this post was submitted on 26 Nov 2023
2 points (75.0% liked)

Homelab

380 readers
9 users here now

Rules

founded 1 year ago
MODERATORS
 

Server unreachable from other VLANs. Help!

Hey guys, not aure of this is the right place or better somewhere like r/homenetworking or r/homeserver.

I am in the process of setting up an Omada network and am running into VLAN issues.

Right now have 2 VLANs. Vlan 1 is the management vlan and Vlan 10 is the home vlan. Vlan 1 contains my home server and I am trying to get devices on Vlan 10 to connect to the server. It runs things like jellyfin and my home automation stuff.

I have not set up any ACLs and so as I understand it with Omada all vlans should be able to talk to all other vlans.

From the server I can ping other devices on the 10 vlan, but only devices on the 1 vlan can ping the server or connect to its services.

The server is running Ubuntu 22.04 and all the services are running in docker behind traefik for TLS with let's encrypt.

I don't really understand why the server can ping things on the 10 vlan and get a response but the things on 10 can't. And at this point I don't even know where to go next.

Any ideas??? Pointers?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 0 points 11 months ago (1 children)

Is this a windows server? The firewall maybe only be set to respond to pings (icmp echo request) from the local subnet. Its on the scope tab of the firewall rule.

[–] [email protected] 0 points 11 months ago (2 children)

No, running Ubuntu server 22.04 on baremetal.

The only thing affected appears to be the server. If I hook my laptop up to the 10 vlan I can still ping my desktop on the 1 vlan, and ping back.

It is like the server is not responding to pings from other subnets.

[–] [email protected] 1 points 11 months ago* (last edited 11 months ago) (1 children)

Double check your subnet mask on the network interfaces.

Use "tcpdump -i eth### icmp" on your server to see if it's receiving the packets, and if it's replying. If it's not replying, check firewall rules.

[–] transientpunk 1 points 11 months ago* (last edited 11 months ago) (1 children)

Just a heads up, you're replying to bots

[–] [email protected] 2 points 11 months ago
[–] [email protected] 0 points 11 months ago

Check if ufw is enabled, if so allow icmp. If your on a different vlan you would have to have a router between you and the other vlan. Make sure you have the IP/subnet/gateway right on your server.