Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    VLAN Interfaces not responding to arp who has traffic

    L2/Switching/VLANs
    2
    3
    600
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      aidanlw505
      last edited by aidanlw505

      My org is setting up a 2 node HA/CARP pfsense cluster. Everything is working fine but the VLANs. VLAN interfaces on both nodes always say master. After like a week of troubleshooting I think I've narrowed down the issue but I have no idea how to fix it.

      Using the packet capture on node 2, I ping the VLAN interface IP on node 2 from node and I get nothing. When looking at the packet capture I see that node 2 is getting sent lots of "arp who has 192.168.89.3" but it just doesn't reply.

      I did get it working for a day, just by accidentally messing up the interface configuration to the point where pfsense prompted me to reconfigure it on the next boot. But as soon as I made an interface configuration change that is unrelated, it stopped working. (I was simply adding a VPN interface and it stopped working) Getting it to work again has not been reproducible.

      Some addition information

      Our two nodes are identical Dell R620s with intel x520s. This issue still appears on the rj45 jacks. Our switches are dell switches. I'm fairly confident that there shouldn't be any issues with the switch configuration because this worked with our previous pfsense box plus I got it working for a day. The ports are configured as trunks that allow the right VLANs and such.

      I've at the point quadruple-checked things like interface IPs and VLAN tags. Each VLAN interface on node 1 has 192.168.*.2/24 and every VLAN interface has an IP of 192.168.*.3/24.

      Thanks. Any help or ideas are appreciated.

      1 Reply Last reply Reply Quote 0
      • A
        aidanlw505
        last edited by

        I found that the issue was caused by Suricata running on the parent interface with these specific NICs. So I assume that when it was working Suricata had been stopped and I just didn't notice. My current workaround is just running it on the WAN interface since it doesn't have VLANs. I'll update this post if I figure out a solution to run it on the parent LAN.

        N 1 Reply Last reply Reply Quote 1
        • N
          NRgia @aidanlw505
          last edited by NRgia

          @aidanlw505 said in VLAN Interfaces not responding to arp who has traffic:

          urrent workaround is just running it on the WAN interface since it doesn't have V

          Are you on 22.05?

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.