https://redmine.pfsense.org/https://redmine.pfsense.org/favicon.ico?16780521162023-03-25T19:43:57ZpfSense bugtrackerpfSense - Bug #14083: Adding MSS and MTU values on XG-7100 WAN interface breaks the network connectivity on the firewall https://redmine.pfsense.org/issues/14083?journal_id=663242023-03-25T19:43:57ZJordan G
<ul></ul><p>confirmed on 7100 running 23.01 - after setting mtu/mss and rebooting system receives and displays IP on WAN in console but gui cannot be reached and ping test from console reports sendto: network is down, trying to ping from a different host returns destination host unreachable.</p> pfSense - Bug #14083: Adding MSS and MTU values on XG-7100 WAN interface breaks the network connectivity on the firewall https://redmine.pfsense.org/issues/14083?journal_id=665342023-04-03T07:59:17ZJim Pingle
<ul><li><strong>Project</strong> changed from <i>pfSense</i> to <i>pfSense Plus</i></li><li><strong>Category</strong> changed from <i>Interfaces</i> to <i>Interfaces</i></li><li><strong>Status</strong> changed from <i>New</i> to <i>Duplicate</i></li></ul> pfSense - Bug #14083: Adding MSS and MTU values on XG-7100 WAN interface breaks the network connectivity on the firewall https://redmine.pfsense.org/issues/14083?journal_id=665352023-04-03T08:00:31ZJim Pingle
<ul><li><strong>Status</strong> changed from <i>Duplicate</i> to <i>New</i></li></ul> pfSense - Bug #14083: Adding MSS and MTU values on XG-7100 WAN interface breaks the network connectivity on the firewall https://redmine.pfsense.org/issues/14083?journal_id=669442023-04-19T05:06:01ZDanilo Zrenjanin
<ul></ul><p>We had a customer complaining about similar behavior at Netgate 2100. However, I couldn't reproduce this behavior on Netgate 2100. I defined MTU/MSS on mvneta0 and mvneta1, and everything worked fine. It seems that only XG-7100 is affected.</p> pfSense - Bug #14083: Adding MSS and MTU values on XG-7100 WAN interface breaks the network connectivity on the firewall https://redmine.pfsense.org/issues/14083?journal_id=674302023-05-12T14:57:28ZLukas Macura
<ul></ul><p>Is there any progress here?<br />This is serious bug which affects all XG-7100s path MTU discovery.<br />Is there any workaround for this please?</p> pfSense - Bug #14083: Adding MSS and MTU values on XG-7100 WAN interface breaks the network connectivity on the firewall https://redmine.pfsense.org/issues/14083?journal_id=675002023-05-17T10:06:25ZDanilo Zrenjanin
<ul><li><strong>Priority</strong> changed from <i>Normal</i> to <i>High</i></li></ul><p>I tested against:</p>
<pre>
23.05-RC (amd64)
built on Mon May 15 22:17:39 UTC 2023
FreeBSD 14.0-CURRENT
</pre>
<p>The problem persists.</p> pfSense - Bug #14083: Adding MSS and MTU values on XG-7100 WAN interface breaks the network connectivity on the firewall https://redmine.pfsense.org/issues/14083?journal_id=679652023-06-14T21:57:58ZJoakim Plate
<ul></ul><p>I think i may be affected by this on a Netgate 3100. I had an MTU set on WAN interface 1480, which had been seemingly been working properly for ages on 22 series. I then upgraded to 23.01 yesterday, and started having really strange intermittent (some sites) connection issues. Once i found this issue, i tried removing the MTU setting on the WAN interface, and things went back to normal. Should be said, i'm not sure why I had it set in the first place.</p> pfSense - Bug #14083: Adding MSS and MTU values on XG-7100 WAN interface breaks the network connectivity on the firewall https://redmine.pfsense.org/issues/14083?journal_id=687362023-07-27T17:43:17ZKris Phillips
<ul></ul><p>Just ran into this with another customer running 23.05.1 on a 7100. Adding an <mtu> value to any interface on the switchports will trigger this.</p> pfSense - Bug #14083: Adding MSS and MTU values on XG-7100 WAN interface breaks the network connectivity on the firewall https://redmine.pfsense.org/issues/14083?journal_id=687392023-07-27T17:55:35ZKris Phillips
<ul></ul><p>Other behavior notes:</p>
<p>If you run an ifconfig lagg0 from shell, the lagg will show up and both of the ix interfaces will show ACTIVE just fine. However, the "Assign Interfaces" option from VGA/Serial console will not show lagg0 as an assignable interface with this bug. Additionally, the vlan subniterfaces will show this for their VLAN config:</p>
