No route to internet



  • Hi.
    I'm trying the new PfSense 2.0 RC1 updated.

    My configuration is:

    • Modem ADSL who gets different public ip from ISP every time it
      connects (its LAN ip is 192.168.1.1);
    • PfSense with LAN and WAN;
    • PfSense WAN interface configured in DHCP so that it takes ISP ip from the modem;
    • PfSense LAN interface configured with static ip 192.168.0.253/24

    The problem is that PfSense ha no route to internet although when it boots up console shows tha WAN ip address provided by the modem (ex. 82.53.4.204).
    This is my PfSense console:

    _*** Welcome to pfSense 2.0-RC1-pfSense (i386) on pfsense ***

    WAN (wan)              -> em1        -> 82.53.4.204 (DHCP)
      LAN (lan)                -> em0        -> 192.168.0.253

    1. Logout (SSH only)                  8) Shell
    2. Assign Interfaces                  9) pfTop
    3. Set interface(s) IP address      10) Filter Logs
    4. Reset webConfigurator password    11) Restart webConfigurator
    5. Reset to factory defaults        12) pfSense Developer Shell
    6. Reboot system                    13) Upgrade from console
    7. Halt system                      14) Disable Secure Shell (sshd)
    8. Ping host

    Enter an option:_

    This is my netstat -rn output:

    _[2.0-RC1][admin@pfsense.localdomain]/root(1): netstat -rn
    Routing tables

    Internet:
    Destination        Gateway                  Flags    Refs      Use  Netif  Expire
    82.53.4.204        link#2                    UHS        0        0    lo0      =>
    82.53.4.204/32  link#2                      U          0        0    em1
    85.37.17.57        00:0e:0c:dc:c7:d7  UHS        0        2    em1
    127.0.0.1            link#5                    UH          0      131    lo0
    192.168.0.0/24  link#1                      U          0      384    em0
    192.168.0.253    link#1                    UHS        0        0    lo0_

    From a putty console I tried to ping any outside web site
    or ip but I get "no route to host" message.
    I also tried to ip the modem lan ip 192.168.1.1 but I also het a "no toute to host" error message.

    Then a tried to add manually a route to the ip provided by my ISP by the command "route add default 82.53.4.204" et voilà, I get internet access and now I can also ping the modem lan ip 192.168.1.1 but I cannot set it as a default gateway. Typing the command "route add default 192.168.1.1" I get:

    [2.0-RC1][admin@pfsense.localdomain]/root(34): route add default 192.168.1.1
    route: writing to routing socket: Network is unreachable
    add net default: gateway 192.168.1.1: Network is unreachable

    My netstat -rn output now is:

    _[2.0-RC1][admin@pfsense.localdomain]/root(35): netstat -rn
    Routing tables

    Internet:
    Destination        Gateway                Flags      Refs      Use    Netif  Expire
    default            82.53.4.204                US          0      382      em1
    82.53.4.204        link#2                  UHS        0        0        lo0      =>
    82.53.4.204/32    link#2                    U            0        0        em1
    85.37.17.57      00:0e:0c:dc:c7:d7  UHS        0        4        em1
    127.0.0.1            link#5                    UH          0      131        lo0
    192.168.0.0/24  link#1                      U          0    5934      em0
    192.168.0.253    link#1                  UHS        0        0          lo0_

    I have to manually had the dafault gateway everytime I turn on the modem (and my ISP provides a different public ip).

    I had no problem with PfSense 1.2.3 which I've been using for several months with the same modem and hardware.

    Can you help me solve the problem?

    Thanks a lot, Michele.



  • Can you show the system logs and a copy of your config?



  • This seems similar to the issue I was having with an ADSL connection, though I haven't had a chance to verify this is still an issue for me in a recent build:

    http://forum.pfsense.org/index.php/topic,31753.0.html

    Paul



  • @ermal:

    Can you show the system logs and a copy of your config?

    Sorry for the late.
    Here's the system log at startup:

