I’m probably missing something simple here. I just added a 10G card to my pfsense and want to move all my networks to one of those links from their current location on a 1G link. It seems like I should be able to just change the network port from igb0 to cxl0 or cxl1, but anything I assign to those ports stops routing. What am I forgetting to do?
1 Like
Hi sir, Can we see your config? Interface assignments… Thank you.
Do you set the DHCP server per VLAN?
Yes I do.
Extra stuff to get 20 characters.
Try setting up the 10G as another interface to make sure it’s working before assigning existing networks to it.
You have vlans setup on the existing interface.
Do you have vlans setup on the new one? I guess it should work with vlan 1 untagged but maybe that’s the issue?
Yes, there are multiple vlans. I’ve tried moving my management network over, which is vlan 1. I’ve also tried moving other vlans over and none of it seems to pass traffic.
You should be able to download the firewall config edit the file swapping the 1G interface for the 10G. Upload the modified config and reboot. I have done this many times when moving pfsense to different hardware. You just need to make sure the 10G is fully functional from a hardware perspective before you proceed. Also keep an unmodified copy of the backup incase you need to revert back for any reason.
1 Like
I set up a new network on one of the ports. I’m able to resolve DNS and ping internal stuff, but can’t get out to the internet. I’m guessing that’s because I forgot to add outbound NAT rules for the network, but haven’t checked that.
I’m connecting to a Mikrotik CRS326-24S+2Q+RM. So I’m thinking I might be messing something up with the vlans there that is breaking things. Anyone know how to set them up properly, I’m using switchOS? It doesn’t seem to be as intuitive as Ubiquiti switches.
Went back and watched Tom’s video on the switches. I can’t seem to get the network to work with ESXi for a VM.
If you have a new switch as well then I would get the new switch connected to the existing setup first, get two trunk / tagged port up and running and an untagged port on each vlan. Test all the vlans using one of the two trunks, then the other.
Once that’s working you can be happy that all the vlans are getting to the switch correctly you can then connect the new interface to one of the trunks, the lan to the other and be happy in the knowledge that the switching side of things is working. No practical experience on Mikrotik kit sorry.
I think the problem I’m having is getting a trunk in and back out. Theoretically it should be easy, but it’s not going so well.
Like I say, no specific knowlege on Mikrotik but in theory…
- make a port on your existing switch tagged on all vlans
- use a console cable to connect to the new switch (or connect the highest port to your management vlan)
- work out how to setup the vlans
- make sure port 1 and port 2 are tagged with all of the vlans (HP / Netgear this is tag each port in each vlan, Cisco you make the port a “trunk” and it gets all of them by default, Unifi you assign a profile which you pre-define as having the vlans you want)
- untag port 3 on vlan 10, 4 on 20, 5 on 30…(HP just “vlan x untagged y”, Cisco make it an access port and set the vlan, Netgear untag it but also set the PVID, unifi another profile assigned to the port)
- connect the cable from port 1 to your current switch.
- Plug into each of the untagged ports (4 - ?) and check you appear on the correct vlan.
- If you do then swap the uplink to port 2
- test again.
At this point you know that both trunk ports are sending and receiving frames on all your vlans.
Get that right before doing anything else with pfSense
So far I’m really not liking this Mikrotik switch. I’ve gotten some things working. Now pfSense is passing everything through one 10G link to the Mikrotik switch. I have a LAG from there to Unifi switch 1, and another lag to Unifi switch 2. Don’t ask me what I did to get it working because I’m really not sure. Tried tons of things until something worked.
Everything is fine as long as I use the Unifi switches for ESXi, but as soon as I put a VM on a link to the Mikrotik switch it makes the entire network unstable. I really don’t understand why. There are no loops in the network.