I was about to say that….in 1.2.3 this causes no issues on port 80. It is also solved in the jan 18 snapshot if I recall correctly.

Problem solved looks like, there was problem with cisco Catalyst 2960G switch, which was got from black market :) Thanks all for helping!

Does the hostname given by that PC contain any non-printable characters? It's probably trying to prevent the log from becoming corrupt with non-printable (control) characters.

I setup DHCP lease time to 7 days and my cpu reached constant 100% utilization (unless I remove the 7 days and reboot the machine) this is really weird as it is…

I solved my problem. I forgot to add first my local domain in domain category on dns forwarder ::) Now, it work fine ^^.

@wallabybob: You have a default route set so what you are seeing is different from the problem in the linked thread so that suggestion doesn't seem to apply. Here's what the log on my pfSense 2.0 BETA looks like after I removed the WAN cable and restored it. Your dhclient log reports: Jan 17 21:16:16 dhclient: New Routers (xl0): and your log later reports Jan 17 21:16:20 php: : Could not find gateway for interface(wan). In contrast, my dhclient log reports Jan 19 09:29:49 dhclient: New Routers (vr0): 192.168.211.173 and Jan 19 09:29:51 php: : ROUTING: change default route to 192.168.211.173 In the particular event recorded in the log extract you posted the dhcp information appears to have not included a default route. But there was a default route in the output you posted. There was an update in between? There was no update in between the event last night and the log I posted today.  I visited the gateway tab after taking the netstat information.  I just performed a removal/restore of the WAN cable from my router and show this: Jan 18 19:51:14 check_reload_status: syncing firewall Jan 18 19:51:17 dhcpd: Internet Systems Consortium DHCP Server 4.1.1-P1 Jan 18 19:51:17 dhcpd: Copyright 2004-2010 Internet Systems Consortium. Jan 18 19:51:17 dhcpd: All rights reserved. Jan 18 19:51:17 dhcpd: For info, please visit https://www.isc.org/software/dhcp/ Jan 18 19:51:17 dnsmasq[46051]: reading /etc/resolv.conf Jan 18 19:51:17 dnsmasq[46051]: using nameserver 75.75.76.76#53 Jan 18 19:51:17 dnsmasq[46051]: using nameserver 75.75.75.75#53 Jan 18 19:51:17 dnsmasq[46051]: exiting on receipt of SIGTERM Jan 18 19:51:18 dnsmasq[22157]: started, version 2.55 cachesize 10000 Jan 18 19:51:18 dnsmasq[22157]: compile time options: no-IPv6 GNU-getopt no-DBus I18N DHCP TFTP Jan 18 19:51:18 dnsmasq[22157]: reading /etc/resolv.conf Jan 18 19:51:18 dnsmasq[22157]: using nameserver 75.75.76.76#53 Jan 18 19:51:18 dnsmasq[22157]: using nameserver 75.75.75.75#53 Jan 18 19:51:18 dnsmasq[22157]: read /etc/hosts - 2 addresses Jan 18 19:51:20 dhcpd: Internet Systems Consortium DHCP Server 4.1.1-P1 Jan 18 19:51:20 dhcpd: Copyright 2004-2010 Internet Systems Consortium. Jan 18 19:51:20 dhcpd: All rights reserved. Jan 18 19:51:20 dhcpd: For info, please visit https://www.isc.org/software/dhcp/ Jan 18 19:51:20 php: /system.php: The command '/usr/bin/killall 'ntpd'' returned exit code '1', the output was 'killall: warning: kill -TERM 59154: No such process' Jan 18 19:51:21 check_reload_status: reloading filter ---- Jan 18 20:03:06 php: : DEVD Ethernet detached event for wan Jan 18 20:03:06 dhclient[8559]: connection closed Jan 18 20:03:06 dhclient[8559]: connection closed Jan 18 20:03:06 dhclient[8559]: exiting. Jan 18 20:03:06 dhclient[8559]: exiting. Jan 18 20:03:08 kernel: arpresolve: can't allocate llinfo for [my_subnet].1 Jan 18 20:03:08 kernel: arpresolve: can't allocate llinfo for [my_subnet].1 Jan 18 20:03:08 kernel: arpresolve: can't allocate llinfo for [my_subnet].1 Jan 18 20:03:11 kernel: arpresolve: can't allocate llinfo for [my_subnet].1 Jan 18 20:03:12 kernel: arpresolve: can't allocate llinfo for [my_subnet].1 Jan 18 20:03:12 check_reload_status: Linkup starting xl0 Jan 18 20:03:12 kernel: xl0: link state changed to UP Jan 18 20:03:13 kernel: arpresolve: can't allocate llinfo for [my_subnet].1 Jan 18 20:03:13 kernel: arpresolve: can't allocate llinfo for [my_subnet].1 Jan 18 20:03:13 kernel: arpresolve: can't allocate llinfo for [my_subnet].1 Jan 18 20:03:13 php: : DEVD Ethernet attached event for wan Jan 18 20:03:13 php: : HOTPLUG: Configuring interface wan Jan 18 20:03:13 kernel: arpresolve: can't allocate llinfo for [my_subnet].1 Jan 18 20:03:13 kernel: arpresolve: can't allocate llinfo for [my_subnet].1 Jan 18 20:03:13 kernel: arpresolve: can't allocate llinfo for [my_subnet].1 Jan 18 20:03:13 kernel: arpresolve: can't allocate llinfo for [my_subnet].1 Jan 18 20:03:13 kernel: arpresolve: can't allocate llinfo for [my_subnet].1 Jan 18 20:03:14 kernel: arpresolve: can't allocate llinfo for [my_subnet].1 Jan 18 20:03:14 kernel: arpresolve: can't allocate llinfo for [my_subnet].1 Jan 18 20:03:14 kernel: arpresolve: can't allocate llinfo for [my_subnet].1 Jan 18 20:03:14 dhclient: PREINIT Jan 18 20:03:14 dhclient[20596]: DHCPREQUEST on xl0 to 255.255.255.255 port 67 Jan 18 20:03:14 dhclient[20596]: DHCPACK from 73.117.224.1 Jan 18 20:03:14 dhclient: REBOOT Jan 18 20:03:14 dhclient: Starting add_new_address() Jan 18 20:03:14 dhclient: ifconfig xl0 inet [my_subnet].155 netmask 255.255.254.0 broadcast 255.255.255.255 Jan 18 20:03:14 dhclient: New IP Address (xl0): [my_subnet].155 Jan 18 20:03:14 dhclient: New Subnet Mask (xl0): 255.255.254.0 Jan 18 20:03:14 dhclient: New Broadcast Address (xl0): 255.255.255.255 Jan 18 20:03:14 dhclient: New Routers (xl0): [my_subnet].1 Jan 18 20:03:14 dhclient: Adding new routes to interface: xl0 Jan 18 20:03:14 dhclient: /sbin/route add default [my_subnet].1 Jan 18 20:03:14 dhclient: Creating resolv.conf Jan 18 20:03:14 apinger: ALARM: WAN([my_subnet].1) *** down *** Jan 18 20:03:14 apinger: alarm canceled: WAN([my_subnet].1) *** down *** Jan 18 20:03:14 check_reload_status: rc.newwanip starting xl0 Jan 18 20:03:14 dhclient[20596]: bound to [my_subnet].155 -- renewal in 172800 seconds. Jan 18 20:03:15 php: : rc.newwanip: Informational is starting xl0. Jan 18 20:03:15 php: : rc.newwanip: on (IP address: [my_subnet].155) (interface: wan) (real interface: xl0). Jan 18 20:03:15 php: : ROUTING: change default route to [my_subnet].1 Jan 18 20:03:15 check_reload_status: reloading filter Jan 18 20:03:15 check_reload_status: reloading filter Jan 18 20:03:15 apinger: Exiting on signal 15. Jan 18 20:03:16 check_reload_status: reloading filter Jan 18 20:03:17 apinger: Starting Alarm Pinger, apinger(32075) Jan 18 20:03:31 dnsmasq[22157]: reading /etc/resolv.conf Jan 18 20:03:31 dnsmasq[22157]: using nameserver 75.75.76.76#53 Jan 18 20:03:31 dnsmasq[22157]: using nameserver 75.75.75.75#53 Notably, it reports that it has the correct default route: Jan 18 20:03:15 php: : rc.newwanip: on (IP address: [my_subnet].155) (interface: wan) (real interface: xl0). Is it possible that the NTPD error above just before I unplugged has something to do with it?  I'd assume no, but I'm not sure if the general error has a bigger tell.

