Project

General

Profile

Actions
Copy link

Bug #6205

closed

VLAN tagging in Hyper-V guest not working?

Added by Thorsten Windrath about 8 years ago. Updated over 6 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Operating System
Target version:
-
Start date:
04/19/2016
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.3
Affected Architecture:
amd64

Description

Hi,

after upgrading a virtualized (Hyper-V 2012R2) installation from 2.2.6 to 2.3, I am not able to access anything internal. Internal being defined here as local subnets connected via tagged VLANs. That was working perfectly fine in 2.2.6. I am still able to access that VM by HV-console (sure) and over an OpenVPN site-to-site tunnel, so WAN is working fine. No changes made aside from the upgrade.

Setup:
Single WAN on separated NIC (hn0)
Trunked Hyper-V vSwitch for LANs (hn1, nearly a dozen local LANs separated by VLAN tags on the same physical interface, see below)

hn1_vlan600: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
hn1_vlan720: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
hn1_vlan721: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
[...]
OpenVPN tunnel

First, it looked like the tunnel was down, serveral users reported they can't access resources on the other side. But the tunnel is up and running, I'm able to access the pfSense VM via browser and SSH over that tunnel - but nothing behind it. When I try to ping something from the GUI or shell, I do get this:

[2.3-RELEASE][root@somewhere.with.fqdn]/root: ping -S 10.60.0.1 10.60.0.50
PING 10.60.0.50 (10.60.0.50) from 10.60.0.1: 56 data bytes
ping: sendto: Host is down
ping: sendto: Host is down
ping: sendto: Host is down
ping: sendto: Host is down
ping: sendto: Host is down
Routing table also looks good and as I said, WAN and OpenVPN is working perfectly fine. Some things I've spotted so far:
  • Can't arp (or ping) anything on local subnets. For example, there's a switch (10.60.0.100, DHCP, may not have an IP right now) and at least the hypervisor (10.60.0.50 with static IP) which should respond to a ping (it's configured like that and worked before). ARP-table is empty expect for local interfaces of that VM
  • Can - for example - dig a DNS on WAN and also over the tunnel
  • Can access pfSense over the tunnel

I'm nearly sure it is somehow related to VLAN tagging - is there some major change in FreeBSD 10.3?

Please note: First thing I'll do tomorrow is to create a clone of that VM for debugging purposes and then revert a snapshot I did before I've kicked off that upgrade to restore connectivity.

Actions
Copy link

Also available in: Atom PDF