Strange behavior on LAN

DraNick

Hello,

I have the LAN NIC (192.xx.xx.xx) connected to a switch for multiple devices connections.

If I connect a computer to the LAN NIC directly I can ping the router's LAN IP but as soon as I connect the router LAN to the switch I lose connectivity to the router (can't ping the router's LAN IP anymore).

In short, with a direct connection to the pfSense's LAN NIC I can ping it; if I try to connect to it via a switch it doesn't work anymore.

If I leave a ping from a PC connected to the switch, unplug the network cable from the pfSense's LAN NIC and plug it back in the PC starts to ping.

I should mention that if I connect a different router (different manufacturer) to the same switch everything works.

Please help.

Thank you.

heper

an ip-conflict comes to mind ( multiple devices with the same ip-address )

unplugging/plugging the lan cable might trigger an update/overwrite of the clients arp table

johnpoz

@dranick said in Strange behavior on LAN:

I have the LAN NIC (192.xx.xx.xx)

Why are you hiding rfc1918 space?

Concur its prob some sort of IP/ARP conflict.. Where your other router is using a different IP than pfsense.

Why don't you unplug everything else from the switch and just have your PC and Pfsense connected to the switch.. What are their IPs? Lets say 192.168.0.1 for pfsense and 192.168.0.2 for the PC... Can the PC then ping pfsense - what is in the arp table for the PC and Pfsense should show these 2 IPs with the correct mac address.

heper

@johnpoz said in Strange behavior on LAN:

Why don't you unplug everything else from the switch and just have your PC and Pfsense connected to the switch.. What are their IPs? Lets say 192.168.0.1 for pfsense and 192.168.0.2 for the PC... Can the PC then ping pfsense - what is in the arp table for the PC and Pfsense should show these 2 IPs with the correct mac address.

the switch itself could also hold an ip .... some brands give their switches a default 192.168.1.1 .....

johnpoz

Yup very true - but I assumed maybe wrong that someone that could not troubleshoot such a basic issue is not using a smart switch just some dumb switch ;)

But you are correct it could be a switch IP conflict with pfsense..

DraNick

The network configuration is as follows (for clarification):

main router: 192.168.1.1/24
pfSense WAN: 192.168.1.11/24
pfSense LAN: 192.168.10.1/24
pfSense DHCP: 192.168.10.150 - 192.168.10.254
PC static DHCP on pfSense: 192.168.10.4
If I directly connect the PC to pfSense it gets the correct IP and can ping 192.168.10.1.
If I connect pfSense to the office network (thus going through the switches and patch panel) and the PC to one of the network outlets I cannot ping 192.168.10.1 anymore unless I leave the ping running on the PC, disconnect the pfSense cable and reconnect it (the network outlet works ok as I can ping other machines on the network with a different router connected on the network).

I should also specify my pfSense model: Super Micro XG-1537

I have unplugged all switches except one and made sure the only network connected PC is the one I'm using for testing, to no avail.

Thank you.

johnpoz

As already stated check your machines arp table.. Check you switches arp table.. If you have a conflict its possible the arp table on the switch has it on a different port, etc. etc..

Change pfsense IP to something you are sure is not used on this 192.168.10 network..

Do a simple sniff on pfsense - if pfsense does not see the ping it sure can not answer said ping.. Maybe it is and its getting lost in your switching environment

Derelict

What kind of switch? Managed or unmanaged? New or old?

DraNick

Coming back with an update, one of the network switches was a managed switch (Zyxel GS1900) which failed to update the arp table (this is what happens when you let the cable guys add managed hardware when unmanaged was requested).

I've force-cleared the MAC and arp tables and the network lit up like a Christmas tree (as Christmas is close anyway).

Thank you guys for getting involved and for your time!

All the best!

johnpoz

@dranick said in Strange behavior on LAN:

unmanaged was requested

Why would you ever request that?? And pretty much any managed switch I have ever seen comes out of the box dumb.. With everything in vlan 1... Only thing that might be a problem is the default IP of the switch - but most of then not they will auto grab an IP off dhcp if running, etc..

You should never request a unmanaged switch...