Server gets DHCP IP not from the VLAN it should

left4apple · Jun 5, 2023, 4:35 AM

Update: Solved! Please see the first reply.

First, huge thanks for the effort of contributing the Intel I-225v driver!

I have a pfSense installation on a 4 NIC (Intel I-225V) mini-PC, versioning 2.6.0-RELEASE. I want to connect a managed-switch TP-Link SG108e to separate a public-accessible server, so apart from the normal CIDR range on that port(10.3.0.0/24) I added a VLAN2 under 192.168.2.1/24.

... then added an interface on VLAN2, with 192.168.2.1/24. Firewall rule was added to allow all traffic on VLAN2 and DHCP was also enabled with the correct range.

The managed switch is connected to pfSense via port 1. Port 8 is connected to the isolated server. Here's the setting in the managed switch(see item:

However, with this setting, the server receives 10.3.0.10 from DHCP, not from VLAN2. May I ask if there's anything wrong in my configuration?

I

left4apple · Jun 5, 2023, 4:36 AM

Update: This may not be a misconfiguration on pfSense side. I connected the isolated server directly to the pfSense port and created a VLAN2 on the server. It successfully got IP from VLAN2 DHCP server.

So maybe the problem is how I configured the managed switch? Completely no clue

Update 2: Solved! I forgot to set the PVID. It should match the VLAN ID on the port. Explained by ChatGPT:

When a frame comes into a port without a VLAN tag, the switch needs to know what VLAN that traffic should belong to. The PVID is the mechanism that does this. When the switch receives untagged traffic on a port, it assumes that the traffic belongs to the VLAN specified by the PVID for that port.