Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Bridge with filter to control broadcast

    Scheduled Pinned Locked Moved
    General pfSense Questions
    1
    2
    1.5k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      Navok
      last edited by

      Hi Guys,

      I'm trying to use pfsense as a "broadcast filter" in a routed Network. It seems to work, but after a time I get some problems I can't really explain.
      If searched in the forum for a similar problem, but didn't find anything.

      Friends and co-workers which also use pfsense couldn't help me. Maybe someone from the forum could help me.

      But let's start from the beginning:

      I have managed Layer 2 switch with 3 VLANS behind a Cisco Router tagged in the 3 VLANS which routes the 3 subnets.
      Now let's say, User1 in subnet1 creates a GameServer which listen on UDP Port 5555 and User2 in subnet2 starts the ingame browser and try to find the gameserver.
      This fails because the broadcast (255.255.255.255 DPORT 5555) isn't routed over the Cisco router.

      So I installed pfsense 2.0 disabled the WAN interface, created 3 Vlans on fxp0, connected this to the switch, enabeld filtering on bridge, disabled filtering on bridge members and created a RULE on bridge0 which allows UDP traffic from src an to dst 255.255.255.255 on Port 5555. After that User2 in subnetz2 could find the gameserver in Subnet1.

      Here a short diagram for a better understanding.

      
      .-------+------.    10.0.0.1/22      VLAN2
      |  Cisco Router |   10.0.10.1/24    VLAN3
      '-------+------'    10.0.20.1/24    VLAN4
                |
                | tagged VLAN 2,3,4 
                |
      .------+-------. 
      |   Switch     +-----------------------+--------- 10.0.0.x/22 VLAN2 ------ User 1 Gameserver (10.0.0.2)
      '------+-------'                       |
               |                             +--------- 10.0.10.x/24 VLAN3 ----- User 2 Game Client (10.0.10.2)
               |                             |
               |                             +--------- 10.0.20.x/24 VLAN4
               | tagged VLAN 2,3,4
               |
              fxp0
      .-------------.
      |   pfSense    | <--bridge0 over fxp0_vlan2,3,4
      '-------------'

      Now the problem: After a while (couldn't fix when) all traffic (even IP) from VLAN2 ,3, 4 want to flow over the bridge instead the router. Unplugging and plugging the FW fixes the problem for a time, but then after a time the problem appears again.

      Is this a BUG or an error in configuration? Hope somebody could help me. If you need more informations, please let me know.

      Best regards,
      Navok

      1 Reply Last reply Reply Quote 0
      • N
        Navok
        last edited by

        I solved the problem. Disabling CDP on the VLAN interfaces at the Cisco Router fixed the problem.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.