5. Sometimes right after update only IPv6 connection works, IPv4 broken.

Sometimes right after update only IPv6 connection works, IPv4 broken.


  • I have WAN PPPoE and sometimes on first boot after update, I use GUI update, I have some strange pfSense behavior — pfSense and any PC on LAN can connect and ping any IPv6 site but not the IPv4. There is nothing unusual in LOGS or connection status, route table, gateways looks "as usual".
    Every time this problem can be fixed by reboot or PPPoE re-connection.
    BTW. I remember that before enabling IPv6 I have had some similar connection problem, so it not related to IPV6 I think. This time I've successfully pinged default IPv4 gateway, but any other is not resolved or if I ping IP directly not answered.
    Also I've tried to reboot or reconnect the PPPoE several (10+) times and this have been never happened, looks like it needs update to replicate.

    Since I am not sure that problem is related to pfSense only, how can I check if there is something else wrong? What else I can do when this happens again next time to analyze this?

    0

  • I've did some tests and it looks like my first conclusion about update is wrong, I've replicated this behavior just from clean boot. So... will do more tests.

    0

  • So far, I've disabled IPv6 again and now I see some other strange behavior of pfSense or I just don't missing something.
    During test I run ping from windows machine and from android. Both are pinging the same site on the Internet, www.google.com. If I reboot firewall or re-connect PPPoE windows machine get "Request timed out." and android continues to get normal ICMP answer. I have did packet capture on WAN and found that I see LAN address of windows machine as a source of ICMP request, but not from Android. If I unplug windows machine from network or disable windows adapter in device manager or do ipconfig release/renew, than ICMP works and I don't see LAN address of windows machine when capturing on WAN. What's wrong with it?
    BTW, I can open www.google.com in browser in both cases, also when ICMP fails.

    0

  • UPDATE: I've replicated both of the problems on different hardware.
    The original have ix (DELL X550-T) on WAN and igb (some 210 or similar) on LAN. CPU and board are 1151 socket i7
    The other hardware is igb only based network (2 ports) and J1900 Celeron SoC board.
    I do see LAN address of windows machine that ping google.com when capturing on WAN on both test machines and yes it get never answered because of wrong source IP.
    Do we have some NAT problems? I did not played with it, everything on stock except some port forwarding (FTP and some else, but not ICMP)

    0

  • It mostly looks like ISP problem, so currently I contacted them and support confirmed that network may be unstable because they are upgrading some part of it. Ok let's wait then. ☺

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy