(Solved) pfSense blocks static and DHCP ip requests from unraid when bridging is enabled

[brandon3055]

So i have been banging my head against the wall for months now trying to figure out why unraid's networking just implodes when i turn on bridging. Eventually i concluded it must be an issue with the Realtek nic i'm using. I finally switched to a nic from the unraid recommended hardware list and... same problem.

 

After a lot more debugging i found the issue. I dont know much about this topic but my digging i have discovered that when most devices request an ip via DHCP they send a request to 255.255.255.255 with a source of 0.0.0.0. I assume this is what unraid does when bridging is disabled because everything works. 

However when i enable bridging unraid switches to the "link local" domain (169.254.x.x) it sends its request to 169.254.255.255 with a source of 169.254.14.59.

Now i dont know if this is normal or a bug. Other routers seem ok with this but it turns out pfsense just completely blocks all traffic on the link local address thereby preventing unraid from ever getting a DHCP response. This fores unraid to use a fallback link local address (196.254.14.59 in my case)

 

It even shows in the pfsense log that the request is being blocked  

Notice the source IP matches the ip unraid falls back to. Also a bunch more entries show up every time i connect the unraid box to the network so there is no doubt that this unraid being blocked.

Unfortunately all my research has told me that the rule that blocks link local traffic is hard coded into pfsense so i dont think there is anything i can do on that end to work around that.

 

This also may or may not have something todo with the fact that pfsense is not connected directly to the internet but instead to a dmz that eventually leads to the internet.   

Edited December 26, 2018 by brandon3055

[JonathanM]

Why are you using DHCP for a server? Wouldn't it make more sense to keep the server on a static IP defined on the server itself? I have a pfsense dhcp static assignment defined for my server so pfsense can keep track of it, but I also define the IP I need on unraid itself.

[brandon3055]

31 minutes ago, jonathanm said:

Why are you using DHCP for a server? Wouldn't it make more sense to keep the server on a static IP defined on the server itself? I have a pfsense dhcp static assignment defined for my server so pfsense can keep track of it, but I also define the IP I need on unraid itself.

You are correct. Why i said "pfSense blocks static and DHCP" in the title. The reason it took me so long to to figure out that this is a pfsense issue is i was always using a static ip and it simply wasn't working and i had no idea why. I only started piecing things together when i decided to try DHCP for the hell of it and noticed it was being assigned 169.254.14.54. Some more research and i discovered thats a fallback ip used when dhcp fails. That eventually lead me to take a look at the pfsense logs where i found that unraid is being blocked.

After thinking about i guess its possible unraid is using the normal ip for its DHCP request and failing. What i am seeing the the pfsense log may just be a result of unraid trying to access the network with its fallback IP after dhcp has already failed.

   

In any case I can only assume whatever is preventing unraid from getting a response from DHCP is the same thing that is breaking static ip assignment.   

Edited December 25, 2018 by brandon3055

[brandon3055]

Figured out a solution to this issue over on the pfsense forum.

https://forum.netgate.com/topic/139027/pfsense-blocks-static-and-dhcp-ip-requests-from-unraid-when-bridging-is-enabled/13

 

TLDR: the pfsense mac address for the LAN interface defaults to "00:00:00:00:00:00" and unraid does not like that. I set a proper mac address and now everything works fine.

 

Edit: Looks like this is more likely an issue with my LAN nic not pfsense.   

Edited December 28, 2018 by brandon3055