ping problem with pfsense, need to reboot each time a NIC restarts

stephenw10

What exactly do you mean by 'reboot the NIC'?

Check the routing tables. Check the ARP tables.

What error is shown when you try to ping? Both ways?

Steve

NollipfSense

@imomushi said in ping problem with pfsense, need to reboot each time a NIC restarts:

reboot a Network Interface Card

Sounds as if it's turbo powered...

imomushi

@stephenw10

on my debian host, nothing happens and if I cancel the ping it displays the nuber of failed requests (pfsens cant ping at this point as well)

then I reboot my pfsense host

and now the ping works from both sides

Problem seems to be, if a host network card is powered AFTER pfsense, a ping won't work

stephenw10

So by 'rebooting the NIC' you mean just rebooting the host?

Is the NIC passed through to the pfSense VM?

Check the ARP and route tables.

imomushi

@stephenw10

ARP table :

the mac address for 192.10.0.6 is correct, but the ping stops working if I restart debian host

here is route table

stephenw10

The Debian test client is another VM in VMWare?

When it fails is it still current in the pfSense ARP table?
Is the pfSense LAN address in Debia's ARP table?

Run a packet capture on LAN when you are trying to ping from Debian. Do you see the packets arriving?

imomushi

@stephenw10 said in ping problem with pfsense, need to reboot each time a NIC restarts:

re on LAN when you are trying to ping from Debian. Do you see the packets a

ok so I capture packets when it's working and I get something in the capture as you can see in the screenshot just below

Then I used ifdown/ifup command on my debian VM..
with ICMP only I get nothing

I do get the ping request coming from pfsense but no response from the debian. for this capture I selected all packets related to the debian host, 192.10.0.15

imomushi

@stephenw10

ok the problem has been spotted. When I reboot a VM, the MAC address of pfsense changes (same wrong value for both VMs)

stephenw10

Ok, that's why I said to check the ARP tables.

What is that bad MAC? Some other device using the pfSense IP address?

I would expect to see warnings in the pfSense system log if there was an IP conflict. Unless it never sees the ARP responses for some reason.

imomushi

@stephenw10
I checked my arp table on physical host and pfsense, but the bad mac address doesnt exist.

Im trying to get rid of arp cache on my vm hosts using arp -d [destination IP] but it comes back again

stephenw10

It's also a VMWare MAC address. Is it setup to offer DHCP itself?

imomushi

@stephenw10

Yes it is. And I disabled vmware virtual network local dhcp

ANd it works. Thank you for your patience ! You really helped me out on this, have a nice day/night