Good Evening Everyone,
Long time TrueNas user, first time poster to this forum. I have been having access issues since upgrading to the point release of Fangtooth.
First my UI became inaccessible (which I solved by changing the default route to the subnet of my UI) and now I cannot access any of my shares which are bound to my second NIC that is on a different subnet than the default route.
If I move everything to the same subnet as the default route it works, but otherwise I cannot ping or access SMB, etc.
I’ve tried playing around with static routes but that hasn’t helped at all.
Any idea what the problem is and why it’s just happened now? I’ve had the same config since Scale 23 generation without any upgrade problem ever!
Thanks!
Pretty sure the gui and services can be bound to specific nics and you need a solid default route / gateway. Might have lost some duct tape holding it together during the upgrade.
Go look at your global smb service settings, advanced . See which ip is assigned.
In my case I have two nics with two ip addresses. They’re defined here.
Look in system /general / gui settings too. It lets you define which ip supplies the gui.
I can add my GUI/Mgmt NIC IP to the SMB and that works. The problem is I can’t access it over the other NIC which is what I need for non-admin users on my network.
1 Like
Can ya click add and put another ip in there?
First, you should post an ip a output.
“access it” – SMB or GUI? And how do you want it to be?
I cannot ping or access the share over smb from a client on my network…
What about ip a? System → Shell → ip a.
Is your client connected to the “non-admin” NIC?
Ok I am starting to understand what is going on but not still not sure a) what to do about it and b) why this all just happened after Fangtooth.
I connect to Truenas from different VLANs on my network. I have an Admin VLAN which certain clients live on that access the WebUI, and a User VLAN that the rest of the clients live on that access the SMB. My Admin VLAN has permissions at the router/firewall level to access both.
What appears to be happening here is an assymetric response where I access one interface say 10.1 from 10.3 and because the reply is not going back to a 10.1 interface somewhere the packet is dropped.
If I manually add a static route it works but essentially then I would have to have a gateway for each VLAN I am routing through which seems excessive, and again, this was never a problem before.
ChatGPT suggested changing:
net.ipv4.conf.enp3s0f1.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.default.rp_filter= 0
net.ipv4.icmp_echo_ignore_all = 0
But adding these to sysctl in the GUI didn’t seem to do anything. And in the /etc file everything was commented out so I am assuming there is a default override somewhere?
Can anyone explain to me what’s going on and why it changed in Fangtooth?
Don’t wanna be rude, but your entire post looks like it was AI-generated.
You didn’t answer questions. You brought the interfaces’ exact IPs (or better say prefixes) without explaining which one stands for what. You even brought some /etc file nobody had mentioned…
Perhaps I should have just answered with ChatGPT...
Not AI. Sorry you weren’t following my comments.
I’ll go seek help elsewhere unless someone else on this forum can help?
I doubt you could gain much help without answering clarifying questions.
Why do you refuse to post ip a output? Is it a secret or what?
This shows that my question was totally legit, as it seems you rely on promiscuous networking mode.
Sorry I didn’t see your client question. Yes the client is on the non-admin nic.
Will post ip an output when I’m back on the server.
Thanks
