How to get pfSense WAN to accept VLAN 0
-
Just got Frontier Fiber installed today (2Gig Service). Hooked the FRX523 to my PFsense router and it got an IP immediately. No need to strip the tag. I did have a few weird speed tests (940/920, 200/600) but after that it's been almost consistent with 2.5/2.5G.
Not that this is extremely useful here, but it's a data point nonetheless.
-
In 2.6 or 2.7-dev?
-
@stephenw10 in 22.05. My thought is just that Frontier isn't using Vlan0 here. But I'm also not entirely sure one way or the other aside from the result. Is there a way for me to check?
-
I took a pcap a couple of weeks ago and the vlan 0 tag was there. I also have frontier in CT. Are you familiar with wireshark?
-
Yes, it would fail in 22.05 if they were tagging. You can run a packet capture on WAN for port 68 and then renew the dhcp lease. If you then view it at full detail you will see any tagging in the replies.
Steve
-
I'm familiar with Wireshark but have only run it once and that was a long time ago. I may need some help to figure that one out.
I'm sure there's some good guides on the web though. Can report back once I figure it out
-
Stephens idea is better to use pfsense built-in packet capture.
-
-
I always enable promiscuous mode to be sure but that shouldn't be required here. I won't hurt either.
-
@stephenw10 Ok. I ran a packet capture and renewed WAN + relinquished my lease. Didn't get an IP back so I had to reboot the ONT, after which I got an IP back. Stopped the capture and got a .cap file. Here's what it says (masked my IP):
07:44:40.852150 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300
07:44:41.370617 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300
07:44:43.018973 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300
07:44:54.521561 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300
07:44:55.069179 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300
07:44:56.103103 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300
07:44:57.061862 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300
07:44:59.010410 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300
07:45:03.113370 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300
07:45:03.131465 IP xx.xx.xx.1.67 > xx.xx.xx.xx.68: UDP, length 300
07:45:07.694198 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300
07:45:07.731435 IP xx.xx.xx.1.67 > xx.xx.xx.xx.68: UDP, length 300Did I do it right? Can't really tell.
-
Yes, now change the detail level to full and hit 'view capture'. Scroll down to the replies and see if there are any tags.
-
@stephenw10 Ah, i didn't set it to full before - good catch.
Apologies for the dumb question but, what does the tag look like? What term should I search for?
-
Like I showed above, here.
Where is shows
vlan 0, p 4,
That's priority tagged as 4. -
@stephenw10 I don't see the term "vlan" anywhere in that packet capture. My guess (if I did it correctly) is that it's not tagged.
-
Yeah, I'd be amazed if it was and still worked in 22.05. Good to check though.
-
@stephenw10 thanks for guiding me through it.
-
I'll check my frontier 2gig service tonight and report back
-
@michaellacroix Sounds good.
-
@stephenw10 Steve, do you need me to check something? I am one of those stuck under 22.5 and working, everything else did not work as you can see in all my other posts. :-)
-
I can confirm as of this morning, College Station, TX still wants vlan0.
11:34:03.435271 00:00:00:00:00:00 > 00:00:00:00:00:00, ethertype 802.1Q (0x8100), length 60: vlan 0, p 0, ethertype IPv4, (tos 0x0, ttl 246, id 54321, offset 0, flags [none], proto TCP (6), length 40)
xxx.xxx.xxx.72.50650 > xx.xxx.xxx.xxx.3050: Flags [S], cksum 0x8ea1 (correct), seq 1903919664, win 65535, length 0