VLAN on LAGG with DHCP

R

Ralms

Dabbler
Joined
Jan 28, 2019
Messages
29
Hi everyone,

I've been trying for a few days to have my TrueNas box have its main Interface communicate over a VLan.
The current configuration is a 4 x 1Gbps port LAGG with DHCP enabled.

I've tried to set the VLan directly on the Lagg with ipconfig options but didn't work.
Then I tried to set a "Vlan" on the web portal and enable DHCP on it and also didn't seem to work.

I'm still not sure where is the issue, if on TrueNAS, the switch or my router, but wanted to ask a few questions to understand what is the expected configuration on TrueNAS side:
  1. I've read on an old post that with FreeNAS, you need to have "NICs -> LAGG -> VLAN -> Bridge" even if the bridge only contains the VLan, where the Bridge is the one with DHCP, is this correct?
  2. I've also read that the web portal will only respond on a single IP, is this true?
    For example, currently I still have the LAGG with DHCP, which is working, however I also have configured the VLAN and the Bridge with a static IP.
    More detailed, I have 2 IPs on the same Nic:
    1. NICs -> LAGG with DHCP
    2. NICs -> LAGG -> VLAN -> Bridge with static IP on another subnet.
Lastly, due to the questions above, I assumed I would have to remove DHCP from the LAGG (loosing access to the Web Portal) and tried to perform some configurations on the CLI (the console when you IPMI, ILO on my case, directly to the box) / Bash, but it hasn't been easy at all.
  1. How can you issue a DHCP renew on a specific interface?
    I've been essentially setting a static IP and changing it back to DHCP all the time as a workaround to test connectivity, its time consuming.
  2. How can I manage Bridges?
    The CLI allows us to manage almost everything, from Interfaces, Laggs, VLans, but not bridges.
    One of the things I was thinking on trying was turning off DHCP on the LAGG and enabling it on the Bridge if question 2 above is correct.

Thank you for the help.
 
Patrick M. Hausen

Patrick M. Hausen

Hall of Famer
Joined
Nov 25, 2013
Messages
7,776
You have a LAGG interface created, already, right? You need to ADD a new interface of type VLAN - configure the existing LAGG as the parent interface, remove DHCP option from LAGG and enable DHCP option on VLAN.

Similar if you want to configure a bridge interface you need to ADD an interface, pick type BRIDGE, add the existing VLAN as the member ...

If you want to use bridging, you CANNOT use tagged and untagged in parallel on the same interface. It's bad practice, anyway, so just don't.
 
R

Ralms

Dabbler
Joined
Jan 28, 2019
Messages
29
Patrick M. Hausen said:
You have a LAGG interface created, already, right? You need to ADD a new interface of type VLAN - configure the existing LAGG as the parent interface, remove DHCP option from LAGG and enable DHCP option on VLAN.

Similar if you want to configure a bridge interface you need to ADD an interface, pick type BRIDGE, add the existing VLAN as the member ...

If you want to use bridging, you CANNOT use tagged and untagged in parallel on the same interface. It's bad practice, anyway, so just don't.
Click to expand...

Hey Patrick,

Yeah, I have the LAGG working fine, but on untagged (vlan1).

Currently I have the LAGG, then the VLan interface with the LAGG as parent.
Then because of a forum thread I've found from FreeNas 8 or something like that, they were saying that you also needed to have the Bridge with the VLan interface as member to use DHCP. I though it was really strange. So this is false correct?

I will give it a try having the VLan interface only with DHCP enabled on it.
 
Patrick M. Hausen

Patrick M. Hausen

Hall of Famer
Joined
Nov 25, 2013
Messages
7,776
Are you running jails and/or VMs on either that "bare" lagg interface or the VLAN?

If yes, you naturally need a bridge interface to connect the jails and VMs to your network. And in that case you cannot mix - a bridge with lagg0 as a member means you cannot use VLANs on lagg0. That's why I recommend not to mix tagged and untagged on one interface.

Additionally if you are using a bridge, and if the NAS host has got an IP address on that same interface, it is mandatory to have the IP configuration (DHCP or static) on the bridge and not on the member interface.

You don't need a bridge if you are not running jails or VMs.
 
R

Ralms

Dabbler
Joined
Jan 28, 2019
Messages
29
Patrick M. Hausen said:
Are you running jails and/or VMs on either that "bare" lagg interface or the VLAN?

If yes, you naturally need a bridge interface to connect the jails and VMs to your network. And in that case you cannot mix - a bridge with lagg0 as a member means you cannot use VLANs on lagg0. That's why I recommend not to mix tagged and untagged on one interface.

Additionally if you are using a bridge, and if the NAS host has got an IP address on that same interface, it is mandatory to have the IP configuration (DHCP or static) on the bridge and not on the member interface.

You don't need a bridge if you are not running jails or VMs.
Click to expand...

Hm, Jails yes, although if that adds more complexity, I can just split 1 of the LAGG ports as dedicated to the Jails.
I don't really need 4x1Gbps Lagg, 3 is enough, just added all ports because didn't have any use for the 4th port.

The only Jail I have is for Plex really, it shows as using "vnet0" which I don't really know what it is.

Here is my configuration current Interfaces panel:

1637337901466.png


Blue is a Dual port 10GbE nic, used exclusively with fiber links to another server.
The Yellow/Orange is the 4 port Gbit nic used on the Lagg.
The arrows represent the usage between interaces.

I currently have an static IP on the vlan interface for testing, as it seems I have some other issues either on the switch or router, as when I switch to DHCP it doesn't get an IP.

I will split 1 of the Gbit interfaces out for the Jails.
 
Patrick M. Hausen

Patrick M. Hausen

Hall of Famer
Joined
Nov 25, 2013
Messages
7,776
So on that interface you are going to use for the jails - create VLAN if desired, create bridge - no need for an IP address if this is just a layer 2 connection for the jails.

Then for the jail(s):

vnet_default_interface: change from auto --> none
interfaces: vnet0:bridgeNN - this assigns the correct bridge interface to the jail.

"vnet0" is the virtual interface your jail uses. You could connect a jail to more than one bridge, hence vnet0, vnet1, vnet2 ...

Changing vnet_default_interface is really important, because if you leave it set to "auto", TrueNAS will dynamically create a bridge with whatever interface has got your default gateway (for the NAS host) - which can lead to bridging loops, broadcast storms and all sorts of unpleasant events.
 
You must log in or register to reply here.

Similar threads

TomWaller
Can't get my head around jail and plugin networking.
Replies
4
Views
1K
TomWaller
TomWaller
L
TrueNAS Scale and Issue with 2 VLANs/IPs
Replies
4
Views
2K
lafraspberries
L
5
DHCP Disabled on Non-LAGG Interface when LAGG is Established
Replies
7
Views
1K
57HL&gXjw!
5
Newfoundland.Republic
Are JAIL VLANs broken (since upgrading from 11.3 to 12.0)
Replies
2
Views
1K
Newfoundland.Republic
Newfoundland.Republic
L
IMHO Very, Very strange TrueNas VLAN-handling. Not working as expected.
2
Replies
23
Views
5K
jgreco
jgreco
Top