    Apr 2 23:39:20 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:39:19 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:39:18 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:39:17 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:39:16 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:39:16 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:39:15 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:39:15 check_reload_status: reloading filter
    Apr 2 23:39:14 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:39:13 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:39:12 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:39:11 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:39:10 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:39:09 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:39:09 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:39:08 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:39:07 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:39:06 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:39:05 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:39:05 apinger: ALARM: WAN(192.168.1.1) *** down ***
    Apr 2 23:39:04 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:39:04 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:39:03 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:39:02 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:39:01 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:39:01 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:39:00 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:38:59 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:38:58 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:38:57 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:38:56 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:38:56 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:38:55 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:38:55 apinger: Starting Alarm Pinger, apinger(10909)
    Apr 2 23:38:55 check_reload_status: reloading filter
    Apr 2 23:38:54 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:38:54 apinger: Exiting on signal 15.
    Apr 2 23:38:54 php: : The command '/sbin/route add -inet default '192.168.1.1'' returned exit code '1', the output was 'route: writing to routing socket: Network is unreachable add net default: gateway 192.168.1.1: Network is unreachable'
    Apr 2 23:38:54 php: : ROUTING: add default route to 192.168.1.1
    Apr 2 23:38:53 kernel: arpresolve: can't allocate llinfo for 192.168.1.1
    Apr 2 23:38:53 php: : rc.newwanip: on (IP address: 87.7.70.58) (interface: wan) (real interface: em1).
    Apr 2 23:38:53 php: : rc.newwanip: Informational is starting em1.
    Apr 2 23:38:52 check_reload_status: rc.newwanip starting em1
    Apr 2 23:38:52 dhclient: Creating resolv.conf
    Apr 2 23:38:52 dhclient: /sbin/route add default 192.168.1.1
    Apr 2 23:38:52 dhclient: Adding new routes to interface: em1
    Apr 2 23:38:52 dhclient: New Routers (em1): 192.168.1.1
    Apr 2 23:38:52 dhclient: New Broadcast Address (em1): 87.7.70.58
    Apr 2 23:38:52 dhclient: New Subnet Mask (em1): 255.255.255.255
    Apr 2 23:38:52 kernel: arpresolve: can't allocate llinfo for 192.168.1.1

    What do you mean for "a copy of my config"?
    Here's my network config:

    WAN interface (em1)
    Status up
    DHCP up  
    MAC address 00:0e:0c:dc:c7:d7
    IP address 87.7.70.58  
    Subnet mask 255.255.255.255
    Gateway 192.168.1.1
    ISP DNS servers 85.37.17.57
    Media 100baseTX <full-duplex>In/out packets 7/7 (4 KB/32 KB)
    In/out packets (pass) 7/374 (4 KB/32 KB)
    In/out packets (block) 0/0 (0 bytes/0 bytes)
    In/out errors 0/0
    Collisions 0

    LAN interface (em0)
    Status up
    MAC address 00:1b:21:23:b9:2d
    IP address 192.168.0.253  
    Subnet mask 255.255.255.0
    Media 1000baseT <full-duplex>In/out packets 2041/2035 (146 KB/702 KB)
    In/out packets (pass) 2035/2190 (145 KB/702 KB)
    In/out packets (block) 6/0 (1 KB/0 bytes)
    In/out errors 0/0
    Collisions 0

    What else I can post?

    OTHER INFORMATION:
    At PfSense startup I ca'nt ping modem ip 192.168.1.1 (no route to host).
    After I added default route (ex. route add default 87.7.70.58) I can ping modem ip 192.168.1.1.

    Any clue to solve this problem?

    Thanks a lot.

    Michele.</full-duplex></full-duplex>



  • Why you have a default gateway of 192.168.1.1 added by dhcp?
    For what is worth you can add a gateway under system routing with the ip you use from command but still needs to be clear the setup you are trying to do!



  • @ermal:

    Why you have a default gateway of 192.168.1.1 added by dhcp?
    For what is worth you can add a gateway under system routing with the ip you use from command but still needs to be clear the setup you are trying to do!

    The setup I hoped it was clearly explained in my first post.
    It's the same setup I used for months with PfSense 1.2.3 and it worked like a charm.
    Anyway I'll try to explain in a better way:
    my modem whose lan ip is 192.168.1.1 has its ethernet port connected to the PfSense Wan. The modem connect to internet and my ISP gives it a public ip address via their dhcp server. PfSense catches that ip and configure its Wan (I can see that on console) but it does not set any route to internet. It should use modem ip 192.168.1.1 as a gateway and then give clients access to internet. That's how PfSense 1.2.3 works and also other distro like IpCop for example.

    Strangely PfSense 2.0 Rc1 can't use my modem ip 192.168.1.1 as a default gateway, that's the problem.

    I really don't think it's such a bizzare configuration, but for some reason this new PfSense release doesn't work. Maybe it's a bug, maybe I don't know and that's why I wrote in this forum.

    I really hope someone can help me find out where the problem is and how to solve it.

    Besta regards, Michele.



  • I installed version 1.2.3 just to verify that everything was right: with the same config, same modem, same hardware PfSense 1.2.3 routes correctly and all my clients can surf the internet without any problem.
    Here config of version 1.2.3:

    Status: Interfaces
    WAN interface (em1)
    Status up
    DHCP up 
    MAC address 00:0e:0c:dc:c7:d7
    IP address 87.7.62.200 
    Subnet mask 255.255.255.255
    Gateway link#2
    ISP DNS servers 85.37.17.57
    Media 100baseTX <full-duplex>In/out packets 1846/1809 (932 KB/247 KB)
    In/out errors 0/0
    Collisions 0

    LAN interface (em0)
    Status up
    MAC address 00:1b:21:23:b9:2d
    IP address 192.168.0.253 
    Subnet mask 255.255.255.0
    Media 1000baseTX <full-duplex>In/out packets 4727/3921 (513 KB/2.25 MB)
    In/out errors 0/0
    Collisions 0