<p>groups: vlan<br /> vlan: 0 vlanproto: 0x0000 vlanpcp: 0 parent interface: <none><br /> nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL></p>
<p>All of the VLANs will show <none> for the parent interface and 0 for the VLAN tag, but the interface will still be lagg0.#### as expected.</p>
<p>If you manage to get into the webConfigurator post-boot and save/apply the VLANs one at a time, they will all come up including the ones with an MTU/MSS set, so it doesn't seem to be a capability issue. Probably something getting "caught up" during the process on boot.</p> pfSense - Bug #14083: Adding MSS and MTU values on XG-7100 WAN interface breaks the network connectivity on the firewall https://redmine.pfsense.org/issues/14083?journal_id=687522023-07-28T02:41:42ZKris Phillips
<ul></ul><p>Tested this on the Netgate 3100 and it appears to be isolated to only the 7100. Setting an MTU on LAN while using or not using 802.1q VLAN tagging does not cause any link issues on the switchports.</p> pfSense - Bug #14083: Adding MSS and MTU values on XG-7100 WAN interface breaks the network connectivity on the firewall https://redmine.pfsense.org/issues/14083?journal_id=693992023-09-02T15:50:53ZJordan G
<ul></ul><p>I seem to also be able to reproduce this behavior using the ix interfaces on cordoba platform to create a LAGG (LACP) and setting MTU to 9000 and then trying to adjust any of the child VLAN's MTU that are also on LAGG, running 23.05.1</p> pfSense - Bug #14083: Adding MSS and MTU values on XG-7100 WAN interface breaks the network connectivity on the firewall https://redmine.pfsense.org/issues/14083?journal_id=701832023-10-10T20:30:57ZDaniel Hoffend
<ul></ul><p>I can confirm the issue with pfSense 2.7. We're using multiple vlan interfaces on an lagg1 interface. (lagg1.40, lagg1.41 ...) and set mtu to 1440 and mss to 1400 (due to vpn tunnels and unknown provider links).</p>
<p>When I create the lagg1 interface and vlan subinterfaces and change the interface assignments everything seems to work until I reboot the pfsense (vm via libvirtd). Using the the same mtu/mss settings on a non-lagg interface (vtnet0 for example) works like expected.</p> pfSense - Bug #14083: Adding MSS and MTU values on XG-7100 WAN interface breaks the network connectivity on the firewall https://redmine.pfsense.org/issues/14083?journal_id=702532023-10-15T02:05:00ZKris Phillips
<ul></ul><p>Daniel Hoffend wrote in <a href="#note-12">#note-12</a>:</p>
<blockquote>
<p>I can confirm the issue with pfSense 2.7. We're using multiple vlan interfaces on an lagg1 interface. (lagg1.40, lagg1.41 ...) and set mtu to 1440 and mss to 1400 (due to vpn tunnels and unknown provider links).</p>
<p>When I create the lagg1 interface and vlan subinterfaces and change the interface assignments everything seems to work until I reboot the pfsense (vm via libvirtd). Using the the same mtu/mss settings on a non-lagg interface (vtnet0 for example) works like expected.</p>
</blockquote>
<p>Hello Daniel,</p>
<p>Do you see the same issue as I mentioned earlier regarding the sub-interfaces showing <none> for the parent interface? Please advise.</p> pfSense - Bug #14083: Adding MSS and MTU values on XG-7100 WAN interface breaks the network connectivity on the firewall https://redmine.pfsense.org/issues/14083?journal_id=715232023-12-24T17:12:15ZMarcos M
<ul><li><strong>Project</strong> changed from <i>pfSense Plus</i> to <i>pfSense</i></li><li><strong>Category</strong> changed from <i>Interfaces</i> to <i>Interfaces</i></li><li><strong>Status</strong> changed from <i>New</i> to <i>Duplicate</i></li></ul> pfSense - Bug #14083: Adding MSS and MTU values on XG-7100 WAN interface breaks the network connectivity on the firewall https://redmine.pfsense.org/issues/14083?journal_id=715242023-12-24T17:12:23ZMarcos M
<ul><li><strong>Is duplicate of</strong> <i><a class="issue tracker-1 status-4 priority-4 priority-default" href="/issues/9453">Bug #9453</a>: Reconfiguring a parent LAGG interface breaks its VLANs</i> added</li></ul>