Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    adding static arp entry fails after upgrade to 23.05.1

    L2/Switching/VLANs
    1
    2
    198
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      danjeman
      last edited by danjeman

      Have a 5G router with static IP for backup WAN interface on a netgate 7100 - 5G router is running in bridge mode which passes through the static public IP and on 23.01 all worked fine with no additional input required. After upgrading to 23.05 the gateway was no longer usable - it is actually a PTP connection but for some reason the router passes a gateway address of the next IP up which has not changed however the pfSense behaviour around this does appear to have done. If I add a static arp entry for the 'gateway' address on 23.05 with the mac address of the 5G router interface then all works again as expected - on 23.01 this arp entry was automatically present. However after upgrading to 23.05.1 it again appears the behaviour around this has changed and along with not being automatically added I can no longer add a static arp entry either to work around the issue. I was using shellcmd to automate adding this as needed which worked well (after filter change). If I try to run the same command now it errors and does not add the arp entry

      command that was working was (with replaced IP's etc) as follows but now with the errors below
      /usr/sbin/arp -S 1.1.5.2 00:11:22:55:77:77
      arp: writing to routing socket: No such file or directory
      arp: cannot intuit interface index and type for 1.1.5.2

      The interface address provided by dhcp is 1.1.5.1 with a dhcp gateway of 1.1.5.2 /31 netmask

      Any idea how I can re-add the required arp entry to 'fix' the gateway...?

      1 Reply Last reply Reply Quote 0
      • D
        danjeman
        last edited by

        ok, so spotted the issue... the 5G router is setting the netmask to /31 and then providing a gateway in the next /31 so obviously that won't work (I'm assuming here it is the router and not actually the ISP APN). Seems pfSense has actually fixed some issues in the last two versions to correct that behaviour as the IP assignment has been the same throughout. The 5G router has 2 options for the interface subnet selection in passthrough/bridge mode - PTP (/31) which I imagine would work if the IP and gateway were on appropriate subnet boundaries or auto which in my case uses /30 so that now works. Oddly though I now don't receive the public static IP via dhcp if I also have an alias IP in the dhcp interface config on pfSense (can add an IP alias instead - need this to be able to actually connect to the 5G router locally if required on it's rfc1918 address) but removing that then all works again. Will keep investigating

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.