Well, i work in IT, and we deliver and manage primarly Cisco Meraki, UniFi and have some administration of Fortigate (not delivered by us). In UniFi tagged is the equvilent of Allow All. In Meraki it is called trunk.
Before i made the management NIC VLAN aware i had the port set as for Native VLAN 150, and allow all. Now that the NIC is VLAN aware i set the native VLAN to none and port still to allowed all. For instance on Mikrotik with SwitchOS (what we have on our datacentre) you set the native VLAN to 1 (or any VLAN not in use) and it will basically become 0 or blank as in Meraki.
However this being said. As i have stated before and as @VersionZero mentions this is completely irrelevant as the secondary NIC isn’t physically connected to anything. I have tested with setting an IP in the range of any of my other subnet’s + subnet’s that don’t even exist and i can still get a response from my management IP/NIC. As soon as i set the secondary NIC to 150 it disconnects the management NIC.
I’m 90% sure this is an issue with TrueNAS. What i will try is first to reinstall TrueNAS with version 24.04 or 24.10.
If that won’t work i will just put the secondary NIC in another subnet then 150, and just deal with it that way.
Too bad i can’t post any videos or links to videos here on this forum. Otherwise i would have posted a screen recording, and i think you guys would see that this is most probably a bug of some kind.
These onboard NIC’s are directly soldered to the motherboards backplane. It’s an HP Z620. I have tried the same thing with two add-in cards (1 4-port Intel Nic and some cheap Realtek 1-port NIC), and the issue remains.
Yeah, as you can see from my first post “Since i have become pretty desperate, i have even tested a full reinstall wihtout importing any config. But you guessed it, it still won’t work.”
25.04 is still fairly new so there may be some bugs that have been yet to be discovered/fixed. I’ll give 24.10 a go.
Oh, no! My humblest apologies: I did not mean to underestimate your understanding of networking in general.
I only meant to draw the connection that if we had just reached a stage of discovering that TrueNAS [and Debian] has VLAN support, then it might help to double back and review what that implies for your earlier UniFi settings. I hoped it might spark something in your own analysis.
I haven’t followed closely enough to fully visualize your system. But the sort of trouble I could imagine would include if TrueNAS started unexpectedly bridging or routing its logical traffic out of the physical port.
In particular, I’d thought that I read symptoms of a short gap between temporary success and a disconnected interface. To me, that would smell a bit as if UniFi deconfliction (e.g. STP) is still involved. Not culpable, but involved. (Or forgive me: “in the loop…”)
I have more or less a comparable setup (meaning Unifi Router and Switches and a TrueNAS box with multiple NICs) and did not have those issues.
Just a couple of checkpoints:
I have one NIC that has a fixed IP for management. That IP is on the Unifi main VLAN (ID 1). The Gateway for that network is hard-coded in the TrueNAS network config as well.
There also is a LAGG/Bond of two NICs (failover mode, no LACP) that I use for apps that is on a separate VLAN. That bonded interface is not configured with a fixed IP in TrueNAS, instead I created a VLAN network interface in the TrueNAS GUI for the desired VLAN and assigned that to the bonded virtual NIC. That virtual VLAN interface has its IP address configured fixed (no DHCP).
There is a third NIC configured on the TrueNAS box that has a different VLAN configured again with a virtual VLAN interface specific for that NIC that is used mainly for SMB multi-path. This probably doesn’t matter for your case.
The network ports on the Unifi switches are all set to the default network (main VLAN with ID 1) as the primary network and the other relevant VLANs are allowd on that port as well (this is a port setting in the Unifi UI), except for the third NIC. Here I explicitly set the switch port to that VLAN, but that setting is probably not relevant as well.
Maybe you’ll find where your setup differs, but the main takeaway should be:
Don’t set aliases for different subnets directly if these are on different VLANS, configure virtual network interfaces instead and leave IP aliases empty.
Allow all relevant VLANs on the ports occupied by your NAS in the Unifi UI.
