Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    2 Windows hosts cannot receive echo ping from the same IPv4 internet host simultaneously

    Scheduled Pinned Locked Moved NAT
    7 Posts 3 Posters 93 Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      madbrain
      last edited by madbrain

      I discovered a very weird problem recently with pfSense + 25.07 .

      I have two Windows 11 Pro x64 hosts.

      1. on the first host, I start a terminal with "ping -t 8.8.8.8" . It starts receiving responses.

      2. on the first host, I start a terminal with "ping -t 8.8.8.8" . It gets timeouts

      3. on the first host, I ctrl-c out of ping

      4. the second host starts receiving ping replies from 8.8.8.8

      I can reproduce this issue with pfSense factory defaults, having only selected the LAN and WAN interfaces on the local console, never even resetting the password or logging in to the web UI.

      Hardware wise, the NIC is an Intel X550-T2 . ix0 is the WAN interface, with a Comcast XB8 in bridged mode connected. ix1 is the LAN interface, connected to an unmanaged TP-Link TL-SX105 switch. Only 3 ports on the switch are in use - one for pfSense, two for the Windows hosts.

      I couldn't make it any simpler to reproduce the issue if I tried.

      If I bypass pfSense, and set the XB8 in router mode rather than bridge mode, I don't have that issue - both Windows hosts can ping 8.8.8.8 successfully.

      I'm not sure what causes this, but suspect some sort of NAT issue, which is why I posted in this forum.

      If I use two Linux hosts with pfSense, rather than two Windows hosts, they can both receive ping from 8.8.8.8 simultaneously successfully. One Windows host and one Linux host both ping 8.8.8.8 is also OK.

      Note that the issue is not specific to 8.8.8.8 . I just used it as an example. If two Windows hosts both ping 1.1.1.1, I also see the same problem.

      Also, the issue is specific to IPv4 . If both Windows hosts ping an IPv6 host, such as 2606:4700:4700::1111, they simultaneously receive echo ping.

      patient0P 1 Reply Last reply Reply Quote 0
      • M madbrain referenced this topic
      • patient0P Online
        patient0 @madbrain
        last edited by

        @madbrain I thought the fix made it into pfSense but your are right it's not in 25.07.

        The reference is "FreeBSD Bug 283795 - ICMP echo requests from Windows hosts dropped when NAT'ed":
        https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=283795

        For me it is fixed in pfSense 25.11-BETA, testing from two Linux VM running ping -e 1 1.1.1.1

        M 1 Reply Last reply Reply Quote 1
        • M Offline
          madbrain @patient0
          last edited by madbrain

          @patient0 I don't see the bug from Linux hosts. Did you test from Windows hosts with 25.11-beta ?

          Never mind. I had not tried 2 Linux hosts - only 1 Windows + 1 Linux. I reproduced it also with one Raspberry Pi OS box, and one Ubuntu 22 box, both pinging 8.8.8.8 .

          Actually, I'm so confused. On the second attempt, both Linux boxes succeeded simultaneously.

          patient0P 1 Reply Last reply Reply Quote 0
          • patient0P Online
            patient0 @madbrain
            last edited by patient0

            @madbrain on Linux you have to run ping with -e 0 to see the bug.

            Windows ping seems to use ICMP identifier 0 and other ping implementation use a random one.

            Edit: ok, good you could reproduce it on Linux

            @madbrain said in 2 Windows hosts cannot receive echo ping from the same IPv4 internet host simultaneously:

            Actually, I'm so confused. On the second attempt, both Linux boxes succeeded simultaneously.

            You run ping -e 0 ... on Linux?

            M 1 Reply Last reply Reply Quote 0
            • M Offline
              madbrain @patient0
              last edited by

              @patient0 Actually odd, it didn't work at first, then started working on Linux.

              The explanation makes sense. I'm still a bit wary of using 25.11 beta in production. Will check release notes.

              patient0P 1 Reply Last reply Reply Quote 0
              • patient0P Online
                patient0 @madbrain
                last edited by patient0

                @madbrain said in 2 Windows hosts cannot receive echo ping from the same IPv4 internet host simultaneously:

                m still a bit wary of using 25.11 beta in production. Will check release notes.

                I understand and you may really want to wait. It was meant only as a reference that it will work in the future.

                S 1 Reply Last reply Reply Quote 0
                • S Offline
                  SteveITS Galactic Empire @patient0
                  last edited by

                  @patient0 I’d run into/posted this a while back and it was driving me nuts. Good to hear FreeBSD fixed it. Or accounted for it.

                  Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
                  When upgrading, allow 10-15 minutes to reboot, or more depending on packages, CPU, and/or disk speed.
                  Upvote 👍 helpful posts!

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.