pfSense and unraid host/dockers

[rogly]

Hey guys, I've recently setup pfSense via KVM on my unraid server (6.2 stable) and am experiencing some (in my opinion) networking weirdness.

 

Eth0 is setup statically with default gateway and DNS pointing to pfSense

 

Eth1 has no IP address configured on unRAID and pfSense is using this as its WAN interface

 

Now everything works great (kinda), my clients and VMs have internet access, etc but for some reason dockers cannot update or pull from the internet, as well as the unraid WebGUI itself... if I SSH into unraid I can reach the internet no problem, traceroutes look normal etc.

 

Is there anything I am missing here?

 

Thanks,

 

[treynaer]

Hi

 

I'm having the same issue. My server has 4 gigabit ports. I tried following configs:

 

Config 1:

- 1 port bridged to the pfSense vm for WAN. No ip configured in unRaid.

- 3 ports bonded with 802.3ad. Bridged to pfSense as LAN. IP for unRaid configured.

Result: Internet on LAN but not on unRaid web/Docker

 

Config 2:

- 1 port direct access to the pfSense vm for WAN.

- 3 ports bonded with 802.3ad. Bridged to pfSense as LAN. IP for unRaid configured.

Result: Internet on LAN but not on unRaid web/Docker

 

Config 3:

- 1 port bridged to the pfSense vm for WAN. No ip configured in unRaid.

- 1 port bridged to the pfSense vm for LAN. No ip configured in unRaid.

- 2 ports bonded with 802.3ad. IP for unRaid configured.

Result: Internet on LAN and unRaid web/Docker

 

I still have no clue why only config 3 provides internet to unRaid web/docker. My switch supports 802.3ad.

 

I would like to use config 1 as now internet passes the external switch instead of using the internal virtual 10Gbps connection and I lose one connection in the bond.

 

Do we see this behaviour because a bridge interface doesn't support switching as oppose to a vSwitch in for example vSphere? Or is there something wrong with routing/switching?

 

Tim