I lurked in forums in search for a solution and found that in stock BSD the xn interface is reported working fine with VLANs, even the vlanmtu is not reported as capable at driver level.
So my idea is to cheat pfsense and report xn network devices as VLAN capable.
Here's the trick:
Go to Diagnostic -> Edit File
Load file /etc/inc/interfaces.inc
Locate the function is_jumbo_capable ( in pfsense 2.2.6 starts at line 5181) end edit as is:
/****f* interfaces/is_jumbo_capable
* NAME
* is_jumbo_capable - Test if interface is jumbo frame capable. Useful for determining VLAN capability.
* INPUTS
* $int - string containing interface name
* RESULT
* boolean - true or false
******/
function is_jumbo_capable($iface) {
$iface = trim($iface);
$capable = pfSense_get_interface_addresses($iface);
if (isset($capable['caps']['vlanmtu']))
return true;
// hack for some lagg modes missing vlanmtu, but work fine w/VLANs
if (substr($iface, 0, 4) == "lagg")
return true;
// hack for XenServer xn interfaces
if (substr($iface, 0, 2) == "xn")
return true;
return false;
}
Then go to Interfaces->Assign->VLAN and create your VLAN interface on your xn network!
Refers To: Pfsense issue 4103
Hi there, how it's working after changes ? did you find some issue to remark ?
RispondiEliminaIn some case it works fine and in some case there's some issues passing traffic from non tagged lan to tagged ones.
EliminaNeeds extensive testing
Questo commento è stato eliminato dall'autore.
RispondiEliminaIn my case i have configured this setting but when i made this changes then pf sense found issue not open in browser.
RispondiEliminaOk, work for me. And what about Firewall > Traffic Shaper > By Interface ?
RispondiEliminaThis firewall does not have any interfaces assigned that are capable of using ALTQ traffic shaping.
Have this notifications. Please help, thank you
Please note that you need to set mtu of the physical interface (pif) in xenserver to 1504 to allow the vlan header to fit in to the frame.
RispondiEliminaThis also means that the interface should not be the same as the management-interface.
didnt work w/ pf 2.5.1 xenserver 7.6
RispondiElimina