Pfsense stops. Please help.
-
It has been 2 days that pfsense doesn't stop. But I want to understand why I see these errors in system logs.
-
So you're seeing that for all the static ARP entries then?
Do you actually see them in the ARP table?
Steve
-
Yes, I see all the static arp entries and they are also located in the arp table. I changed all RAMs with new ones. Network cards are new.
I am attaching logs in .txt file.
0_1541015861024_logs.txt -
Hmm, odd. Do you need those to be static ARP entries?
Did you find any logging in the bios or iLO indicating what the hardware issue was?
Steve
-
@stephenw10 said in Pfsense stops. Please help.:
Hmm, odd. Do you need those to be static ARP entries?
Did you find any logging in the bios or iLO indicating what the hardware issue was?
Steve
Bumping this as I am experiencing the same issue as discussed although my pfsense box seems to be operating normally.
Here is a copy of my syslog.
I have created a thread on the pfSense subreddit as well. That thread is located here.
-
Usually that means it can't add entries for those IPs as it doesn't have an interface in that subnet. What interfaces/IPs do you have?
What are those IPs though? They all have the same, obviously spoofed, MAC.
Steve
-
@stephenw10 should have mentioned that the logs were scrubbed. The MAC addresses are all unique and valid.
I have a two port chelsio t520 with both ports bonded in a LAGG interface. I am using that LAGG as the parent for all of the VLANs. The IP addresses are static DHCP/ARP reservations created for each of the subsequent virtual interfaces.
-
But what subnets are they using?
-
@stephenw10 ah, apologies. The VLANS are all /24
In the interface settings I have given them each a static IP of 10.0.XX.1/24
-
Ok so are those VLANs all up and valid when you are seeing those errors? As I said that usually indicates it's trying to create an ARP entry for an IP outside any valid subnet on the firewall.
Steve
-
@stephenw10 yeah, that's why it's so strange, they are all within the /24 subnet. These log entries appear on boot in the general logs tab.
-
The log shows only that the lagg is down:
Sep 26 10:08:38 pfSense kernel: lagg0: link state changed to DOWNI assume all the VLANs are on that lagg so will also be down.
Steve
-
@stephenw10 yes, I thought of that as well. I have the switch ports turned off while I configure the firewall so nothing is actually connected to the pfsense box at the moment. I'm accessing the GUI via the LAN interface.
I turned the switch ports on and reboot the box but I'm still getting the same errors. Would it matter if the interfaces were created when the LAGG was down?
-
Not creating the interfaces but adding static ARP entries might. Not sure I've ever tried.
Do you actually need static ARP entries there?
-
@stephenw10 probably not, it's a matter of habit. I'll probably disable ARP altogether and see what happens.
