(RESOLVED) Static WAN Issue, DNS Issue, Connectivity Issue among Subnets
Running 2.4.4 Release
Running on Hyper-V VM with Quad NIC
Using Open DNS to Filter two interfaces-
- 192.168.3.1 My Wifi AP Subnet (my kids get on this one)
- 172.16.5.1 My Customers guest AP (small campground)
I was unable to to get DNS resolver to work even with using forward mode and unchecking DNSSEC. I was able to get it running with DNS Forwarder and it was working great. I have the openDNS servers listed in the DHCP Server for the two interfaces.
Have the general system DNS as 18.104.22.168 and 22.214.171.124. which is for my personal LAN 192.168.10.1 and also the VM host.
I upgraded my internet to 1gb service this week for the business and added a static IP for the WAN connection because I couldn't get the dynamic IP to update within dynamic dns or the get the updater from open dns to work. My service changes IP once a day. It was getting annoying having to manually update it.
The issue tonight is the when the internet company came out today, they ran a new main line and gave me all of the static IP info and off they went. I thought it would be a quick job to update the WAN IP from DHCP to Static but it hasn't been that easy, Well, it was easy but now I'm having issues. After changing the IP to static and setting the gateway the internet only works on one interface at a time and seems to go in & out as it sees fit. It almost seems as if only one AP or host can connect at a time. I'm sure I've just got something mucked up as I'm just learning. I dont understand networking 100% yet. I am not a pfsense expert so I may be leaving out some key info you need to help me but I don't know where to start. If you need more info please just tell me what you need. This is my last hope as the internet company was no help.
If your wan has a static public IP and gateway and it works.. then all your lan side networks would auto nat to this and just work.. Did you mess with outbound nat and change it from automatic?
First, Thank you for replying! I was hoping you would jump in. Ive come a long way reading your posts over the last month. I’ve been at a loss on this one though.
No, I didn’t change anything in nat. . I was about to run a new cat 5 to rule out the new cable they ran. Two different guys put the jacks on so I wanted to rule out a crossover. When nobody replied to my post I made one on spiceworks which had a little more about my network. Ive copied that here. So something Ive done may jump out at you.
I read a post last night sort of related to my issue and there solutions were to set up ip alias, carp or a proxy arp. Would this apply to me?
Long story short I updated pfsense with the static info and set the gateway. The internet seems to go in and out on the host machine and furthermore it seems to do it as soon as another device connects. It instantly terminates the connection on the host device or the ap if the host reconnects. It will continue with this back and fourth all day going in and out.
Static is xx.xxx.xxx.186
Default gateway xx.xxx.xxx.254
They told me it is a 255.255.255.0/24 address
My lan is 192.168.10.1 pfsense lan set to this address
Outside ap is set 172.16.5.2 the interface address is 172.16.5.1. Dhcp is set 172.16.5.3-172.16.5.254.
Inside ap is set to 192.168.3.2 the interface address is 192.168.3.1. Dhcp set 192.168.3.3-192.168.3.254
Then we have one nic port bridged with the lan that goes to out printer and smart tv.
As far as switches go in hyper-v- all are set for spoofing.
1 wan- external points to nic for wan / host shares this connection
1 lan- internal
Campground AP-external points to nic for ap
Our AP-external points to nic for ap
Printer/tv-external points to nic connecting tv printer
Bridge for pfsense for tv/printer to lan - internal
Ip settings for network & sharing center
Vethernet-wan switch- I set the info the internet company gave for static Ip
Vethernet- Default switch-default value
Vethernet- lan 192.168.10.17
So pfsense runs on Hyper-V Have you looked there for your problem?
Do you loose connectivity to Pfsense? Can you ping its lan side IP when internet goes out, can you ping its wan IP - can you ping your isp gateway? what does pfsense monitoring show for your internet connection?
Well, I found a solution to the problem but not being an expert I don't know if it's the right one. It has been running since last night with no issues. I have 5 nic's (quad intel card and onboard realtek) so the intel quad card is completely running the router portion off hyper-v and it doesn't share the wan network connection anymore with the host. Now none of the 4 ports on the quad card share a connection with the host. I ran a cable from one of the ports on the intel card and ran it up to the factory realtek card and now everything is working like a dream. Not sure if I opened a can of worms by doing this config but doing it this way also solved a few other glitches I was having in the system. If this is a bad idea please let me know.
