5. Interface IP not able to ping router, Virtual IP able

Interface IP not able to ping router, Virtual IP able

  • D

    Hi,

    I have a nice problem ;-).  I have a dual pfSense 2.0 beta 4 setup using CARP and 3 virtual IP.  On the virtual IP used to exit to WWW, I'm not able to ping the routeur with the IF IP but I'm able to ping it with the virtual IP.  The result is that the gateway (in Status/Gateway) is showed as "Offline" and my DNS resolution is KO.

    If my routeur as address 192.168.0.1, my pfSense asa address 192.168.0.2 (physical) and 192.168.0.3 (virtual) I get:
    ping -S 192.168.0.2 192.168.0.1 not working
    ping -S 192.168.0.3 192.168.0.1 working nice :-D.

    I have disabled firewalling and nat, no change. 
    Any idea?

    If I proceed with tcpdump on the interface, ping -S 192.168.0.2 doesn't appears on the tcpdump.

    Thanks for help!

    0
  • D

    Any idea?

    @ddurvaux:

    Hi,

    I have a nice problem ;-).  I have a dual pfSense 2.0 beta 4 setup using CARP and 3 virtual IP.  On the virtual IP used to exit to WWW, I'm not able to ping the routeur with the IF IP but I'm able to ping it with the virtual IP.  The result is that the gateway (in Status/Gateway) is showed as "Offline" and my DNS resolution is KO.

    If my routeur as address 192.168.0.1, my pfSense asa address 192.168.0.2 (physical) and 192.168.0.3 (virtual) I get:
    ping -S 192.168.0.2 192.168.0.1 not working
    ping -S 192.168.0.3 192.168.0.1 working nice :-D.

    I have disabled firewalling and nat, no change. 
    Any idea?

    If I proceed with tcpdump on the interface, ping -S 192.168.0.2 doesn't appears on the tcpdump.

    Thanks for help!

    0
  • Rebel Alliance Developer Netgate

    Use a monitor IP farther out than your Gateway.

    For example, my Cable ISP frequently loses upstream connectivity, but my modem connects fine to things in their network. If I use a monitor IP anywhere on their network, most of the time they would be unusable, it would still show as up. So if I instead use an IP on the Internet (e.g. 8.8.8.8 / 8.8.4.4 – Google public DNS) their outages are detected more reliably.

    0
  • D

    It's unfortunately not the problem.  I have two pfSense.  One has no problem (Intel CPU), the other one has the problem (AMD CPU).
    I'm also working for the ISP where I'm putting in place these pfSense.  It's a setup to filter trafic for WWW to grid computing infrastructure.  So we were testing a setup with big servers and nice hardware.  Network connectivity is not an issue.  It really look like a bug somewhere or a bad rules.  The ping suceeded to other IP and after the gateway is again available :'(.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy