WAN interface only passes traffic in promiscuous mode.

  • I am facing a strange problem, it is only by chance that I found the workaround mentioned in the title.

    I am running a "router on a stick" configuration.  I have a Cisco Catalyst 2950 Switch set up with port Fa 0/1 as a trunk to my pfSense box.  It carries 5 vlans to the box.  I am using 802.1Q, not ISL.

    The five vlans are
    vlan0- Tag 1 (LAN)
    vlan1- Tag 2 (modem/WAN)
    vlan2- Tag 112 (OPT1)
    vlan3- Tag 114 (Wireless/OPT2)
    vlan4- Tag 115 (Additional Wireless/OPT3)

    When I first started this configuration up I had internet connectivity for a very brief amount of time, then it went away.  When I started digging around to find out what was going on I went to the command line on the pfSense box and ran

    tcpdump -i vlan1

    and all of a sudden the

    ping -t www.google.com

    command that I had running on my laptop started working again.

    Further testing shows that anytime I have the vlan1  (WAN) Interface in promiscuous mode it is able to pass traffic without issue.

    It is possible that I do not have something configured right with the switch, but I doubt it since the network works as expected when this vlan1 interface is in promiscuous mode.

    I am running pfSense 1.2.2
    The WAN vlan interface is using a cloned MAC, all other vlan interfaces are using the MAC of the parent NIC, if that makes any difference.

    I know that anyone attempting to help me will probably need additional information.  If you do just let me know what you need and I'll provide it.  I'm almost to the point of exhaustion now though so I'm going to sleep.

    Thanks for any help in shedding some light on this.  Hopefully I have not discovered another driver issue.

  • Upgrade to 1.2.3 RC3.  There have been a lot of changes and fixes, including underlying freebsd stuff.

Log in to reply