Router Unable to Connect to Certain Sites
-
I have recently set up a simple router configuration using PfSense 1.2.2 (and 1.2.3RC1). The WAN device is a 100mbps VDSL modem with a static IP, and the LAN is a 1gbps switch with several machines including a web server. The router itself is a Dell PowerEdge 750 with 4GB RAM and 2 1gbps NICs.
The PfSense configuration is simply port 80 web traffic being forwarded to the web server. Everything else is standard.
Port 80 traffic coming in was disappearing somewhere (tested from a faraway place) after being pointed at the web server until I experimented and set the following option:
Clear DF bit instead of dropping: ON
After this it worked normally again. Other settings made no difference.
However, outgoing traffic to certain sites/IPs (I cannot establish any connection between them) on any port and any computer (Vista, MacOS X, and Ubuntu Server) times out – traceroutes reveal the packets timing out on remote hops somewhere near the end of these routes. This is unaffected by the DF bit setting or any other options that I can control.
It appears to be the same whether using additional packages and traffic shaping or not.
I know this is not a connection related issue as I never had such problems with the previous router, a simple consumer device. Switching the old device in as a switch also yields exactly the same problem as with the new 1gbps switch, meaning the problem must be related to PfSense.
I have read around the forum here, and first tried adjusting MTU settings, but numbers from 1000 to 1500 yielded no change. I also double checked the switch as above.
Is there any indication as to what may be causing this, and the fix? It appears to be a bug or misconfiguration of PfSense, but I lack the expertise to be sure of any details.