Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfSense doesn not respond to ARPs

    Scheduled Pinned Locked Moved General pfSense Questions
    11 Posts 3 Posters 615 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • stephenw10S
      stephenw10 Netgate Administrator
      last edited by

      Can we see an actual pcap file with the failed ARP? I assume the MAC addresses are correct?

      And to be clear it resumes correct function after rebooting the 6100?

      I forget what other tests we did there. Replugging the WAN cable? Resaving the interface? Either bring it back?

      M 1 Reply Last reply Reply Quote 0
      • M
        michmoor LAYER 8 Rebel Alliance @stephenw10
        last edited by

        @stephenw10

        That is correct, 6100 is working again after a reboot.
        Can you DM the link I can use to upload the pcaps?

        Firewall: NetGate,Palo Alto-VM,Juniper SRX
        Routing: Juniper, Arista, Cisco
        Switching: Juniper, Arista, Cisco
        Wireless: Unifi, Aruba IAP
        JNCIP,CCNP Enterprise

        1 Reply Last reply Reply Quote 0
        • stephenw10S
          stephenw10 Netgate Administrator
          last edited by

          You can upload them here: https://nc.netgate.com/nextcloud/s/tMRseYCQ2HWzkKs

          M 1 Reply Last reply Reply Quote 0
          • M
            michmoor LAYER 8 Rebel Alliance @stephenw10
            last edited by

            @stephenw10 files uploaded.

            2x different capture points but same story.

            Firewall: NetGate,Palo Alto-VM,Juniper SRX
            Routing: Juniper, Arista, Cisco
            Switching: Juniper, Arista, Cisco
            Wireless: Unifi, Aruba IAP
            JNCIP,CCNP Enterprise

            M 1 Reply Last reply Reply Quote 0
            • M
              michmoor LAYER 8 Rebel Alliance @michmoor
              last edited by

              @stephenw10
              what do you think about the pcaps?

              Firewall: NetGate,Palo Alto-VM,Juniper SRX
              Routing: Juniper, Arista, Cisco
              Switching: Juniper, Arista, Cisco
              Wireless: Unifi, Aruba IAP
              JNCIP,CCNP Enterprise

              johnpozJ 1 Reply Last reply Reply Quote 0
              • johnpozJ
                johnpoz LAYER 8 Global Moderator @michmoor
                last edited by

                @michmoor you don't have the ethernet filtering enabled do you? With that it is possible to block arp..

                An intelligent man is sometimes forced to be drunk to spend time with his fools
                If you get confused: Listen to the Music Play
                Please don't Chat/PM me for help, unless mod related
                SG-4860 24.11 | Lab VMs 2.8, 24.11

                M 1 Reply Last reply Reply Quote 1
                • M
                  michmoor LAYER 8 Rebel Alliance @johnpoz
                  last edited by

                  @johnpoz said in pfSense doesn not respond to ARPs:

                  @michmoor you don't have the ethernet filtering enabled do you? With that it is possible to block arp..

                  Turned off. Never used it actually

                  Firewall: NetGate,Palo Alto-VM,Juniper SRX
                  Routing: Juniper, Arista, Cisco
                  Switching: Juniper, Arista, Cisco
                  Wireless: Unifi, Aruba IAP
                  JNCIP,CCNP Enterprise

                  1 Reply Last reply Reply Quote 0
                  • stephenw10S
                    stephenw10 Netgate Administrator
                    last edited by

                    Interesting. Were they filtered?

                    I'm not sure why we see the ARP requests from pfSense in the modem mirror but not in the pfSense mirror?

                    Also interesting that we see ARP requests from the modem but from 192.168.1.254.

                    M 1 Reply Last reply Reply Quote 0
                    • M
                      michmoor LAYER 8 Rebel Alliance @stephenw10
                      last edited by

                      @stephenw10
                      What do you mean by filtered?
                      My theory right now is that the card is faulty. Although we see the modem responding it may not be processing within the card. I can’t think of anything else.
                      Cables have been swapped
                      Modems have been swapped
                      The only solution is the igc card and the problem goes away

                      Firewall: NetGate,Palo Alto-VM,Juniper SRX
                      Routing: Juniper, Arista, Cisco
                      Switching: Juniper, Arista, Cisco
                      Wireless: Unifi, Aruba IAP
                      JNCIP,CCNP Enterprise

                      1 Reply Last reply Reply Quote 0
                      • stephenw10S
                        stephenw10 Netgate Administrator
                        last edited by

                        I mean when you ran the pcap was it capturing all traffic or was it filtering by just a limited set of MAC addresses or IP addresses for example?

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.