-
Important Announcement for the TrueNAS Community.
The TrueNAS Community has now been moved. This forum has become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums
Jail connectivity issue
- Thread starter djdwosk97
- Start date
I can't ping 192.168.30.2.
I get an error saying 'interface em0 is currently in use by vlan30' if I try to create a bridge with em0 as the bridge member.
- Joined
- Dec 31, 2021
- Messages
- 973
Ok, so here is what the layout should look like.
I think I was mistaken about not having to have the vlan1 interface.
So if you are using 1 NIC for both VLAN and LAN traffic, then...
LAN
em0 > vlan1 > bridge0 (this would be your default LAN tagged traffic)
VLAN 30
em0 > vlan30 > bridge30
VLAN 50
em0 > vlan50 > bridge50
I gave that a try (and moved the 192.168.0.80 address) to bridge0, but I still couldn't ping 192.168.30.2 and I couldn't open the web GUI at 192.168.0.80
- Joined
- Dec 31, 2021
- Messages
- 973
Did you try to first create a VLAN1 with em0 as the member, the creating bridge0 with VLAN1 as the member?
I did it all in one shot so that I could use "Test Changes" and not lock myself out of the web GUI (but yes).
I just looked at the physical machine because I still got locked out of the GUI and noticed it had a 30.2 and 0.80 interface, so I'm going to restart the machine and see what it comes back online with.
I clicked 'Test Changes' and nothing.
After the reboot, the physical machine still reports a web interface at 30.2 and 0.80. I can access the interface at 0.80, but I can't ping or access the GUI at 30.2.
0.0.0.0 was the selected web interface (which says it enables all by default), but I tried selecting the 0.80 and 30.2 addresses instead and still I can't access it through the 30.2 IP. Nor can I ping the 30.2 IP.
The VLANs are isolated from each other with an ACL, but I just went in and disabled all of the rules just in case.
Same issue with other NIC. I created a VLAN30 with em1 as the parent and bridge30 was VLAN30 as the member and gave bridge30 the 30.2 IP and I still can't ping 30.2 or open the GUI at 30.2. The physical machine does continue to show the web interface is available at 30.2 and 0.80.
I'm not exactly sure what did it, but I was playing around a bit in the router's GUI and with ACLs and managed to get the 30.2 interface working. Starting with em1 seems to have helped since it meant I was starting with a parent interface with no IP address. The other part is that I probably didn't catch some error somewhere in the ACL that I eventually caught when I rewrote all the ACL rules from scratch.
I tried to change the interface from 30.2/24 to 30.2/32 so that I could add another bridge at say 30.3/32, but I was running into a file exists error. Is this not the way that I should be adding bridges for other jails/VMs? Or is it just that a file exists from the /24 config and that /24 encompasses both 30.2/32 and 31.2/32 -- and possibly a reboot would solve this.
- Joined
- Nov 25, 2013
- Messages
- 7,776
This happens when the automagically created bridge combines with some manual configuration in unfortunate ways and 2 physical ports are both plugged in and a member of the same bridge.
This creates a layer 2 loop that brings down the whole network via broadcast storm.
Ah, I thought I tried to use the same bridge in two different places and ran into an error, but maybe I'm misremembering or it was misconfigured at that point.
Thanks for your help!
Makes sense, Thanks!