Huh? So you ran a cable from your 2 nics in the same host together?
So the way I read this you have a 4port nic and a realtek nic in the same box... And you took a patch cable an one end is in a 4 port nic port and the other is in the realtek nic?
Yeah that is BORKED!!! Have no idea how your hyper-v is configured or what - but I can promise your 110% whatever you did that fixed whatever your problem is completely and utterly FUBAR!!!
I completely uninstalled pfsense, deleted all switches in hyper-v, reset all network configs in windows. Reinstalled it, only set a wan in hyper-v (external set to share connection) and lan (internal 192.168.1.1) in hyper-v. I set the static info in pfsense for wan and lan and the vethernet wan connection in windows and did nothing else to the system and every time it would lose the connection to the gateway, sometimes 10 min, sometimes 5 min, it would normally be off 2-3 min. I don't know what else I could have done wrong...You said set up minimal config and I did that and it still didnt work.
So I got the idea (remember I'm a NewB) that hyper-v was controlling the quad card so I thought that was just a normal router and ran a patch cable to the onboard nic from the quad port.
Everything is working great so if I did it wrong I really don't know what else to do. Please help me.
Not a fan - don't want to be a fan, don't want to use it.. Have no interest in it when it comes to hyper-v.. Any other virtual software on the planet I have used and have interest in. esxi ran for years and years for example.
But what I can tell you is interconnecting 2 nics on the same host no matter what vm software you have or running or how you have it configured is BORKED!!!
@johnpoz A simple I don't know how to fix it would have sufficed...Thanks for the insults though. I guess you're drunk and I'm the fool... I will look into the esxi. thank you for that tiny bit of help. How are you a mod again? I thought forums were for help, not snide demeaning comments. Way to go netgate!!!!
No insult intended.. Not sure how you could get that from what I posted. I don't use Hyper-V is what I am saying. But I have years and years of experience with almost every other type of hypervisor.. My point was I have no idea how you configured your setup but no matter what hypervisor your suing or how its configured interconnecting interfaces of nics on the same vm host is BORKED..
I would love to be able to say oh you need to do XYZ... But I have no experience with hyper-v, and just don't have the desire to look at it for even 5 minutes to figure out what your doing wrong. If you want to run esxi then I could help you in 30 seconds of looking at your config.
BORKED & FUBAR in caps, in a public venue, and you're a mod. A simple hey man, I'm not familiar hyper-v but your current config is wrong would have worked. I get it, its not right, but yes, no matter how you intended it, I took it as an assault on my intelligence. Just know, I don't pay anyone to do anything for me. If it needs done I get it done but occasionally I have to ask for help.
Now, had you said drop hyper-v and get esxi in the first post I would have done it right away because I respected you from reading other posts from you on issues I was having. Look, I have tough skin but overall I'd say that 70% of post I read on this forum are techs insulting the crap out of people asking for help. Unfortunately there's no other place to get help....
You think connecting interface 1 to interface 2 on the same em host is a valid config? It is FUBAR and Borked plain and simple..
but overall I'd say that 70% of post I read on this forum are techs insulting the crap out of people asking for help..
Utter Nonsense... You joined 26 days ago.. If you find posts offensive Report them!!! I have been here 10+ years.. What you find is the same question over and over and over again from people to lazy to do any research on their own. Getting fed the info on silver spoons.
What you READ into something is not my problem - if you take offense to stating something is F'd UP when it it... That is not someone offending you that is someone stating their freaking opinion on a public forum just like you have the right to do... I take offense at your post to be honest ;)
Here you go complaining about someone saying what you did was BORKED... Vs providing some info to work with.. While I am not a hyper-v guru... I am sure there are others here.. I don't need to be a guru to understand you don't interconnect interfaces on the same vm host together..
Then we have one nic port bridged with the lan that goes to out printer and smart tv.
Your nic is bridged where in hyper-v or pfsense? Why are you bridging interfaces in pfsense? If that is the case..
Do not use your host interfaces as switch ports... If you need switch ports - get a switch.. Is that what your doing? A network drawing would be very helpful.. Some logs? Changing your wan from dhcp to static would have zero to do with your other config.. So clearly something else going on that has nothing to do with that.. But without actual info of what you did impossible to guess - to start with what 2 networks did you connect together with your nics? Remove that - what doesn't work?