Ping to Wan interface only works when packet capture activated?
-
Update: After rebooting, I lose access to the LAN as well - onlyway I can then get the web ui to work is by doing tcpdump -i re1 from the shell ?
Straight off the CD install onto dedicated hardware, uing version (2.0.1-RELEASE (i386) built on Mon Dec 12 17:53:52 EST 2011 FreeBSD 8.1-RELEASE-p6) setting IP's for Wan and Lan, in this case (even though i've tried others)
(re0) WAN Static 192.168.6.2/24 (private and Bogon unticked)
(re1) LAN Static 192.168.10.120/24 (private and Bogon unticked)Added a Firewall rule on the WAN tab
Pass Proto = ICMP, Source *, Dest *,I'm unable to ping the 192.168.6.2 interface (from on the WAN network) , UNLESS I go to the diagnostic menu and choose packet capture, as soon as I start the capture, the ping replies come back, soon as I stop it, they replies stop.
When the capture isn't running, and on the testing machine, the address 6.2 isn't in the arp table, then the arp request for 6.2 goes out, and is answered with the correct MAC by 6.2, the following pings are not.Disabling the rule results in no ping responses regardless of the packet capture.
I'm able to ping the LAN interface all the time with no problems.
Swapping the interface assignments round
(re1) WAN Static 192.168.6.2/24 (private and Bogon unticked)
(re0) LAN Static 192.168.10.120/24 (private and Bogon unticked)
has no impact, thus suggesting it's not a netcard issueTIA
Mack
-
Do you have a custom MAC address on your WAN interface?
-
Do you have a custom MAC address on your WAN interface?
No. Both sides are test lans, so no need for anything funky (yet!), i'm purely setting it up to see if I can use it to replace my ageing SEF velociraptor…
-
there's an fxp (intel) interface on there as well, I'll give that a try and see how that behaves, perhaps it's the re(altek) driver playing silly buggers…
-
Okay… it's the re driver, the intel card behaves as expected, but the realtek stuff seems to suck eggs (typical)
For reference, the card(s) in question are (soon to be were) : ST1000BT32
This seems to be somebody else with the same issue. Time to pick up some pro 1000 cards then
http://www.daemonforums.org/showpost.php?s=4a0c236f4c91e035320c126c1dd21381&p=19867&postcount=7
-
Hmm seems odd that they only work in monitor mode (what happens when you start a packet capture). I would have suggested a MAC issue as Wallabybob did.
I wonder if StarTech have changed the chipset on this board since:@http://forum.pfsense.org/index.php/topic:
Thank you for your help. I got the StarTech ST1000BT32 Gigabit Card and it worked fine - just plugged it in and I was good to go.
Steve
-
I wonder if StarTech have changed the chipset on this board since:
Not really sure, it's currently listed as being
Realtek - RTL8110SC
However the driver reports as being
Realtek 8169/8169S/8169SB/8110S/8110SB
So I suppose there may be a newer revision of the chipset (the SC?).What's funnier is that the LAN interface (when on the realtek) works fine between installation and first reboot, at which point it fails unless in monitor mode!!
Anyway, from reading the spec docs, the realtek cards aren't recommended for high throughput anyway, and since i'm going gigabit ahead of my pending 1Gb/s Fibre install, I guess the Intels are the better option. :)
-
Intel NICs are indeed the better option. :)
However I think a large amount of the bad rep associated with Realtek was due to their 10/100 cards. The recent Gigabit cards are much better.Steve