VLAN woes

George51

Contributor
Joined
Feb 4, 2014
Messages
126
I am trying to set my FreeNAS up on my new VLAN based network and I am struggling.

I currently have the following set up:

PfSense
|
|
Switch1
|
|
Switch2
|
|
FreeNAS

The VLANS on the network I have are:

VLAN5: Management
VLAN10: Generic devices
VLAN20: IoT
VLAN30: Guest

I would like FreeNAS GUI to be accessible on VLAN5, and some iocage jails to be accessible on a mixture of 5,10 and 20

At the moment with the switchport set to 5:untagged, 10 & 20 tagged I can get FreeNAS GUI over VLAN5 (and the jails over 5 too)

However this is just because I don't think FreeNAS is tagging anything - I have tried various ways of adding VLAN interface, but each time I do I end up locked out of the GUI and have to remove it via IPMI and the console.

I am on a supermicro X11SSH-f board if that makes any difference.
 

proto

Patron
Joined
Sep 28, 2015
Messages
269
Maybe I had a similar problem and try to answer, but take what I'm about to write as it is ...
I have a setup similar to yours. pfSense has DHCP enabled, FreeNAS has fixed ip on VLAN.

I have an HP v1920 switch and probably the terminology could change between HP and Cisco and other brands, so it would be useful if you indicated the brand of your switch and also the VLAN configuration and some more info on the NAS (ifconfig, etc ).

Anyway ... my network configuration:
VLAN10 -> servers (physical or virtual) // VLAN5 in your case
VLAN20 -> clients

This is how I configured the switch:
VLAN10 with hybrid mode port, PVID 10, TAGGED 10.
On FreeNAS:
igb0 -> no IP
VLAN10 -> parent of igb0

VLAN20 with hybrid mode port, PVID 20, UNTAGGED 20.
igb1 -> no IP
VLAN20 -> parent of igb1

So I didn't configure any IPs at the "lower" level.
I then configured the VLAN10 via CLI and assigned the IP, resolver, gateway to the NAS.
From the WEB interface I subsequently assigned the VLAN20 and I also configured LAGG and other VLANs for the other network interfaces that I use for shares and more.

In this way I can reach both FreeNAS for the management and the VMs or Jails on the same VLAN10.
Conversely, for VLAN20, if I pass TAGGED traffic, I don't get any network addresses from DHCP. I see the requests pass on pfSense, but the machines do not reach the ACK for which it fails. If I remember correctly I had a similar problem on VLAN10.

I hope it can help you analyze your problem.
 

jgreco

Resident Grinch
Joined
May 29, 2011
Messages
18,681
Don't mix untagged and tagged. This is just a bad design and you should avoid where possible. It's possible to make it work, but ups the difficulty level.

Make all the switchport vlans tagged on the port connecting to the FreeNAS host.

Using the console, set up the FreeNAS host port for vlans. Do not assign it an IP.

Create a vlan interface for your vlan5 on the console.

Then configure IPv4 on that vlan interface, and set a default route.

Once you've done this, you should have IP connectivity for your FreeNAS. From there you can add additional vlans by creating additional vlan interfaces. You can temporarily assign an IP address to them at the CLI using ifconfig to make sure they work.
 

proto

Patron
Joined
Sep 28, 2015
Messages
269
Don't mix untagged and tagged. This is just a bad design and you should avoid where possible. It's possible to make it work, but ups the difficulty level.

That configuration is working for me and I agree with you, it should be avoided.
But it's the only way I can make it works after having set up VLAN via CLI, otherwise FreeNAS goes nowhere.
 
Top