System Hang with LACP + VLAN<->OpenVPN Bridge
-
At work we use Quickbooks for Mac, which is terrible and requires all machines to be in the same subnet to utilize its "server" feature. I suspect it uses mDNS or subnet broadcasts to advertise itself, I've not dug too deep into it.
In any case, for years I've been using pfSense + OpenVPN + Bridging to enable people to work remotely. On pfSense 2.1.5 it works great configured as follows:
-
4 Intel NICs all aggregated using LACP
-
All interfaces are on VLANs
-
OpenVPN in tap configuration (openvpn3, bound to interface QuickbooksVPN)
-
Quickbooks interface bound to VLAN xx, providing DHCP and connectivity for the Quickbooks server.
-
Bridge configured with default options with Quickbooks and QuickbooksVPN interfaces as members.
When I try this on 2.2, everything seems fine until I add the bridge. Within minutes of adding it, the entire machine locks up, and won't respond either at the physical console or even enough to maintain LACP membership. If I type something, it won't register until I unplug the keyboard, and then acts as if the entire input buffer is flushed at once. This trick only works once.
If I restart the box after it freezes, it will come up fine and appear to work until it freezes again, usually in under 3 minutes. If I quickly remove the bridge before the freeze, the box is stable as a rock.
Any ideas?
-
-
I managed to work around this by forgoing the pfSense bridge and just having the Quickbooks server connect to the same tap VPN as an OpenVPN client.
Still think my original approach should have continued working though, and that this is a bug.