2nd IP address on WAN keeps dying
-
I'm running 2.4.5. The WAN has two addresses. One is the normal WAN address and the second is setup as a virtual IP.
After a few hours the main IP still works but the second IP address is no longer reachable (I use it to port forward).
If I go into virtual IP setup, and change the /24 to /32 and save it, the 2nd address will become usable again but only for a few hours. Once it becomes inaccessible, I can go back into virtual IP setup, and change the /32 back to /24 and it will start working again. Also, if I reboot pfsense, the 2nd IP will work again.
Any ideas?
Thanks!
-
What kind of vip are you using?
what kind of internet connection is this? Behind another NAT?
I use a IP alias here and have no issues with 2.4.5 snap.
-
- I've set tried setting it as an IP Alias as well as "other"...same results...works a few hours then stops.
- Dunno? Just a standard internet connection?
Thanks!
-
@BrickandBlock said in 2nd IP address on WAN keeps dying:
Dunno? Just a standard internet connection
Hmm- How do you know that you even have an IP to use from these guys? Who is the ISP?
What is the make and model of the modem?
-
- "How do you know that you even have an IP to use from these guys?" = I guess because they (the ISP) told me they assigned it to us?
- The ISP is called "EPB"
- The fiber comes in off the street and terminates inside the panel that the ISP installed in the building. Never really thought of that being a modem per se but I guess some type of device has to communicate with the fiber.
-
Sounds like they are losing ARP for it.
What do they have to say when it stops working?
An IP Alias VIP will respond to ARP requests. An Other type VIP will not. They are two COMPLETELY different types of VIPs. You need to use the one that fits with the type of provisioning the ISP has established for you.
https://docs.netgate.com/pfsense/en/latest/book/firewall/virtual-ip-addresses.html
-
Some of what you said is over my head and I'll have to research.
When I said "not responding" I should have clarified what I meant.
Part of what I use pfsense to do is port forwarding. When I said "stops responding" what I meant was that it will no longer forward IP requests even though the main WAN IP will continue to forward its packets.In the mean time, late last night, after reading all these posts (and tons others) I began to suspect it was something in how the ISP provisioned our IP addresses (my word for it...probably not the real technical term). I got a tech and, at some point, he said "hmm..that's not right.....do you mind if I knock you off line for a bit?" After it came back, up he told me he had to change something.
Prior to today, the 2nd IP address would not work for more than an hour. When I logged in this morning, all seems to be fine!
-
Right. Chances are the ISP was intermittently forwarding the traffic to you so you were therefore intermittently able to forward the traffic inward. Can only work on what you receive. Glad it looks like they found it.
