Are JAIL VLANs broken (since upgrading from 11.3 to 12.0)

[Newfoundland.Republic]

Hi folks,

I'm tearing my hair out over this one: since upgrading from FreeNAS 11.3 to TrueNAS 12.0 my jails (and my Emby plugins) that use VLANs are no longer working. I'm not sure if this is (a) some issue with pfSense (don't think so), (b) UniFi switch (maybe...) or (c) TrueNAS' VLANs.

I decided to try setting up the networking (all along the path) fresh using a new VLAN - 101.

pfSense config:

• igb5 has VLAN 101 assigned (all my other VLANs based on igb5 - and they are working just fine with VMware and UniFi switch ports for devices)
• VLAN 101's firewall rules are wide open (nothing blocked)
• DHCP server is serving IP addresses correctly (including the TrueNAS jail)
• Subnet 192.168.101.0/24
• Gateway 192.168.101.254

UniFi switch config:

• VLAN 101 is created
• TrueNAS is connected to the UniFi switch port with a port profile of ALL (networks) (I actually set up a new switch port with a profile of ALL to rule out something "strange" with the current port)

TrueNAS config:

• Using igb3 (previously unused) connected to the UniFi switch port configured with ALL
• Create a new VLAN:

Code:

Description:
VLAN 101 for testing

Active Media Type:
N/A

Active Media Subtype:
N/A

VLAN Tag:
101

VLAN Parent Interface:
igb3

Bridge Members:
N/A

LAGG Ports:
N/A

LAGG Protocol:
N/A

MAC Address:
00:25:90:2f:87:c7

• Create a new Bridge

Code:

Description:
Bridge 101 to VLAN 101

Active Media Type:
N/A

Active Media Subtype:
N/A

VLAN Tag:
N/A

VLAN Parent Interface:
N/A

Bridge Members:
vlan101

LAGG Ports:
N/A

LAGG Protocol:
N/A

MAC Address:
02:28:9e:b9:d7:65

MTU:
1500

Basic Config:

Jail Network Config

I can ping the jail from another devices on on the 192.168.101.0/24 network.
I can ping an Internet site (8.8.8.8) from the jail, but this takes about 10-20 pings to actually start working:

Code:

root@vlantest101:~ # ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: icmp_seq=17 ttl=116 time=34.335 ms
64 bytes from 8.8.8.8: icmp_seq=18 ttl=116 time=33.983 ms
64 bytes from 8.8.8.8: icmp_seq=19 ttl=116 time=33.790 ms
64 bytes from 8.8.8.8: icmp_seq=20 ttl=116 time=34.303 ms
64 bytes from 8.8.8.8: icmp_seq=21 ttl=116 time=34.289 ms
64 bytes from 8.8.8.8: icmp_seq=22 ttl=116 time=34.202 ms

I cannot resolve a site (e.g., www.google.ca) - host www.google.ca:

Code:

root@vlantest101:~ # host www.google.ca
;; connection timed out; no servers could be reached

Jail routing:

Code:

root@vlantest101:~ # netstat -nr
Routing tables

Internet:
Destination        Gateway            Flags     Netif Expire
default            192.168.101.254    UGS     epair0b
127.0.0.1          link#1             UH          lo0
192.168.101.0/24   link#3             U       epair0b
192.168.101.2      link#3             UHS         lo0

Internet6:
Destination                       Gateway                       Flags     Netif
Expire
::/96                             ::1                           UGRS        lo0
::1                               link#1                        UH          lo0
::ffff:0.0.0.0/96 

And, resolv.conf:

Code:

root@vlantest101:~ # cat /etc/resolv.conf
# Generated by resolvconf
search pelleys.com
nameserver 8.8.8.8
nameserver 8.8.4.4

Anyone have any idea what's going on?
Thanks!

 

[x130844]

try to change your vnet_auto_interface from auto and see if that makes a difference, I had some issues when I attempted the switch to true core.

 

[Newfoundland.Republic]

@x130844 - Thanks for the suggestion but it did not work.