Weird PING Response

hsiang

This is what i notice at my slave pfsense

ping 192.168.0.229

PING 192.168.0.229 (192.168.0.229): 56 data bytes
ping: sendto: Operation not permitted
ping: sendto: Operation not permitted
ping: sendto: Operation not permitted
64 bytes from 192.168.0.229: icmp_seq=3 ttl=64 time=0.856 ms
64 bytes from 192.168.0.229: icmp_seq=4 ttl=64 time=0.291 ms
64 bytes from 192.168.0.229: icmp_seq=5 ttl=64 time=0.179 ms
64 bytes from 192.168.0.229: icmp_seq=6 ttl=64 time=0.351 ms
64 bytes from 192.168.0.229: icmp_seq=7 ttl=64 time=0.239 ms
64 bytes from 192.168.0.229: icmp_seq=8 ttl=64 time=0.253 ms
64 bytes from 192.168.0.229: icmp_seq=9 ttl=64 time=0.282 ms

It shows operation not permitted and suddenly i got response from ping. At the master pfsense there is always response from ping.

From my understanding Operation not permitted is due to firewall rules… any idea as the rules is transfered from master anyway and ICMP is permitted.

hsiang

I had change all my connection to a new switch and reinstall PFsense.

However, for the secondary pfsense, everytime after restart it working fine where able to ping continuously to other hosts.

however when i come in the second day.. it show the ping response as "operation not permitted" again. everything will work well after reboot…

i try to find the log what happened to the system, hardware...network device... etc... but i dun see any abnormal log in /var/log/system.log....

1. am i refering to the correct log file?? is there other log file available??
2. in the web gui, under log setting i only configure remote syslog server to take firewall log only.. i suppose all other logs are still in servers.

hsiang

Any idea what happened??

I am running on 2 PFsense. One as Master and the other as secondary. Recently the master server will hang and unable to route to the DMZ section. When it hang the secondary server will not kick in either.

Wondering is it because of Ping response that cause the secondary server does not kick in.

Question

1. In normal condition, I should able to ping both IP address of the master and secondary server right? For my case i can't ping the secondary server unless i restart it

2. the firewall seems not functioning, what i need to monitor in the log or the server performance???

yoda715

Try updating to the latest snapshot at http://snapshots.pfsense.com/FreeBSD6/RELENG_1/updates/

hsiang

yup i just update the pfsense to latest snapshot. will monitor it. by the way.. for the secondary pfsense the state table keep increasing. isn't that all the traffic should pass throught master server rather than secondary??

hoba

If you enabled syncing it will sync states too. Otherwise all cennections would be dropped on failover and would need to be reestablished.

hsiang

Oh got it. thanks.

But i still unable to ping the secondary pfsense LAN IP address althought is the latest snapshot - 02-21-2007. will able to ping only after i reboot the secondary pfsense again