|
||||||||
Hi Where's the proper place to submit m0n0wall bug reports? Problem: ======== A custom MAC address can be specified for any interface, which is very practical in some situations. For example, the m0n0wall kernel does not find the right MAC address for my NICs, instead making up bogus broadcast addresses. When you create a VLAN interface, a tag is applied to outgoing packets and stripped from incoming packets on the physical interface that is the selected parent interface, thus making up the VLAN interface. But the packets must still arrive at the parent interface. This does not happen when specifying custom MAC addresses with <spoofmac>. The VLAN interface gets the original MAC address of the physical interface which the m0n0wall kernel found, instead of the correct custom MAC address. That causes ARP requests for the firewall's address(es) within the VLAN to deliver the wrong MAC address, thus effectively disabling all communication with the firewall over the VLAN. Solution: ========= If the parent interface of a VLAN has a <spoofmac> address, assign the same <spoofmac> address when the VLAN interface is created. (By "created", I do not mean "created in the GUI" but "created using whatever VLAN tools BSD use".) Workaround: =========== Every time you create a VLAN or change the parent interface's MAC address, download the config.xml file and adjust every VLAN to have the same <spoofmac> as their parent interface. Then upload the file again and reboot the firewall. |