Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    ping problem with pfsense, need to reboot each time a NIC restarts

    Scheduled Pinned Locked Moved
    General pfSense Questions
    problem ping vmware pfsense 2.6.0 linux
    3
    13
    1.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      imomushi @stephenw10
      last edited by

      @stephenw10

      8f38f2d6-8372-495a-ba41-98f85ddbf753-image.png

      on my debian host, nothing happens and if I cancel the ping it displays the nuber of failed requests (pfsens cant ping at this point as well)

      then I reboot my pfsense host
      16cbd14d-5f07-44c5-b097-0eb7dead9b38-image.png

      8baf55d8-a4d9-4a15-8aa2-2040058b3cc7-image.png
      and now the ping works from both sides

      dfa7d622-b5f2-403f-b744-984042f63efa-image.png

      Problem seems to be, if a host network card is powered AFTER pfsense, a ping won't work

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        So by 'rebooting the NIC' you mean just rebooting the host?

        Is the NIC passed through to the pfSense VM?

        Check the ARP and route tables.

        I 1 Reply Last reply Reply Quote 1
        • I
          imomushi @stephenw10
          last edited by

          @stephenw10

          ARP table :

          9eb24262-8694-4159-a888-5e6d71182a8f-image.png

          the mac address for 192.10.0.6 is correct, but the ping stops working if I restart debian host
          4833685a-a573-4a76-9a21-b2fc4e26c4d3-image.png

          here is route table
          e995c834-711e-4f99-a5f3-9ea305527911-image.png

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            The Debian test client is another VM in VMWare?

            When it fails is it still current in the pfSense ARP table?
            Is the pfSense LAN address in Debia's ARP table?

            Run a packet capture on LAN when you are trying to ping from Debian. Do you see the packets arriving?

            I 2 Replies Last reply Reply Quote 1
            • I
              imomushi @stephenw10
              last edited by

              @stephenw10 said in ping problem with pfsense, need to reboot each time a NIC restarts:

              re on LAN when you are trying to ping from Debian. Do you see the packets a

              ok so I capture packets when it's working and I get something in the capture as you can see in the screenshot just below

              0c52f58d-65b2-4fa3-a61b-17d1828b8362-image.png

              Then I used ifdown/ifup command on my debian VM..
              with ICMP only I get nothing

              67d6b612-b87e-44e4-9a13-dc7f359dbbbf-image.png

              I do get the ping request coming from pfsense but no response from the debian. for this capture I selected all packets related to the debian host, 192.10.0.15

              e9e2f6c3-3bf5-48f0-8516-149d6b9034eb-image.png

              1 Reply Last reply Reply Quote 0
              • I
                imomushi @stephenw10
                last edited by

                @stephenw10

                ok the problem has been spotted. When I reboot a VM, the MAC address of pfsense changes (same wrong value for both VMs)

                aaaaa553-77f4-43bc-86cd-f3e888c03f5b-image.png

                718ec345-12b2-4927-ac46-8cc3aef519ac-image.png

                1 Reply Last reply Reply Quote 0
                • stephenw10S
                  stephenw10 Netgate Administrator
                  last edited by

                  Ok, that's why I said to check the ARP tables.

                  What is that bad MAC? Some other device using the pfSense IP address?

                  I would expect to see warnings in the pfSense system log if there was an IP conflict. Unless it never sees the ARP responses for some reason.

                  I 1 Reply Last reply Reply Quote 1
                  • I
                    imomushi @stephenw10
                    last edited by

                    @stephenw10
                    I checked my arp table on physical host and pfsense, but the bad mac address doesnt exist.

                    Im trying to get rid of arp cache on my vm hosts using arp -d [destination IP] but it comes back again

                    1 Reply Last reply Reply Quote 0
                    • stephenw10S
                      stephenw10 Netgate Administrator
                      last edited by

                      It's also a VMWare MAC address. Is it setup to offer DHCP itself?

                      I 1 Reply Last reply Reply Quote 1
                      • I
                        imomushi @stephenw10
                        last edited by

                        @stephenw10

                        Yes it is. And I disabled vmware virtual network local dhcp

                        ANd it works. Thank you for your patience ! You really helped me out on this, have a nice day/night

                        c3e53068-4ad2-4014-9e91-1c1ec4ab18d3-image.png

                        1 Reply Last reply Reply Quote 1
                        • First post
                          Last post