vlan tagging.
https://github.com/MonkWho/pfatt
-
Yeah ix should work with the script. The regression in 2.6 is in the e1000 driver, so em and igb NICs.
-
@michaellacroix Thanks, and sorry for all of the questions so far. I really appreciate the help.
So I don't need the Mac or interface of the ONT itself in the script right (despite the labels in the script?) I put my pfsense wan nic MAC in the script.
Also, regarding the change to ngeth0 is that done in the GUI after rebooting with the script installed or in CLI?
-
@schwiing Correct, you only need the mac and wan of pfs in script.
The change is done in the GUI and and you dont need to reboot. Once the script runs you will see the ngeth option for the wan interface. Make sure you use shecmd to run script on reboots as to lose the interface.
