Static Arp table entry - No network access on virtual machines



  • Howdy - experiencing an issue where virtual machines cannot access the network - Now I know what you're thinking - but these devices have separate networking devices specifically for the VM clients so the mac address is different as well as the IP.  It had worked previously - not sure where to start looking - the firewall isn't really showing anything about it.

    If I disable the static arp table entry it works immediately.

    Parallels is the application I'm using with OSX on Macs.  It had been working flawlessly for some time.  Not sure if one of their updates killed it or one of pfsense's.

    I was thinking of doing a packet capture - but it's technically not kosher to do that for my client without their approval and I don't want to bother them unless I need to obtain it.

    Any ideas?


  • LAYER 8 Global Moderator

    "If I disable the static arp table entry it works immediately. "

    Really points to you having your entries in your static arp wrong if you ask me..

    So when you turn off static arp.. what does the arp table show for IPs of these VMs and their macs?  So lets see your arp table when everything is working.  and then lets see your static arp entries you created.

    The static arp your talking about this checkbox in dhcp server right.




  • @johnpoz:

    "If I disable the static arp table entry it works immediately. "

    Really points to you having your entries in your static arp wrong if you ask me..

    So when you turn off static arp.. what does the arp table show for IPs of these VMs and their macs?  So lets see your arp table when everything is working.  and then lets see your static arp entries you created.

    The static arp your talking about this checkbox in dhcp server right.

    Right - I mean thats why I like pfsense so much - there's no unnecessary typing involved. 
    It is very possible that parallels decided to use different macs, but the switch has port security so I would think it wouldn't work regardless if that were the case.

    I'll check that out tho and report back.

    Thanks



  • Ok, you were right the problem showed itself in the ARP table.

    This must be a bug with parallels macos compatibility update.

    The software reports a unique mac address but all pfsense is seeing is 2 nics using the hardware mac instead of one hardware mac and one virtualized one.

    If I was using some generic crap router I would have never seen that, lol.


Log in to reply