SG-1100 ISP connection with PPPoE only active when running tcpdump



  • Hi,

    I have recently gotten my SG-1100 and am in the process of configuring it, but am running in the issue that i am only getting my ISP connection to work when i am running a tcpdump on the interface.

    My ISP is uses a vlan 6 to route for internet access with a PPPoE session.

    In the switch config i have added a new entry for VLAN tag 6 with member 0t,3t. On top of that i have create a new interface with IPv4 config PPPoE and set the MTU to 1492 to leave space for the 8 bit PPPoE header.

    mvneta0.6: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
    options=3<RXCSUM,TXCSUM>
    ether 74:a7:8e:dd:1f:bc
    inet6 fe80::f2ad:4eff:fe0c:46d8%mvneta0.6 prefixlen 64 scopeid 0xd
    groups: vlan
    vlan: 6 vlanpcp: 0 parent interface: mvneta0
    media: Ethernet 1000baseT <full-duplex>
    status: active
    nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>

    When tcpdump is not running
    pppoe0: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> metric 0 mtu 1500
    nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>

    ppp.log while not running tcpdump
    Nov 7 18:41:42 ppp [opt2_link0] Link: reconnection attempt 1
    Nov 7 18:41:42 ppp [opt2_link0] PPPoE: Connecting to ''
    Nov 7 18:41:51 ppp [opt2_link0] PPPoE connection timeout after 9 seconds
    Nov 7 18:41:51 ppp [opt2_link0] Link: DOWN event
    Nov 7 18:41:51 ppp [opt2_link0] LCP: Down event
    Nov 7 18:41:51 ppp [opt2_link0] Link: reconnection attempt 2 in 4 seconds
    Nov 7 18:41:55 ppp [opt2_link0] Link: reconnection attempt 2
    Nov 7 18:41:55 ppp [opt2_link0] PPPoE: Connecting to ''

    While running tcpdump(masked my ip)
    pppoe0: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> metric 0 mtu 1492
    inet6 xxxx::xxxx:xxxx:xxxx:xxxx%pppoe0 prefixlen 64 scopeid 0xe
    inet xx.xxx.xxx.xx --> xxx.xxx.xxx.xxx netmask 0xffffffff
    nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>

    Any help is much appreciated!


  • Netgate Administrator

    Are you setting the interface in promiscuous mode when you run the pcap?

    Try running ifconfig in both situations, what changes?

    Steve



  • Hi Steve,

    I ran ifconfig in both situations and you are right when tcpdump is running the network card is set to promiscuous mode.

    diff working.txt not_working.txt
    1c1
    < mvneta0: flags=8b43<UP,BROADCAST,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST> metric 0 mtu 1500
    ---
    > mvneta0: flags=8a43<UP,BROADCAST,RUNNING,ALLMULTI,SIMPLEX,MULTICAST> metric 0 mtu 1500
    54c54
    < mvneta0.6: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
    ---
    > mvneta0.6: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
    

    Do you have a suggestion to change my config so that it would start working?

    Regards,
    Robbert



  • I have now enabled promiscuous mode on the interface based on this document. https://docs.netgate.com/pfsense/en/latest/interfaces/interface-settings.html

    Are there any negative consequences from this?


  • Netgate Administrator

    Probably not but it shouldn't normally be required.

    Running in promiscuous mode allows the interface to see packets all packets on the link rather then just those addressed to it's MAC or broadcast to all. It implies you have some sort of MAC issue. Hard to imagine what that might be though.

    The SG-1100 only has one MAC as it has one NIC internally with VLANs on that. Possibly your ISP sees that MAC as the internal IP, it that still set on the port?

    Steve



  • I did enable MAC spoofing to match the MAC of the modem that my ISP provides, as per the documentation this might be the case for some chipsets. Would that be the case for the chipset in the SG-1100 as well?

    Robbert


  • Netgate Administrator

    Hmm, interesting. I assume you mean ISP router? The modem is still there connected to the SG-1100 WAN?

    With VLANs the interface inherits the parent interfaces MAC so all three ports appears to share the same MAC.
    Does the ifconfig output appear to show the spoofed MAC on the WAN correctly?

    If not you might have to assign and enable mvneta0, but not give it an IP, and spoof the MAC there instead.

    Steve



  • Yeah indeed i mean the MAC from my ISP router that i have spoofed on the WAN interface.

    The spoofed MAC is shown as the correctly in the output of ifconfig. The others interfaces indeed all share the same MAC address. How would i enable the main interface in the GUI? Or would it be best to spoof it from the command line?


  • Netgate Administrator

    If the VLAN looks to have the correct MAC it's probably OK but...

    In Interfaces > Assign add mvneta0 as a new interface. It will be OPT2 unless you've already added something else.

    Go to Interfaces > OPT2 and enable the interface. You can rename it and spoof the MAC there. Leave IPv4 and v6 config types as none. Save and apply.

    You only need to do that so the interfaces is available to spoof the MAC. The interface itself is not used for any other purpose.

    Steve


Log in to reply