I have installed TrueNAS Scale for the first time and so far so good except for when I want to use a dedicated NIC for the management GUI which is on a different VLAN to the NIC which has the default gateway configured and where client devices are located.
The problem is that when a client located on a VLAN other than the management VLAN uses the TrueNAS GUI the login screen appears, login occurs fine but after a few seconds the GUI session experiences errors and brings up a banner that it cannot connect to the system and the session returns to the login screen. This will happen over and over if I keep logging in.
One possible reason for this behaviour is that whilst the initial login process takes place over TCP which is stateless the GUI session relies on websockets and API tokens which rely on replies from the same IP as the requests are made to but TrueNAS Scale uses the default route (configured in System, Network, Network Configuration) to send back packets regardless which interface they were originally sent to.
Does that sound right? Wondering if anyone else has had this issue
Yes, TrueNAS can only have one default route. When you setup TrueNAS the best practice would be to have an interface in the same subnet where the service is being used.
The following solved it for me so am posting here in case someone else has the same issue.
In shell as root (sudo -i) I used these commands:
ip rule add from 10.1.60.200/32 table 100 || true
ip route add 10.1.60.0/24 dev br2 table 100 || true
ip route add 192.168.5.0/24 via 10.1.60.1 dev br2 table 100 || true
10.1.60.200/32 is the TrueNAS management interface IP, 10.1.60.0/24 is the management subnet, 192.168.5.0/24 is the subnet where the client device is and 10.1.60.1 is the gateway IP on the management subnet. BR2 is my management interface.
Also, these have been added as post init commands and work after a reboot but have to wait and see if they persist after a TrueNAS upgrade.