Help on load balancing arplookup 210.213.215.254 failed: host is not on local ne
-
Yes, hoba. WAN via PPPoE causes problems for load balancing pools using latest snapshots but it is functional using the original 1.0.1.
This must be the cause of my sleepless nights trying to use the latest snapshots in order for my pfsense to have failover capability. ??? -
What do you manually assign as gateway when using 1.0.1 releaseversion for the pppoe link?
-
The gateway that i assign for the WAN poolmember is the gateway that i see from the status\interfaces of WAN (assigned automatically by my ISP via PPPoE).
-
I guess gateway and interface IP is the same and it is a /32, right?
-
WAN IP is 210.213.171.2xx subnet 255.255.255.255
Gateway IP 210.213.170.x -
Ok, I guess the code is too smart to accept a /32 and a gateway outside this subnet atm. Time to revisit it ;)
-
Any update on this problem? Have this been resolved by the new snapshots?
Thank you very much. -
please give me the output from the routing table from Diag -> Routes.
I also require the relevant rules from your rules.debug.
using the command page execute the following.
grep route-to /tmp/rules.debugI do not have a working pppoe test rig so I'm working in the dark here.
Are you willing to provide me access to the box?
I also commited another load balancer fix this evening. Check if that one outputs any messages. -
I'll try loading the new snapshot later, i'm currently using now the original 1.0.1 iso. So far no problem on my load balancer using PPPoe on WAN but no failover.
I'll post my results immediately.
Yes, i'm willing to open my pfsense firewall for you to debug inside.
Thanks. -
I am also having this problem. If it helps any, here is some data on my setup:
lan=fxp0
wan=fxp1 (pppoe)
opt1=fxp2 (WAN2 static IP)wan 100.200.200.110
subnet mask 255.255.255.255
gateway 100.200.200.2541.0.1 release
worked fine, but ISP turned off ICMP on the next-hop router.
Started monitoring the dns server, but it frequently timed-out and went offline.Updated using
pfSense-Full-Update-1.0.1-SNAPSHOT-02-14-2007.tgz
Deleted and re-configured balancer.
Started getting messages in system log and no traffic was going out WAN
kernel: arpresolve: can't allocate route for 100.200.200.254
kernel: arplookup 100.200.200.254 failed: host is not on local networkupdated to
pfSense-Full-Update-1.0.1-SNAPSHOT-02-18-2007.tgz
Slightly diffferent messages in logkernel: arpresolve: can't allocate route for 100.200.200.254
kernel: arplookup 100.200.200.254 failed: could not allocate llinfo
kernel: arpresolve: can't allocate route for 192.0.2.113
kernel: arplookup 192.0.2.113 failed: host is not on local networkFor now, I have pulled the WAN from the balancer pool
(only has opt1)
The default gateway for my LAN is still the balancer.
I CAN however, create a rule for a specific IP pointing to gateway default
and send that machine out the WAN.Here is a partial dump of the current routing table
Destination Gateway Flags Refs Use Mtu Netif Expire
default 100.200.200.254 UGS 0 45115 1492 ng0
100.200.200.110 lo0 UHS 0 0 16384 lo0
100.200.200.254 100.200.200.110 UH 1 105 1492 ng0 -
Just got a chance to try with 1.0.1-SNAPSHOT-02-27-2007 (via update firmware)
Still getting 'host is not on local network' error. -
We are missing a testbed to fix this bug atm. We'll work on it soon. Stay tuned.
-
dotdash
wan 100.200.200.110
subnet mask 255.255.255.255
gateway 100.200.200.254Its a bit early in the morning here, but your subnet mask looks way wrong. The WAN and its gateway should be on the same subnet, and so the arplookup error seems to be reasonable. Try a subnet of 255.255.255.0
-
-
@hoba
Still waiting for the final resolution to this problem, i'm still using now the original 1.0.1 with no problem.
Thank you very much.
:D ;D ::) -
If it helps, I'm in a similar situation (fail-over not working due to arp messages):
WAN1: PPPoE w/"static" DHCP /32
WAN2: StaticRunning 1.0.1-SNAPSHOT-03-08-2007
Getting these messages:
kernel: arplookup 204.213.240.xxx failed: host is not on local network kernel: arpresolve: can't allocate route for 204.213.240.xxxAnything I can do to help? Send logs, etc?
-
Try adding static routes for these hosts or check the routing table to ensure they are correct.
netstat -rn
Also I recall LB not working with pppoe but I could be wrong here.
-
that would be a yes
I think we add a route for the gateway on the underlying interface instead of the ng0 device.Which would result in this iirc.
-
Our firewall started off with PPPoE on the WAN interface connected to an old Westel modem. We added a cable connection w/static IP months later and are currently testing LB/FO. Both connections work fine independently of each other - even with the load balancing pools created. As soon as we create any rules on the LAN interface that reference the LB or FO gateways, we get intermittent connectivity and those arp messages. Unfortunately, I'm not on that customer's site, so my netstat -rn is shows the routes with LB/FO rules disabled:
Destination Gateway Flags Refs Use Netif Expire default 204.213.240.129 UGS 0 7510236 ng0 74.92.60.116/30 link#4 UC 0 0 em3 74.92.60.118 00:13:f7:22:ae:b0 UHLW 1 432194 em3 1043 127.0.0.1 127.0.0.1 UH 0 0 lo0 192.168.1 link#3 UC 0 3236 em2 204.213.240.253 lo0 UHS 0 0 lo0Would a temporary workaround be to connect the Westel modem to a Linksys router (to handle the PPPoE) and configure static RFC1918 IP's between the pfSense box and the Linksys?
-
A similar situation was discussed here: http://forum.pfsense.org/index.php/topic,4100.0.html
Quick summary:
You could use 1.0.1 release and PPPoE on pfSense's WAN.
You could double nat, but that sucks.
If you have multiple publics (static block), have a router (another pfSense with LAN bridged to WAN??) do the PPPoE and configure pfSense with a straight public IP.