Results 1 to 1 of 1
  1. #1
    Untanglit
    Join Date
    Feb 2021
    Posts
    28

    Default Half of the VLAN interfaces are BR and unaddressed, other half are addressed

    Having some issues implementing WOL Packet forwarding using knockd listening on a vlan interface, which led me to discover this weird behavior when untangle creates vlan interfaces.

    The problem that cause me to find this is that knockd doesn't listen on interfaces without IP address, and the interface that packets are seen coming into is an interface with no ip address. Let me explain further with an example.

    So I have an interface, lets say eth0. I want two vlans off of this interface, vlan 100 and vlan 110. I create these interfaces in untangle gui changing eth0 to a bridged interface and creating two new tagged vlan interfaces.

    What I am seeing in the gui is that one vlan interface is listed as eth0.100 and the other is listed as br.eth0.vlan110

    If you run ifconfig, there are total 4 interfaces. (I'd expect to see 3...)
    eth0 - No IP (Physical interface)
    eth0.100 - NO IP ADDR
    eth0.110 - a.b.c.d
    br.eth0-100 - e.f.g.h

    The problem is that running a tcpdump on br.eth0.100 looking for packets destined for the firewall itself, I see NO PACKETS.
    Instead I see the packets coming to the firewall showing up on eth0.100. The interface with no IP address.

    So in my case, if I send a syn packet to the IP address on br.eth0-100, tcpdump (and knockd) will NOT see the packet. Switch the listening interface in tcpdump to eth0.100, and suddenly the packets are showing up here.

    Please tell me there is a reason why theres just an extra interface thrown in when creating vlans.
    I am only asking out of curiosity of the interfaces.
    Last edited by erasedhammer; 06-20-2021 at 12:09 PM.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2