Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Bridge a port over vlan

    Scheduled Pinned Locked Moved General pfSense Questions
    8 Posts 2 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O Offline
      Ofloo
      last edited by

      I was wondering, I've got this pfsense router behind a NAT'ed modem/router, and i wanted to transport a lan port from that modem over a vlan, bridge it.

      How would I bridge such a lan port over a vlan to an other pfsense, .. is that even possible, .. and what do i need to enable in my network switch to enable such a thing, like stp, rstp, ..

      1 Reply Last reply Reply Quote 0
      • DerelictD Offline
        Derelict LAYER 8 Netgate
        last edited by

        I have no idea what you're actually wanting to do.  You know the drill.  Diagram.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • O Offline
          Ofloo
          last edited by

          Thank you for your patients, ..

          VR2-------------- BRIDGE enabled no IP's assigned
VR1_VLAN20---'

RE1_VLAN20: DHCP & DHCP6

          RE1_VLAN20 gets an IP assigned and IPv6 assigned, and ipv4 can connect to the Internet, however IPv6 for some reason doesn't seem to work.

          I can ping to the assigned IPv6 within my network between routers between clients even from different prefixes, however for some reason I can't make it reachable from the Internet, ..

          EDIT: I've ran tcpdump, the traffic is arriving on the pfsense2 router however for some reason it's not routed to the vlan20, however when I ping from pfsense2 to the same IPv6 it is routed to that IPv6?

          diagram.png
          diagram.png_thumb

          1 Reply Last reply Reply Quote 0
          • DerelictD Offline
            Derelict LAYER 8 Netgate
            last edited by

            Use an outside switch.

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • O Offline
              Ofloo
              last edited by

              I found the issue, again strange, ..

              so all the traffic goes as it should only the reply is fucked, .. I've added a static route to make 2a02:1810:118f❌:/56 use the vlan20. However it doesn't do that, it chooses to ignore that static rule and uses the default gateway of pfsense1 to reply.

              1 Reply Last reply Reply Quote 0
              • DerelictD Offline
                Derelict LAYER 8 Netgate
                last edited by

                Is your cable modem a router or a bridge?

                I still have no idea what you're trying to do.

                I still have absolutely no idea why you're trying to use a bridge there.

                What is this fascination with bridging interfaces?

                Chattanooga, Tennessee, USA
                A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                Do Not Chat For Help! NO_WAN_EGRESS(TM)

                1 Reply Last reply Reply Quote 0
                • O Offline
                  Ofloo
                  last edited by

                  Well, I want to balance traffic over IPv4 and IPv6, .. lets say you go to youtube.com. I'd like that traffic to go over the cable/modem. Yes the cable modem is a router, but not by choice though, the ISP delivered it like that. So I can setup port forwards and dmz and firewall rules on that modem, but that's it. However the ISP delivers IPv6 natively as well.

                  But in order for me to send traffic to the IPv6 of the cable modem, I apparently need an IPv6 of that modem on my main Pfsense, .. so I've setup a bridge all seems to be working the only issue I have, is that the for some reason, .. which is beyond me, it chooses to use the default gateway. Rather then the gateway set for the prefix.

                  Even if I set firewall rules to make all traffic go through the specific gateway, it still refuses to do so and chooses to use the default gateway.

                  1 Reply Last reply Reply Quote 0
                  • O Offline
                    Ofloo
                    last edited by

                    Just found the problem and made it work

                    System>Advanced>Firewall/Nat uncheck "Disable reply-to on WAN rules"

                    Now ping works and TCP and UDP.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.