Hi,
I've seen this (kind of) subject in various threads, but did not find the right information to solve my problem.
I'm using FreeNAS and have a jail which I would like to have access to a VLAN.
Situation:
- At the host I have a lacp trunk with untagged traffic and tagged VLAN 1;
- At this host I made a vlan1 interface which has lagg0 as parent interface;
- I've put this vlan1 together with epair4a in bridge0;
- epair4b ends in the jail.
Config at host (I removed non-relevant info):
Config at jail:
Working:
- From outside my machine, I can ping on VLAN 1 to my host (192.168.1.80) (as well as the other way round);
- I can ping within my machine from host to jail (192.168.1.80 to 192.168.1.70);
Not working:
- I cannot ping from my jail on VLAN 1 to/from outside (i.e. to/from 192.168.1.70).
Did I miss anything? I think that maybe I need to strip the VLAN 1 header in the bridge and then pass it onto epair4a/b, but I'm not sure.
Hope someone can help, thanks in advance.
I've seen this (kind of) subject in various threads, but did not find the right information to solve my problem.
I'm using FreeNAS and have a jail which I would like to have access to a VLAN.
Situation:
- At the host I have a lacp trunk with untagged traffic and tagged VLAN 1;
- At this host I made a vlan1 interface which has lagg0 as parent interface;
- I've put this vlan1 together with epair4a in bridge0;
- epair4b ends in the jail.
Config at host (I removed non-relevant info):
Code:
[root@nas003] ~# ifconfig
igb0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=400b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWTSO>
ether d0:50:99:5a:fb:12
nd6 options=9<PERFORMNUD,IFDISABLED>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
igb1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=400b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWTSO>
ether d0:50:99:5a:fb:12
nd6 options=9<PERFORMNUD,IFDISABLED>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
ipfw0: flags=8800<SIMPLEX,MULTICAST> metric 0 mtu 65536
nd6 options=9<PERFORMNUD,IFDISABLED>
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5
inet 127.0.0.1 netmask 0xff000000
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
lagg0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=400b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWTSO>
ether d0:50:99:5a:fb:12
inet 172.16.11.60 netmask 0xffffff00 broadcast 172.16.11.255
nd6 options=9<PERFORMNUD,IFDISABLED>
media: Ethernet autoselect
status: active
laggproto lacp lagghash l2,l3,l4
laggport: igb1 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>
laggport: igb0 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>
vlan1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether d0:50:99:5a:fb:12
inet 192.168.1.80 netmask 0xffffff00 broadcast 192.168.1.255
nd6 options=9<PERFORMNUD,IFDISABLED>
media: Ethernet autoselect
status: active
vlan: 1 parent interface: lagg0
epair4a: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:85:18:00:0c:0a
nd6 options=1<PERFORMNUD>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
bridge1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 02:17:d5:ef:cb:01
nd6 options=9<PERFORMNUD,IFDISABLED>
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: epair4a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 12 priority 128 path cost 2000
member: vlan1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 16 priority 128 path cost 55Config at jail:
Code:
root@ubiquiti:/ # ifconfig
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
inet 127.0.0.1 netmask 0xff000000
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
epair4b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:85:18:00:13:0b
inet 192.168.1.70 netmask 0xffffff00 broadcast 255.255.255.0
nd6 options=9<PERFORMNUD,IFDISABLED>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: activeWorking:
- From outside my machine, I can ping on VLAN 1 to my host (192.168.1.80) (as well as the other way round);
- I can ping within my machine from host to jail (192.168.1.80 to 192.168.1.70);
Not working:
- I cannot ping from my jail on VLAN 1 to/from outside (i.e. to/from 192.168.1.70).
Did I miss anything? I think that maybe I need to strip the VLAN 1 header in the bridge and then pass it onto epair4a/b, but I'm not sure.
Hope someone can help, thanks in advance.
