2 interfaces via bridged interface cannot talk to each other



  • Hi,

    It seems the bridged interface between two physical ports cannot talk to each other. The set up I have is:

    em2 - LAN interface (set to none)
    em3 - WLAN interface (set to none; connected to wireless access point)

    I created a bridge between LAN and WLAN then created a new interface "Home" and selected bridge0. That interface is set as static and has a subnet - DHCP is set up for that interface as well.

    The machines on both LAN and WLAN are getting IP's and can access internet however the machine on WLAN cannot get to a machine on LAN. I've tried a couple things but to no avail. I'm not sure what I'm missing.

    Appreciate any help. Thanks.



  • @els:

    It seems the bridged interface between two physical ports cannot talk to each other.

    Works for me.

    @els:

    I created a bridge between LAN and WLAN then created a new interface "Home" and selected bridge0. That interface is set as static and has a subnet - DHCP is set up for that interface as well.

    DHCP is enabled on what other interfaces?

    @els:

    The machines on both LAN and WLAN are getting IP's and can access internet however the machine on WLAN cannot get to a machine on LAN. I've tried a couple things but to no avail.

    What is the IP address and network mask of the machine on WLAN?

    What is the IP address of the machine on LAN you are trying to get to?

    How are you attempting to get to the machine on LAN (ssh? telnet? ping? etc)?

    What is reported on that access attempt?



  • @wallabybob:

    DHCP is enabled on what other interfaces?

    DHCP is enabled for the "Home" interface (bridge0) and it is enabled for other interfaces as well but they are on different subnets. The "Home" interface is set to 192.168.100.65/27.

    @wallabybob:

    What is the IP address and network mask of the machine on WLAN?

    192.168.100.91, 255.255.255.224

    @wallabybob:

    What is the IP address of the machine on LAN you are trying to get to?

    192.168.100.89, 255.255.255.224

    @wallabybob:

    How are you attempting to get to the machine on LAN (ssh? telnet? ping? etc)?

    Just http

    @wallabybob:

    What is reported on that access attempt?

    Just that it cannot be found. The LAN and WLAN are on separate physical ports so I don't know if that's the problem and there's something I need to do config-wise. Machine on LAN can access another machine on LAN (via http). I should mention LAN (em2) and WLAN (em3) are assigned to VLAN3.


  • Netgate Administrator

    What firewall rules have you put in place?
    Presumably you have put in some rules because devices have internet access but you probably need rules to allow access to the other interfaces.

    Have you switched bridge filtering to the bridge interface?

    http://forum.pfsense.org/index.php/topic,48947.msg269592.html#msg269592

    Steve



  • Thanks wallabybob and stephenw10. The issue is resolved by updating the following in System Tunables:

    Change net.link.bridge.pfil_member to 0
    Change net.link.bridge.pfil_bridge to 1

    It would seem if I didn't change these, I'd need to set up rules to allow LAN "subnet" to access WLAN "subnet" and vice versa? Both interfaces are set as "None" and they both are essentially on the same subnet. I think I did set up such rule for WLAN interface to access LAN but that didn't work. I'm just curious if there's a way to get this to work if I choose to keep bridge filtering.


Locked