ARP Table and Internet Issue

yupq6wlc79ts · Dec 29, 2021, 2:05 PM

@johnpoz ok, let me sanitize my actual xml and send it, it may give you an idea of my current setup?

johnpoz · Dec 29, 2021, 2:37 PM

@yupq6wlc79ts no offense but have no desire to comb through some xml looking for what you have described and shown already.

What exactly are you wanting to know. You have a bridge setup - not something I would recommend.. Have no idea why would even need such a setup, just use the switch ports on your AP for stuff you want in the lan. If you want to isolate stuff, then create a new network on one of your interfaces.

It not possible for you to see what you shown with your PC mac being in seen on 2 different interfaces unless it was bridged elsewhere on your network or you moved your pc. We have already determined that you did.

Now reboot your pc while it connected to optX.. Lets it just not possible for its mac to show up on the other interface - unless you have a bridge outside of pfsense. Which would have nothing to do with your pfsense config.

yupq6wlc79ts · Dec 29, 2021, 2:56 PM

@johnpoz Thank you so much for your help and providing insights, this was very helpful. I'll have to re-think my current setup based on what you mentioned but I have a good start now, again, thank you for your help.

stephenw10 · Dec 29, 2021, 3:18 PM

If you are going to use a bridged setup like that it's better to assign the bridge interface itself and put the static IP and DHCP server etc onto that.
https://docs.netgate.com/pfsense/en/latest/bridges/interfaces.html

Steve

johnpoz · Dec 29, 2021, 3:28 PM

@stephenw10 agreed, but I would argue its never "better" to bridge ;) hehehe

Not saying it doesn't have use cases.. But it should be the last freaking choice, and only as a stop gap measure until you can get the equipment needed not to do it ;)

If I was out of switch ports, and I could not disconnect something - and I had an extra port on pfsense. I would still prob just bring that up on its own network.. If I HAD to have it on the same L2 as xyz.. ok then setup a bridge. But this would only until I could either disconnect something and free up the switch port. Or my order for another switch or bigger switch came in ;)

Even in that scenario - I would most likely look for something I could move off the switch to an interface on pfsense that could be another network. So I could put this thing I needed on network xyz on the switch ;)