Questions regarding VLANs
-
I would recommend not assigning a VLAN parent interface if possible but not because it would break the config in some way. If you have parent (untagged) interface assigned then any traffic from VLANs that is incorrectly untagged somewhere can end up on that interface with unexpected results. If it's unassigned that is just dropped. So it makes the network less vulnerable to VLAN misconfiguration on a switch or a cable incorrectly connected.
But that should and does work fine with correctly configured VLANs. So something else has happened in your case to make the config invalid.Did you show an alert that the config had rolled back?
Or a ZFS BE rolled back?
Steve
-
@stephenw10 said in Questions regarding VLANs:
I would recommend not assigning a VLAN parent interface if possible but not because it would break the config in some way. If you have parent (untagged) interface assigned then any traffic from VLANs that is incorrectly untagged somewhere can end up on that interface with unexpected results. If it's unassigned that is just dropped. So it makes the network less vulnerable to VLAN misconfiguration on a switch or a cable incorrectly connected.
But that should and does work fine with correctly configured VLANs. So something else has happened in your case to make the config invalid.Did you show an alert that the config had rolled back?
Or a ZFS BE rolled back?
Steve
I just rebooted again and it boots straight into the Interface configuration wizard, wont continue until interfaces are configured again.
-
@deanfourie Are you still running virtually?
-
It should show above that wizard which interface is in the config but not present on the system. That's the only reason it should end up there.
-
@Bob-Dig no I am running on a physical appliance
-
@stephenw10 yes it is it displays only the 4 physical interfaces. Igb1 2 3 and 0.
Does not show any vlans however the vlans are available to choose from when assigning the interfaces.
It’s so strange, I tried to replicate last night on a vm, but I cannot.
-
Ok but it would usually specifically show which interface it thinks is missing. VLANs don't count, they are not in the interface check process along with other sub-interface types.
-
@stephenw10 oh ok, then no interfaces are missing. It shows all available interfaces. There are 4 physical and it shows igb1, igb2, igb3 and igb0
-
You should only ever end up at the interface assign prompt if there is an interface in the config that isn't present in the system. And when that happens it should list the missing intrerfaces.
For example if I break it deliberately:
Warning: Configuration references interfaces that do not exist: em0 Network interface mismatch -- Running interface assignment option. Valid interfaces are: igc0 00:08:a2:12:e2:cc (down) Intel(R) Ethernet Controller I226-V igc1 00:08:a2:12:e2:cd (down) Intel(R) Ethernet Controller I226-V igc2 00:08:a2:12:e2:ce (down) Intel(R) Ethernet Controller I226-V igc3 00:08:a2:12:e2:cf (up) Intel(R) Ethernet Controller I226-V ix0 00:08:a2:12:e2:ca (down) Intel(R) X553 N (SFP+) ix1 00:08:a2:12:e2:cb (up) Intel(R) X553 N (SFP+) ix2 00:08:a2:12:e2:c9 (up) Intel(R) X553 (1GbE) ix3 00:08:a2:12:e2:c8 (up) Intel(R) X553 (1GbE) Do VLANs need to be set up first? If VLANs will not be used, or only for optional interfaces, it is typical to say no here and use the webConfigurator to configure VLANs later, if required. Should VLANs be set up now [y|n]?
Do you not see that?
-
@stephenw10 Ok yes I just did another reboot and here what I get.
Welcome to Netgate pfSense Plus 23.09.1-RELEASE... Checking dump device /dev/gpt/swap1 for crash dumps ... no crash dumps on /dev/gpt/swap1. ...ELF ldconfig path: /lib /usr/lib /usr/lib/compat /usr/local/lib /usr/local/lib/compat/pkg /usr/local/lib/compat/pkg /usr/local/lib/ipsec /usr/local/lib/perl5/5.34/mach/CORE 32-bit compatibility ldconfig path: done. 3368 >>> Removing vital flag from php82...done. External config loader 1.0 is now starting... ada0p1 ada0p2 ada0p3 ada0p4 Launching the init system...Updating CPU Microcode... CPU: Intel(R) Atom(TM) Processor E3930 @ 1.30GHz (1286.40-MHz K8-class CPU) Origin="GenuineIntel" Id=0x506c9 Family=0x6 Model=0x5c Stepping=9 Features=0xbfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE> Features2=0x4ff8ebb7<SSE3,PCLMULQDQ,DTES64,DS_CPL,VMX,EST,TM2,SSSE3,SDBG,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,TSCDLT,AESNI,XSAVE,OSXSAVE,RDRAND> AMD Features=0x2c100800<SYSCALL,NX,Page1GB,RDTSCP,LM> AMD Features2=0x101<LAHF,Prefetch> Structured Extended Features=0x2294e283<FSGSBASE,TSCADJ,SMEP,ERMS,NFPUSG,MPX,PQE,RDSEED,SMAP,CLFLUSHOPT,PROCTRACE,SHA> Structured Extended Features3=0x2c000400<MD_CLEAR,IBPB,STIBP,ARCH_CAP> XSAVE Features=0xf<XSAVEOPT,XSAVEC,XINUSE,XSAVES> IA32_ARCH_CAPS=0xc79<RDCL_NO,SKIP_L1DFL_VME,SSB_NO,MDS_NO> VT-x: PAT,HLT,MTF,PAUSE,EPT,UG,VPID,VID,PostIntr TSC: P-state invariant, performance statistics Done. done. Initializing................... done. Starting device manager (devd)...ichsmb0: <Intel Broxton SMBus controller> port 0xf040-0xf05f mem 0x91412000-0x914120ff at device 31.1 on pci0 pcib0: no PRT entry for 0.31.INTA ichsmb0: can't get IRQ device_attach: ichsmb0 attach returned 6 done. Loading configuration....done. Updating configuration...done. Warning: Configuration references interfaces that do not exist: tailscale0 Network interface mismatch -- Running interface assignment option. Valid interfaces are: igb0 7c:5a:1c:d8:55:4f (down) Intel(R) I211 (Copper) igb1 7c:5a:1c:d8:55:4c (down) Intel(R) I211 (Copper) igb2 7c:5a:1c:d8:55:4d (down) Intel(R) I211 (Copper) igb3 7c:5a:1c:d8:55:4e (down) Intel(R) I211 (Copper) Do VLANs need to be set up first? If VLANs will not be used, or only for optional interfaces, it is typical to say no here and use the webConfigurator to configure VLANs later, if required. Should VLANs be set up now [y|n]? igb1: link state changed to UP igb2: link state changed to UP 2024-10-05T13:45:52.208007+13:00 - php-fpm 405 - - /rc.linkup: Ignoring link event during boot sequence. 2024-10-05T13:45:52.733778+13:00 - php-fpm 405 - - /rc.linkup: Ignoring link event during boot sequence.
-
Ah damn, so its the tailscale0 interface messing things up? Not sure how I missed this.
I assume this is because Tailscale has not yet started, and therefor has not yet created the interface.
Is there a way around this?
-
Aha. Yes that's because tailscale isn't present at that point but you have assigned it as an interface. But tailscale should never be assigned.
You should unassign it.
https://redmine.pfsense.org/issues/14780