FreeNAS 8.3.0 subnets can not be separated! No routes, still forwarding?

Status
Not open for further replies.
H

holla_die_waldfee

Cadet
Joined
Apr 2, 2013
Messages
3
  • FreeNAS 8.3.0 - Server with multiple NICs
  • LAN A - 192 168 *** *** (255.255.255.0) Windows
  • LAN B - 172 *** *** *** (255.255.255.0) Linux
  • a single CIFS share

Two completely separate subnets should be able to access the same share but remain separate.
So I thought FreeNAS purely without routes - plugin cable - ready. I was wrong!
Although no routes are established but individual computers from LAN A are visible in LAN B.
The NICs at the server can also be pinged crosswise, so from the other, forbidden network.

Now what? Is this a quirk of BSD?
IP forwarding at kernel level?
Can this be changed?
Is it even possible with FreeNAS two networks at all safely separated?

It would be great if someone could explain, I'm at my wits end.

Sorry for the automatic translation!

Thanks in advance!
 
jgreco

jgreco

Resident Grinch
Joined
May 29, 2011
Messages
18,680
The description of your situation does not match up with reality. FreeNAS does not have packet forwarding enabled.

How in the world would the hosts on LAN B know how to reach the hosts on LAN A without routing information of some sort? Even if you had specified the FreeNAS server as a default route for both LAN segments, it won't forward packets, so visibility from one network to the other shouldn't be happening via FreeNAS.

Your problem would appear to have some undisclosed elements that are contributing to your situation.
 
T

titan_rw

Guru
Joined
Sep 1, 2012
Messages
586
I have a similar setup, only using vlans. And it works perfectly.

interface em0, address 192.168.5.13/24 to a port configured for untagged vlan1

interface re0, address 192.168.7.13/24 to a port configured for untagged vlan7.

Computers in vlan1 are totally separate from computers in vlan7. They can all see freenas, but can't see each other.

Then I "deny all" in samba, and specifically allow the correct subnets for each share.

I would use port trunking, and vlan tagging to simply have one physical nic, but the jail system doesn't allow vlan interfaces to be presented to the jail. From what I understand at least.

Freenas is not a router. Something else is responsible for traffic making it from one subnet to the other.
 
Status
Not open for further replies.

Similar threads

H
  • Locked
FreeNAS 8.3.0 Subnetze lassen sich nicht trennen! Keine Routen, trotzdem forwarding?
Replies
2
Views
1K
holla_die_waldfee
H
alobi
  • Locked
pfSense + two LAN subnets + FreeNAS shares
Replies
7
Views
9K
alobi
alobi
bcunningham86
FreeNAS VPN VLAN/Jails with Unifi Dream Machine Pro and External VPN Edgerouter Setup
Replies
1
Views
2K
BlakeNagel07
BlakeNagel07
W
11.2U1 not responding after a week of use, repeatedly
Replies
10
Views
1K
Meyers
M
V
  • Locked
FreeNAS and Network Bridge - FreeNAS traffic shall not pass!!
Replies
9
Views
4K
voyager529
V
Top