Pfsense stops. Please help.
-
Usually that means it can't add entries for those IPs as it doesn't have an interface in that subnet. What interfaces/IPs do you have?
What are those IPs though? They all have the same, obviously spoofed, MAC.
Steve
-
@stephenw10 should have mentioned that the logs were scrubbed. The MAC addresses are all unique and valid.
I have a two port chelsio t520 with both ports bonded in a LAGG interface. I am using that LAGG as the parent for all of the VLANs. The IP addresses are static DHCP/ARP reservations created for each of the subsequent virtual interfaces.
-
But what subnets are they using?
-
@stephenw10 ah, apologies. The VLANS are all /24
In the interface settings I have given them each a static IP of 10.0.XX.1/24
-
Ok so are those VLANs all up and valid when you are seeing those errors? As I said that usually indicates it's trying to create an ARP entry for an IP outside any valid subnet on the firewall.
Steve
-
@stephenw10 yeah, that's why it's so strange, they are all within the /24 subnet. These log entries appear on boot in the general logs tab.
-
The log shows only that the lagg is down:
Sep 26 10:08:38 pfSense kernel: lagg0: link state changed to DOWNI assume all the VLANs are on that lagg so will also be down.
Steve
-
@stephenw10 yes, I thought of that as well. I have the switch ports turned off while I configure the firewall so nothing is actually connected to the pfsense box at the moment. I'm accessing the GUI via the LAN interface.
I turned the switch ports on and reboot the box but I'm still getting the same errors. Would it matter if the interfaces were created when the LAGG was down?
-
Not creating the interfaces but adding static ARP entries might. Not sure I've ever tried.
Do you actually need static ARP entries there?
-
@stephenw10 probably not, it's a matter of habit. I'll probably disable ARP altogether and see what happens.
