https://redmine.pfsense.org/https://redmine.pfsense.org/favicon.ico?16780521162014-07-12T21:39:12ZpfSense bugtrackerpfSense - Bug #3737: Incoming VLAN traffic fails to reach VLAN interface if PCP not 0https://redmine.pfsense.org/issues/3737?journal_id=143052014-07-12T21:39:12ZChris Buechlercbuechler@gmail.com
<ul></ul><p>I haven't dug too deeply into this, but I suspect the root issue here is this should be a feature request for PCP configuration (sysctls, ifconfig, etc.).</p>
<p>Clement: for best chance of a quick implementation, if you could spend some time digging into configuring the underlying FreeBSD to work in this circumstance, and hence then narrow down exactly what we need to allow configuring and where, that would make this much more likely to gain traction quickly. Otherwise it's probably one of those things that one of us will eventually get into, at some point.</p>
<p>Might want to start your testing with a stock FreeBSD 10.0 or 10-STABLE, see if you can make it work there, then try the same on pfSense 2.2.</p> pfSense - Bug #3737: Incoming VLAN traffic fails to reach VLAN interface if PCP not 0https://redmine.pfsense.org/issues/3737?journal_id=143062014-07-14T05:08:27ZClement Barnier
<ul></ul><p>As far as I know FreeBSD does not support PCP by itself (a “man vlan” on the latest 10-STABLE still indicates “No 802.1Q features except VLAN tagging are implemented.”) so the current pfSense implementation is in-house, and my guess is that there is a problem in there.</p>
<p>I’ve found the following diff which seems to details part of it:<br /><a class="external" href="https://github.com/Podilarius/pfsense-tools/blob/cba403d0126da81cd3fec30eed295548e4dbb445/patches/RELENG_8_3/pf_802.1p.diff">https://github.com/Podilarius/pfsense-tools/blob/cba403d0126da81cd3fec30eed295548e4dbb445/patches/RELENG_8_3/pf_802.1p.diff</a></p>
<p>I would love to take a closer look at the code but it seems the full pfSense repo is not freely accessible.</p> pfSense - Bug #3737: Incoming VLAN traffic fails to reach VLAN interface if PCP not 0https://redmine.pfsense.org/issues/3737?journal_id=143092014-07-15T18:30:04ZChris Buechlercbuechler@gmail.com
<ul></ul><p>source is freely accessible, info here: <br /><a class="external" href="https://forum.pfsense.org/index.php?topic=76132.0">https://forum.pfsense.org/index.php?topic=76132.0</a></p> pfSense - Bug #3737: Incoming VLAN traffic fails to reach VLAN interface if PCP not 0https://redmine.pfsense.org/issues/3737?journal_id=143902014-07-27T05:38:09ZClement Barnier
<ul><li><strong>File</strong> <a href="/attachments/1003">if_vlan.diff</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/1003/if_vlan.diff">if_vlan.diff</a> added</li></ul><p>I've finally managed to put together a fully working environment and take a deeper look at this.</p>
<p>The problem is that setting PCP for a VLAN interface to anything except 0 corrupts its VID (seen with <em>ifconfig</em>).<br />This happens because there is a mix-up in <em>if_vlan.c</em> which likely got unnoticed in the pf_802.1p patch:</p>
<p><code>#define ifv_vid ifv_mib.ifvm_tag</code></p>
<p>So the VID and the full 802.1Q tag are equal when PCP is 0, but it obviously breaks in all other cases (<em>vlan_input</em> will be unable to match VLAN packets to existing VLAN interfaces).</p>
<p>It can be resolved by adding the proper <em>ifvm_vid</em> field to the mib, as shown in the attached diff.</p> pfSense - Bug #3737: Incoming VLAN traffic fails to reach VLAN interface if PCP not 0https://redmine.pfsense.org/issues/3737?journal_id=145122014-08-17T04:24:03ZClement Barnier
<ul></ul><p>So can this be pushed in the 802.1Q patch?<br />I confirm that it solves the problem.</p> pfSense - Bug #3737: Incoming VLAN traffic fails to reach VLAN interface if PCP not 0https://redmine.pfsense.org/issues/3737?journal_id=149882014-10-05T02:33:10ZDamien Flamentdamien@wxo.io
<ul></ul><p>I encounter the same issue, with the patch PCP is working fine.<br />Can you push this patch so it can be included in the 2.2?</p> pfSense - Bug #3737: Incoming VLAN traffic fails to reach VLAN interface if PCP not 0https://redmine.pfsense.org/issues/3737?journal_id=191022015-07-10T04:09:44ZChris Christensenchristianchristensen@gmail.com
<ul></ul><p>I believe this may be related to <a class="external" href="https://forum.pfsense.org/index.php?topic=87638">https://forum.pfsense.org/index.php?topic=87638</a> (of which I am experiencing the same issue on 2.2.3-RELEASE).</p>
<p>I have not been able to access the pfsense-tools repo to validate the patchset yet; but, I suspect that the original may have been <a class="external" href="http://www.watson.org/~robert/freebsd/20120117-ieee8021q.diff">http://www.watson.org/~robert/freebsd/20120117-ieee8021q.diff</a></p>
<p>Notably the upstream FreeBSD patchset appears to have the changes noted in this diff... <a class="external" href="https://reviews.freebsd.org/D801">https://reviews.freebsd.org/D801</a></p> pfSense - Bug #3737: Incoming VLAN traffic fails to reach VLAN interface if PCP not 0https://redmine.pfsense.org/issues/3737?journal_id=191082015-07-10T10:43:19ZClement Barnier
<ul></ul><p>Chris, if you're interested in using PCP in your configuration you can take a look at <a class="issue tracker-2 status-3 priority-4 priority-default closed" title="Feature: Add GUI setting for VLANs PCP (Resolved)" href="https://redmine.pfsense.org/issues/4133">#4133</a> which is more "up-to-date" and also include GUI support.</p> pfSense - Bug #3737: Incoming VLAN traffic fails to reach VLAN interface if PCP not 0https://redmine.pfsense.org/issues/3737?journal_id=191102015-07-10T16:11:44ZChris Christensenchristianchristensen@gmail.com
<ul></ul><p>Thanks Clement!</p> pfSense - Bug #3737: Incoming VLAN traffic fails to reach VLAN interface if PCP not 0https://redmine.pfsense.org/issues/3737?journal_id=207012015-09-16T01:47:39ZChris Buechlercbuechler@gmail.com
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Duplicate</i></li><li><strong>Affected Architecture</strong> <i></i> added</li><li><strong>Affected Architecture</strong> deleted (<del><i>amd64</i></del>)</li></ul><p>closing this in favor of <a class="issue tracker-2 status-3 priority-4 priority-default closed" title="Feature: Add GUI setting for VLANs PCP (Resolved)" href="https://redmine.pfsense.org/issues/4133">#4133</a></p>