Tweet
Greetings Untangle Forum,
I could use some help getting a VLAN to work when multiple physical local network interfaces are bridged together.
Background:
I am a Home user of Untangle and network hobbyist. The backbone of my system is a Protectli Vault 6 port appliance to run Untangle, two Unifi APs for Wifi, and a few Netgear Plus managed switches. The first physical interface of the appliance is the WAN. The second physical interface is the LAN addressed to the 192.168.2.1/24 network with DHCP enabled. The “Config Type” of three physical interfaces (OPT1, OPT2, OPT3) are set to “Bridged” to the “LAN” interface to get additional physical ports. To be clear, when you read the wiki for Network Configuration, I am doing the bridging for “Additional Port”, and not “Standard Bridge Mode”. I use the remaining OPT4 as my Lab sandbox, with the physical interface addressed to the 192.168.200.1/24 network with DHCP enabled (not bridged to LAN).
I also have three 802.1q tagged VLAN addressed interfaces setup in Untangle: Guest (ID = 100), IoT (ID = 20), and Cameras (ID = 30). They all have the parent interface set to LAN. Their addresses are 192.168.xxxx.1/24, where xxx is the VLAN ID.
Within my Unifi Controller I have three Wifi networks: Default (VLAN ID = 1), Guest (VLAN ID = 100), and IoT. (VLAN ID = 20). The VLANs are working as expected through the Unifi APs; clients logging into the different Wifi networks get assigned the different networks defined in Untangle.
I recently purchased two PoE IP cameras. I started by uplinking them to my Untangle Lab interface (OPT4, not bridged) via a Netgear Plus PoE managed switch. This switched is configured to assign VLAN 30 to the two ports the cameras are connected to. When connected to my Lab interface, they get assigned a 192.168.30.xxx IP address as expected. This gives me confidence that the switch VLAN is configured properly.
Problem:
When I simply move the uplink of the Netgear Plus PoE managed switch from my Lab interface (OPT4, not bridged) to any of the other four bridged interfaces (LAN, OPT1, OPT2, OPT3), the Cameras VLAN (ID = 30) no longer works.
Side Note: It is odd to me that the clients with VLANs sourced from Unifi and connected to a bridged interface work fine, but clients sourced from the Netgear switch connected to a bridged interface do not.
A Bit More Information:
I have a different Protectli Vault 4 port appliance running the latest OPNSense. I defaulted it, setup WAN and LAN, created and setup VLAN 30, then walked through the OPNSense LAN Bridge Setup steps to bridge LAN and OPT1. Plugging the same Netgear Plus PoE managed switch into either bridged (LAN or OPT1) or un-bridged (OPT2) interfaces results in the client getting assigned the 192.168.30.xxx IP address as expected. This gives me further confidence that the switch is configured properly for VLAN 30, and it is something with Untangle.
FYI… the last steps of the OPNSense LAN Bridge Setup steps talk about needing to change some tunable parameters (net.link.bridge.pfil_member, net.link.bridge.pfil_bridge). I wonder if this is a clue to what may be the issue in Untangle.
I could use some help getting a VLAN to work when multiple physical local network interfaces are bridged together.
Background:
I am a Home user of Untangle and network hobbyist. The backbone of my system is a Protectli Vault 6 port appliance to run Untangle, two Unifi APs for Wifi, and a few Netgear Plus managed switches. The first physical interface of the appliance is the WAN. The second physical interface is the LAN addressed to the 192.168.2.1/24 network with DHCP enabled. The “Config Type” of three physical interfaces (OPT1, OPT2, OPT3) are set to “Bridged” to the “LAN” interface to get additional physical ports. To be clear, when you read the wiki for Network Configuration, I am doing the bridging for “Additional Port”, and not “Standard Bridge Mode”. I use the remaining OPT4 as my Lab sandbox, with the physical interface addressed to the 192.168.200.1/24 network with DHCP enabled (not bridged to LAN).
I also have three 802.1q tagged VLAN addressed interfaces setup in Untangle: Guest (ID = 100), IoT (ID = 20), and Cameras (ID = 30). They all have the parent interface set to LAN. Their addresses are 192.168.xxxx.1/24, where xxx is the VLAN ID.
Within my Unifi Controller I have three Wifi networks: Default (VLAN ID = 1), Guest (VLAN ID = 100), and IoT. (VLAN ID = 20). The VLANs are working as expected through the Unifi APs; clients logging into the different Wifi networks get assigned the different networks defined in Untangle.
I recently purchased two PoE IP cameras. I started by uplinking them to my Untangle Lab interface (OPT4, not bridged) via a Netgear Plus PoE managed switch. This switched is configured to assign VLAN 30 to the two ports the cameras are connected to. When connected to my Lab interface, they get assigned a 192.168.30.xxx IP address as expected. This gives me confidence that the switch VLAN is configured properly.
Problem:
When I simply move the uplink of the Netgear Plus PoE managed switch from my Lab interface (OPT4, not bridged) to any of the other four bridged interfaces (LAN, OPT1, OPT2, OPT3), the Cameras VLAN (ID = 30) no longer works.
Side Note: It is odd to me that the clients with VLANs sourced from Unifi and connected to a bridged interface work fine, but clients sourced from the Netgear switch connected to a bridged interface do not.
A Bit More Information:
I have a different Protectli Vault 4 port appliance running the latest OPNSense. I defaulted it, setup WAN and LAN, created and setup VLAN 30, then walked through the OPNSense LAN Bridge Setup steps to bridge LAN and OPT1. Plugging the same Netgear Plus PoE managed switch into either bridged (LAN or OPT1) or un-bridged (OPT2) interfaces results in the client getting assigned the 192.168.30.xxx IP address as expected. This gives me further confidence that the switch is configured properly for VLAN 30, and it is something with Untangle.
FYI… the last steps of the OPNSense LAN Bridge Setup steps talk about needing to change some tunable parameters (net.link.bridge.pfil_member, net.link.bridge.pfil_bridge). I wonder if this is a clue to what may be the issue in Untangle.
Comment