Thanks for the updated information. I felt as if I was thrown in the deep end of the swimming pool when I started in networks. The learning curve seemed very steep. An ongoing frustration I have with the reporting on this issue is that I have to keep asking for the same information. Two examples: I asked for the IP addresses of the pfSense interfaces. I can't see them ALL on your diagram. I asked for the ssh command you have been using to access the mail server. Because the pfSense box on your diagram didn't have the interface names close to the box it took me a while to see them. It looks to me that WAN is rl0, OPT1 is rl1 and LAN is bfe0. Correct? Realtek interfaces, especially the early rl interfaces, have a reputation for poor quality. Does your pfSense system log report anything involving rl0 or rl1? There are two paths from client PCs to the mail server. Do you get different results for your ssh session depending on which path you use? (Try ssh to the mail server LOCAL IP address, ssh 10.10.0.146 and ssh to the mail server "public" IP address, ssh 69.29.44.19). Does either session last more than two minutes after login? On the mail server, what brand and model of NICs are used? (post output of shell command lspci) Is there anything in the system log reporting any event on the nterfaces? Hopefully you don't have old generation Realteks there.

That was a known issue with 1.2.x, but has been fixed a long time ago in 2.0. 1.2.x won't be receiving any more updates, 2.0 is right around the corner.

@jimp: For machines with static IPs, there is no way to automatically determine their hostname. Well, this answers my question. Thank you.

Turns out with my old cable modem from Road Runner (ISP), each modem mac address would continue to fetch the same IP address. With a new modem it fetches an IP address based on the mac address of the device attached to the cable modem. Using the Settings > WAN interface an alternate MAC address in this setting will pull down a new IP address from the ISP. Once again pfSense is doing its job without issue. Hope this helps anyone as easily confused as I.

Hi Jimp,   You were correct.  One of our ISP's was returning no results for every record our pfsense requested.  I switched the DNS server to a different machine and that resolved the issue.

Ah ok. I was, as you say reading it as a reservation as up until this point my experience had been building DHCP on Windows servers and the odd home router setup where that's generally how DHCP static assignments within your given range would work. Thanks for clearing that up. :-)