4. Bridging two ports for LAN

Bridging two ports for LAN

  • T

    Hi Everyone,

    In version 1.2.3 it was much more straight forward to bridge to LAN ports to use the same DHCP range. In 2.0 I am facing some issues. I have an Alix2D13 which has 3 ports with middle port assigned to WAN.

    vr0 is LAN and it has 192.168.0.0/24 DHCP enabled.
    I want vr2 to be bridged with LAN and allow clients to obtain DHCP from LAN DHCP.

    Can anyone please run me through the steps to do this?

    This is what I have done so far and failed to obtain DHCP:
    1- Verified vr0 provides DHCP
    2- Enabled vr2 with "none" set for "type" field
    3- Interface > Assign > Bridges > and added LAN + LAN2 (or vr0 + vr1)
    4- Added the new bridged interface to interface list
    5- Allowed ANY traffic on bridge interface

    Obtaining IP from vr0 works but vr2 still fails.

    Thanks,

    0
  • W

    Assign the bridge interface (bridge0) as LAN, then check DHCP is enabled on LAN.

    LAN should have IP address, vr0 and vr2 no IP address.

    On System-> Advanced, click on System Tunables tab and set the following tunables:

    • net.link.bridge.pfil_member  to 0 to disable filtering on the incoming and outgoing bridge member interfaces.

    • net.link.bridge.pfil_bridge  to 1 to enable filtering on the bridge interface

    Then you probably need to reset firewall states, see Diagnostics -> States and click on Reset States tab.

    0
  • Netgate Administrator

    If you have created the bridge before you set the system tunables you will have to reboot before the filtering change takes effect. (Or recreate the bridge)

    Edit: Thinking back I don't think I tried resetting the firewall state so perhaps that would do it. Let us know.

    Steve

    0
  • T

    Thanks for the input.

    @wallabybob:

    Assign the bridge interface (bridge0) as LAN, then check DHCP is enabled on LAN.

    hmmmm…how is that possible? I only see vr0 as my LAN. bridge0 stays as a bridge. Not interface. Even if I create it as an interface still I am not sure what you mean by assign bridge0 as LAN.

    @wallabybob:

    LAN should have IP address, vr0 and vr2 no IP address.

    I am not sure what you mean by LAN should have IP and not vr0 and vr2. vr0 is LAN for me. It's enabled and it has a static range to it which has DHCP turned on. vr2 is LAN2 for me and that is enabled but mode is set to "none" for ipv4 and ipv6.

    After enabling both interfaces, I add bridge0 by selecting both LAN and LAN2. I also did the filters as you suggested but it still didn't work.

    This was much easier in previous versions. Maybe it can be improved in another version to be a simple few click to do rather than getting into system tunable?!

    Thanks again,

    0
  • Netgate Administrator

    You can just reassign the LAN interface from the webgui in Interfaces: Assign network ports:
    Use the drop down to set LAN as bridge0. However there is a strong possibility that when you do that you will lock yourself out of the box. Make sure you have firewall rules in place so that doesn't happen, or some plan to get back in!
    See my post here, particularly the attached screenshots.

    The way bridges are controlled in 2.0.X is in fact better once you realise how it works, it's more flexible. However I agree it's confusingly different.  ;)

    Steve

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy