pfSense Forum

pfSense English Support => General Questions => Topic started by: marquezemark on February 09, 2018, 01:54:32 am

Title: VLAN trunk directly to laptop without using a managed switch
Post by: marquezemark on February 09, 2018, 01:54:32 am
Does anyone know if it is possible to create a trunk port between a VLAN enabled Opt (physical) port on a Protectli device connected directly to a VLAN enabled laptop NIC.   The Protectli is a purpose built device where I am running PFSENSE.

Below is the setup:

Protectli Opt3 port with VLAN20 and VLAN30 <==>  Laptop's Intel NIC with VLAN20 and VLAN30 and running VMWARE Workstation 11


My question is whether I will need a managed switch in order to set up a "trunked" port to the Opt3 PFSENSE port and a "trunked access port" for the laptop NIC, or is there some way to setup the Opt3 port on the PFSENSE device (Protectli) to act as a "trunked access port" thus allowing the trunk to work without needing a vlan enabled switch?  I'm trying to avoid having to purchase a VLAN enabled switch for this purpose. 

The scenario I am trying to avoid is shown below:

Protectli Opt3 port with VLAN20 and VLAN30 <==>  ((Trunked port) Switch (Trunked access port)) <==> Laptop's Intel NIC with VLAN20 and VLAN30 configured and running VMWARE Workstation 11

I'm also open to creative solutions such as using VyoS to simulate a trunked switch/bridged port if possible.

Any help is appreciated.





Title: Re: VLAN trunk directly to laptop without using a managed switch
Post by: NogBadTheBad on February 09, 2018, 02:27:31 am
You don't need a switch if the OS can understand vlan tags.

Have you tried it ?
Title: Re: VLAN trunk directly to laptop without using a managed switch
Post by: marquezemark on February 09, 2018, 04:36:40 am
I have tried the direct laptop NIC to Opt3 port configuration but I am not having any success.  I have created the VLANs directly on the Intel Adapter on my laptop and connected it to the Opt3 port on the Protectli. I've also added firewall rules on the VLAN interfaces on the PFSENSE to allow IP traffic. I have also explicitly allowed ICMP ping traffic to the VLAN interfaces so I can test but I have not had any success.  As a result, I started to wonder if I would need a VLAN enabled switch.  I had a similar VLAN setup in the past but I was using a virtualized version of PFSENSE and using a VMware ESXi vSwitch which had the VLANs configured.  Any suggestions?
Title: Re: VLAN trunk directly to laptop without using a managed switch
Post by: NogBadTheBad on February 09, 2018, 05:40:39 am
I run a Mac so probably not the best person to ask.

I've added vlan interfaces onto the primary untagged interface that connects my Mac to a switch trunk port, there's no reason for pfSense to act any differently.
Title: Re: VLAN trunk directly to laptop without using a managed switch
Post by: JKnott on February 09, 2018, 06:11:07 am
You don't need a switch if the OS can understand vlan tags.

Have you tried it ?

The hardware also has to support it.  One frustration I often have a work is a laptop computer that can't be configured for a VLAN.  My own ThinkPad is the same.  However, my desktop computer can be configured for VLANs.
Title: Re: VLAN trunk directly to laptop without using a managed switch
Post by: marquezemark on February 09, 2018, 08:55:28 am
Thanks for the responses everyone.  I went back and tried a different NIC and it works.  The Intel 1219-LM NIC is the issue.  I installed Intel's ANS driver software to enable multiple VLANS but it doesn't work correctly.  It even blue screened my Windows 10 Lenovo P51 at one point.  The Intel driver software at the URL below supposedly should allow multiple VLAN assignments on Win10 using the Intel 1219-LM NIC but I'm not having much success.

Intel ANS for Windows 10:
https://downloadcenter.intel.com/download/25016/Ethernet-Intel-Network-Adapter-Driver-for-Windows-10


I ended up testing with a Plugable USB3-E1000 NIC and specified the VLAN and it worked.  I'm currently working with Plugable to see if they have driver software similar to Intel's ANS so that I can assign multiple VLANs on the same NIC.  If anyone knows how please let me know.  I am using a Plugable USB3-E1000 running the latest drivers.  Plugable had me install the latest driver software located at https://plugable.com/drivers/asix/windows/latest/  but I still do not have the ability to create multiple VLAN's via the Plugable adapter's settings menu.