Lost LAN connection
-
That's what gets written into /boot/loader.conf autimatically. If you wanted to change those values or add others you should use /boot/loader.conf.local but there is no need to unless you do.
Possible to access the Local inteface of the pfSense and access the web gui.
From where? On which interface?
Steve
-
hi Stephenw10
I can acces the webgui from the VPN connection (from WAN).
despite the modification done, the firewall had the same behavior I had again to reboot the firewall
One thing I noticed, the ARP table empties when this happens...
The limit of kern.ipc.nmbclusters was not reach when the connection on the LAN was lost. -
Are those NICs configured differently in Proxmox? I assume the LAN is just internet a v-switch? Is the WAN NIC passed through to a real NIC?
Steve
-
On the proxmox
there is a physical NIC configure on the proxmox with public IP
There is a virtual NIC on the proxmox with IP on this subnet 10.x.x.x/30 named WAN set as bridge
on the proxmox an iptables config in order to forward all traffic on the NIC WAN of the pfsense
On the pfsense, there is a NIC with internal IP on this subnet 10.x.x.x/30named WAN
On the pfsensen there is a NIC with internal IP on this subnet 192.168.5.0/24. -
I have just lost again LAN connection.
I can ping 8.8.8.8 or an Internet FQDN, but I cannot ping a local server on the 192.168.5.X subnet.
I just try to disable and re enable the LAN NIC withifconfigcommand and everything is back to normal ...
-
OK, so are those two NICs configured any differently in Proxmox?
Do they appear any differently in pfSense?
What is if down what does ifconfig show or the LAN interface? What does proxmox show for the state of the interface?
There must be something different between the two NICs.
Steve
-
@stephenw10 said in Lost LAN connection:
OK, so are those two NICs configured any differently in Proxmox?
no they have the same type of config, Intel E1000
@stephenw10 said in Lost LAN connection:
Do they appear any differently in pfSense?
no, they are seen as 1000baseT <full-duplex> NIC both
@stephenw10 said in Lost LAN connection:
What is if down what does ifconfig show or the LAN interface?
hmmm good point I did not check it when I lost the connection I will try next. but pfsense seems to see the LAN NIC enable (as I can connect to the web GUI using the local IP through VPN)
Hereafter the ifconfig output for WAN and LAN configem0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=2098<VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC> ether b2:ab:9e:15:0c:f7 hwaddr b2:ab:9e:15:0c:f7 inet6 fe80::b0ab:9eff:fe15:cf7%em0 prefixlen 64 scopeid 0x1 inet 10.0.0.2 netmask 0xfffffffc broadcast 10.0.0.3 nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> media: Ethernet autoselect (1000baseT <full-duplex>) status: active em1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC> ether a2:b4:3c:2c:e7:d4 hwaddr a2:b4:3c:2c:e7:d4 inet6 fe80::a0b4:3cff:fe2c:e7d4%em1 prefixlen 64 scopeid 0x2 inet 192.168.5.254 netmask 0xffffff00 broadcast 192.168.5.255 nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> media: Ethernet autoselect (1000baseT <full-duplex>) status: active@stephenw10 said in Lost LAN connection:
What does proxmox show for the state of the interface?
Proxmox show the NIC as enabled but no traffic on the LAN
-
I assume em1 is LAN?
You might try enabling promiscuous mode on em1 as a test. It shouldn't be needed but it is a difference.
You can also try using a VirtIO NIC for LAN.
Steve
-
Hi all
As I lost again twice the connection on the LAN interface I tried this :
https://docs.netgate.com/pfsense/en/latest/hardware/troubleshooting-lost-traffic-or-disappearing-packets.html
I will see if there is any improvement
-
Did you try using VirtIO NICs instead?
-
@stephenw10 yes and it solved my issue ! :) (https://docs.netgate.com/pfsense/en/latest/virtualization/virtio-driver-support.html)
-
Good to hear. Thanks for reporting back.
