1.2-RC3 Vlan creation issue

vantage

My Network:

WAN(em1) – pfsense (Carped pair) --- (em0)802.1Q tagged Cisco switch
                           
                            \ (em2)non tagged Cisco switch

Both ciscos are taggable. But I have only been using tagging on one (em0). The other has been a single /24 net (em2).

I am trying to add another vlan to the previously untagged switch. When I remove the IPs from the non tagged interface (em2) and create 2 vlans on that interface, I cannot get traffic to pass into any of those vlans. I am unable to even ping anything on either vlan from the firewall. I have incomplete arp entries for all of the live IPs on the vlan subnets. The vlan interfaces show outgoing traffic, but no incoming. All throughput ot all interfaces stops as well.
I tried to add another vlan to the interface (em0) that already has 2 802.1q vlans on it and all throughput stops. even when I haven't touched the untagged interface.

This device was set up under 1.0.1 and upgraded to 1.2-RC3. so the original interfaces were all created under 1.0.1.

Any thoughts?
What info can I provide?

# ifconfig -a
em0: flags=8943 <up,broadcast,running,promisc,simplex,multicast>mtu 1500
        options=b <rxcsum,txcsum,vlan_mtu>inet6 fe80::21b:21ff:fe08:3826%em0 prefixlen 64 scopeid 0x1 
        inet 192.168.100.2 netmask 0xfffffffc broadcast 192.168.100.3
        ether 00:1b:21:08:38:26
        media: Ethernet autoselect (1000baseTX <full-duplex>)
        status: active
em1: flags=8943 <up,broadcast,running,promisc,simplex,multicast>mtu 1500
        options=b <rxcsum,txcsum,vlan_mtu>inet XXX.XXX.174.5 netmask 0xfffffff8 broadcast 208.38.174.7
        inet6 fe80::21b:21ff:fe08:3827%em1 prefixlen 64 scopeid 0x2 
        ether 00:1b:21:08:38:27
        media: Ethernet autoselect (1000baseTX <full-duplex>)
        status: active
em2: flags=8943 <up,broadcast,running,promisc,simplex,multicast>mtu 1500
        options=b <rxcsum,txcsum,vlan_mtu>inet XXX.XXX.171.2 netmask 0xffffff00 broadcast 208.38.171.255
        inet6 fe80::230:48ff:fe8e:dffa%em2 prefixlen 64 scopeid 0x3 
        ether 00:30:48:8e:df:fa
        media: Ethernet autoselect (1000baseTX <full-duplex>)
        status: active
em3: flags=8843 <up,broadcast,running,simplex,multicast>mtu 1500
        options=b <rxcsum,txcsum,vlan_mtu>inet 192.168.1.1 netmask 0xfffffffc broadcast 192.168.1.3
        inet6 fe80::230:48ff:fe8e:dffb%em3 prefixlen 64 scopeid 0x4 
        ether 00:30:48:8e:df:fb
        media: Ethernet autoselect (1000baseTX <full-duplex>)
        status: active
pflog0: flags=100 <promisc>mtu 33208
enc0: flags=0<> mtu 1536
pfsync0: flags=41 <up,running>mtu 1348
        pfsync: syncdev: em3 syncpeer: 224.0.0.240 maxupd: 128
lo0: flags=8049 <up,loopback,running,multicast>mtu 16384
        inet 127.0.0.1 netmask 0xff000000 
        inet6 ::1 prefixlen 128 
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x8 
vlan0: flags=9943 <up,broadcast,running,promisc,simplex,link0,multicast>mtu 1500
        inet XXX.XXX.133.126 netmask 0xffffff80 broadcast 208.38.133.127
        inet6 fe80::21b:21ff:fe08:3826%vlan0 prefixlen 64 scopeid 0x9 
        ether 00:1b:21:08:38:26
        media: Ethernet autoselect (1000baseTX <full-duplex>)
        status: active
        vlan: 2 parent interface: em0
vlan1: flags=9943 <up,broadcast,running,promisc,simplex,link0,multicast>mtu 1500
        inet XXX.XXX.147.130 netmask 0xffffffe0 broadcast 208.38.147.159
        inet6 fe80::21b:21ff:fe08:3826%vlan1 prefixlen 64 scopeid 0xa 
        ether 00:1b:21:08:38:26
        media: Ethernet autoselect (1000baseTX <full-duplex>)
        status: active
        vlan: 3 parent interface: em0
carp0: flags=49 <up,loopback,running>mtu 1500
        inet XXX.XXX.171.1 netmask 0xffffff00 
        carp: MASTER vhid 2 advbase 1 advskew 0
carp1: flags=49 <up,loopback,running>mtu 1500
        inet XXX.XXX.174.4 netmask 0xfffffff8 
        carp: MASTER vhid 1 advbase 1 advskew 0
carp2: flags=49 <up,loopback,running>mtu 1500
        inet XXX.XXX.147.129 netmask 0xffffffe0 
        carp: MASTER vhid 4 advbase 1 advskew 0
carp3: flags=49 <up,loopback,running>mtu 1500
        inet XXX.XXX.133.125 netmask 0xffffff80 
        carp: MASTER vhid 3 advbase 1 advskew 0</up,loopback,running></up,loopback,running></up,loopback,running></up,loopback,running></full-duplex></up,broadcast,running,promisc,simplex,link0,multicast></full-duplex></up,broadcast,running,promisc,simplex,link0,multicast></up,loopback,running,multicast></up,running></promisc></full-duplex></rxcsum,txcsum,vlan_mtu></up,broadcast,running,simplex,multicast></full-duplex></rxcsum,txcsum,vlan_mtu></up,broadcast,running,promisc,simplex,multicast></full-duplex></rxcsum,txcsum,vlan_mtu></up,broadcast,running,promisc,simplex,multicast></full-duplex></rxcsum,txcsum,vlan_mtu></up,broadcast,running,promisc,simplex,multicast> 

HELP!!

I am down to 6 free IPs on the untagged LAN. I need to get another vlan up quickly.
Thanks.

Perry

Did you reboot after you created the vlan's?
Since so many things has change in the code after 1.01 a reinstall is better than a upgrade imo.

vantage

I may have not rebooted untill I was trying to get back to a working config.  I suppose that could have been the issue.

vantage

Rebooting didnt help.

I reinstalled on my failover device and added this config in at install time.

All is happy now.

Any ideas why I was unable to add a vlan?

cmb

So you're saying adding the VLANs to a running system didn't work, even after reboot, but restoring the same config onto a fresh install did work?

@vantage:

Any ideas why I was unable to add a vlan?

No clue, I did several VLAN setups in the past week testing the ALIX VLAN patch and never had a single issue. Some NICs/drivers require a reboot before VLANs will work properly but it seems you eliminated that as a possibility.

vantage

I manualy added the vlans to a fresh install. Then I synced the rule set and the aliases.  and it worked.

Seames very odd.  I am going to try adding vlans to the fresh installed box and see if I have a failure there .