pfSense Gold Subscription

Author Topic: malfunctioning Ethernet bridge after 2.0.1 to 2.3.4 upgrade  (Read 167 times)

0 Members and 1 Guest are viewing this topic.

Offline adamw

  • Newbie
  • *
  • Posts: 19
  • Karma: +0/-0
    • View Profile
malfunctioning Ethernet bridge after 2.0.1 to 2.3.4 upgrade
« on: December 22, 2017, 10:47:38 am »
Hello,

I imported config from a remote firewall running 2.0.1 and imported it to one on my desk with freshly installed 2.3.4.
On the first web GUI login I was prompted to finalize setup so I accepted all the defaults which looked right.
My config is a fairly simple setup, no packages installed and just several rules in place.

The general idea is to hot swap the old version firewall with the new version.
Both run on the same hardware which is a small 3 port ALIX.2.

I'm limited in what I can test locally and also limited with comparing things between the two as the old one is in a distant remote location.

On the local one 2.3.4 I have a problem with LAN bridge.
My understanding is if I connect a laptop with the correct IP, mask and gateway to whichever of the 2 bridged ports I should be able to ping the gateway IP 192.168.69.1
If I connect 2 devices they should both be able to ping the gateway and also each other so the two ports work as a mini switch.

On the newer pfSense version connectivity only works on OPT1-LAN0-VR0 port but not OPT2-LAN1-VR1 (the other bridge member).

I have spotted some differences between the (same) config running on 2.0.1 and 2.3.4:

-----------------------------------------------------------------------------------------------------------------

*** Welcome to pfSense 2.0.1-RELEASE-nanobsd (i386) on xxx ***

  WAN (wan)                 -> vr2        -> 194.42.244.117
  LAN_BR (lan)              -> bridge0    -> 192.168.69.1
  LAN0 (opt1)               -> vr0        -> NONE
  LAN1 (opt2)               -> vr1        -> NONE


ifconfig:

vr0: NOIP
vr1: NOIP
vr2: xxx.xxx.xxx.xxx
pflog0:
lo0:
pfsync0:
enc0:
bridge0: 192.168.69.1

-----------------------------------------------------------------------------------------------------------------

*** Welcome to pfSense 2.3.4-RELEASE (i386 nanobsd) on xxx ***

 WAN (wan)       -> vr2        -> v4: xxx.xxx.xxx.xxx/xx
 LAN_BR (lan)    -> vr0        -> v4: 192.168.69.1/24
 LAN0 (opt1)     -> vr0        -> v4: 192.168.69.1/24
 LAN1 (opt2)     -> vr1        ->

ifconfig:

vr0: 192.168.69.1
vr1: NOIP
vr2: xxx.xxx.xxx.xxx
pflog0:
pfsync0:
enc0:
lo0:
bridge0: NOIP

-----------------------------------------------------------------------------------------------------------------

Can somebody explain why outputs look different between versions and the reason why it's not working on one of the member interfaces?
Because bridge0 has no IP assigned I have a suspicion it's not working at all.

Please advise.

Thanks
Adam
« Last Edit: December 22, 2017, 12:14:06 pm by adamw »

Offline adamw

  • Newbie
  • *
  • Posts: 19
  • Karma: +0/-0
    • View Profile
Re: malfunctioning Ethernet bridge after 2.0.1 to 2.3.4 upgrade
« Reply #1 on: December 28, 2017, 06:54:32 am »
Problem solved.

It looks like the bridge interface name was set incorrectly during the upgrade process:

Config on 2.0.1

      <lan>
         <enable/>
         <if>bridge0</if>
         <descr><![CDATA[LAN_BR]]></descr>
         <ipaddr>192.168.69.1</ipaddr>
         <subnet>24</subnet>
         <spoofmac/>
      </lan>

Same config on 2.3.4

      <lan>
         <enable></enable>
         <if>vr0</if>
         <descr><![CDATA[LAN_BR]]></descr>
         <ipaddr>192.168.69.1</ipaddr>
         <subnet>24</subnet>
         <spoofmac></spoofmac>
      </lan>

After correcting the value and rebooting the bridge is working as expected.

Can anybody explain it?
Is it a known bug / glitch?