Question about Sub-interfaces (VLAN's) and DHCP Scope

crix0r · November 24, 2021, 2:23pm

Hello Everyone -

Happy Wednesday!

Sorry if this is a silly question (if it is, please delete it) but BLUF is that I was wondering:

When creating VLAN’s and assigning them to a physical interface (which I think end up become sub-interface, e.g. em3.30) what should I do with the physical (e.g. EM3) interface, IP wise? In my setup I currently have EM3 enabled and set with no IP, and a sub-interface VLAN (30, which is sub-interface em3.30) configured and I think this configuration is causing me issues (more on that below) with DHCP static mappings.

More details:

I know I can’t disable EM3, that seems to disable the sub-interface too. I have no need for EM3 to have an IP address. When I start to get into static DHCP mappings I get a weird error that my static mapping “must lie within the EM3 subnet”, but EM3 has no subnet set and I’m working on a static mapping for em3.30 not EM3… so I’m thinking I’ve got something odd left over from a random change I made in my config file or more than likely: I’ve misconfigured something.

My setup:

I’ve setup pfSense to be a router on a stick in that I am rocking an HP thin client with a four port NIC which is connected to some Netgear managed switches, which are setup with VLAN’s (10, 20, 30, etc.). Everything seems to work (Routing between VLAN’s works, the switches are VLAN tagging correctly, DHCP is giving me addresses as I would expect, etc.). VLAN 30 is 10.30.0.x/24, and the DHCP server is configured to hand out address from 10.30.0.10/24 to 10.30.0.100/24. When I start to poke around with static mappings in the DHCP configuration page, I get an error message that doesn’t make any sense to me (“must lie within the EM3 subnet”) because the IP I am setting is within the em3.30 subnet and outside of the DHCP scope for em3.30 (10.30.0.105).

The reason I think I’ve borked something is because despite me working on the DHCP static mapping for em3.30, the error message isn’t about em3.30… it is about EM3. EM3 has no subnet (it isn’t configured, at least not in so far as I can see) so I’m a little lost.

Thoughts?

Thanks for your time in advance!
CricketNE

LTS_Tom · November 24, 2021, 6:16pm

Each subnet whether in a VLAN or single interface needs to be on a separate range. Unclear what you may have done wrong.

crix0r · November 24, 2021, 11:11pm

Hi There Tom -

Thanks for the reply and input! Yeah it’s definitely vexing and I agree… each interface has it’s own range - well each VLAN has it’s own range, the physical interfaces (EM1, EM2, EM3, etc.) are enabled, but have no range/IP set… is that the proper way to do it or should I have give each physical interface an range/IP that isn’t inside of the VLAN subnets?

V/R,
CricketNE

LTS_Tom · November 24, 2021, 11:13pm

I usually set each interface to have an IP address, but I don’t see any reason it should not work it the native VLAN 1 does not have an IP set.

crix0r · November 24, 2021, 11:15pm

Hrm, OK. Let me poke around with setting the physical interfaces with a range and see if that makes a difference.

Will report back what I dig up!

Thanks again.

V/R,
CricketNE

crix0r · November 24, 2021, 11:43pm

Hello Again -

It turns out it had nothing to do with EM3 having an address; for whatever reason the DHCP config for EM3 was hidden (meaning it wasn’t part of the breadcrumbs to navigate around the DHCP server configuration GUI page) until I tried to set a static mapping, and when it errored out all I had to do was click EM3 and it took me to the partially configured DHCP server settings. I cleared out the range, hit save and boom… all is well!

Thanks again.

V/R,
CricketNE