    Here output of netstat -rn:

    netstat -rn

    Routing tables

    Internet:
    Destination        Gateway            Flags    Refs      Use  Netif Expire
    default            link#2            UCS        0      21    em1
    41.35.152.48      00:15:e9:81:eb:3b  UHLW        1        1    em1    908
    69.64.6.11        00:15:e9:81:eb:3b  UHLW        1      132    em1  1125
    69.64.6.21        00:15:e9:81:eb:3b  UHLW        1      304    em1  1121
    70.44.177.132      00:15:e9:81:eb:3b  UHLW        1      10    em1    907
    70.59.42.154      00:15:e9:81:eb:3b  UHLW        1        8    em1    907
    70.119.153.106    00:15:e9:81:eb:3b  UHLW        1        9    em1    912
    70.126.193.179    00:15:e9:81:eb:3b  UHLW        1        1    em1    907
    71.75.250.33      00:15:e9:81:eb:3b  UHLW        1        0    em1    910
    74.86.81.82        00:15:e9:81:eb:3b  UHLW        1      30    em1  1059
    74.125.232.114    00:15:e9:81:eb:3b  UHLW        1      44    em1    924
    77.71.12.148      00:15:e9:81:eb:3b  UHLW        1        6    em1    914
    77.242.176.254    00:15:e9:81:eb:3b  UHLW        1        8    em1    909
    78.128.176.123    00:15:e9:81:eb:3b  UHLW        1        9    em1    915
    83.103.98.242      00:15:e9:81:eb:3b  UHLW        1        7    em1    966
    83.149.158.215    00:15:e9:81:eb:3b  UHLW        1        8    em1    913
    85.37.17.57        00:15:e9:81:eb:3b  UHLW        1      34    em1  1190
    87.7.62.200        127.0.0.1          UGHS        0        0    lo0 =>
    87.7.62.200/32    link#2            UC          0        0    em1

    116.65.246.8      00:15:e9:81:eb:3b  UHLW        1        0    em1    919
    118.106.234.144    00:15:e9:81:eb:3b  UHLW        1      11    em1    909
    127.0.0.1          127.0.0.1          UH          1        0    lo0
    138.247.249.180    00:15:e9:81:eb:3b  UHLW        1        1    em1    908
    173.192.220.226    00:15:e9:81:eb:3b  UHLW        1        9    em1    933
    192.168.0.0/24    link#1            UC          0        0    em0
    192.168.0.2        00:18:f3:8b:41:66  UHLW        1    2226    em0  1197
    192.168.0.3        40:61:86:7c:60:40  UHLW        1      632    em0  1168
    192.168.1.1        00:15:e9:81:eb:3b  UHLW        1      36    em1  1170
    204.93.162.188    00:15:e9:81:eb:3b  UHLW        1      64    em1  1063
    208.67.220.220    00:15:e9:81:eb:3b  UHLW        1      54    em1    924
    209.85.147.101    00:15:e9:81:eb:3b  UHLW        1      22    em1    924
    209.85.147.139    00:15:e9:81:eb:3b  UHLW        1      34    em1    933
    213.146.189.201    00:15:e9:81:eb:3b  UHLW        1      12    em1    973
    218.172.94.94      00:15:e9:81:eb:3b  UHLW        1        1    em1    912

    Is there anything I can do to make some tests, changing configuraion (in PfSense 2.0 RC1 of course) to help find out why this version puts no route to the internet?

    Thanks a lot, Michele.</full-duplex></full-duplex>



  • No clue, no idea, nothing?

    On this main dashboard a message invites users to test new 2.0 RC1 and find bugs, problems and report them.

    I reported a strange issue with lots of details but I received very few answers…

    Mine is maybe a non interesting case.

    Best regards.



  • Hello,

    I am also experiencing what seems the same issue.

    I had a server which I configured from home on the 1.2.3 release which worked fine through an adsl router with an internal ip 192.168.1.1, before reconfiguring and shipping to our data centre.

    I am now trailing a second box using 2.0 RC1 and cannot get internet connectivity with what I believe is the same setup which worked in the 1.2.3 system.

    My setup is completely independent to myksto, so would suggest this is a bug or a change to the configuration options from v1.2.3 and v2.0 RC1 which I / we are missing.

    Further assistance would be appreciated in resolving the issues we are experiencing.

    With thanks,
    Richard



  • @carbonrb:

    I am also experiencing what seems the same issue.

    . . .
    I am now trailing a second box using 2.0 RC1 and cannot get internet connectivity with what I believe is the same setup which worked in the 1.2.3 system.

    More information would be useful. There could be many causes for "cannot get internet connectivity"

    On the pfSense console what response do you get if you ping the ADSL modem's LAN IP address?
    If you ping www.google.com?
    If you ping 8.8.8.8?



  • Why are you trying to use the modems LAN ip?
    It looks like your modem is in bridging mode because it provides you with the external IP adress to Pfsense WAN interface.
    You should also get the external gateway to the WAN interface by the DHCP server from your ISP.

    The address 192.168.1.1 is the modems internal IP that you will have to use if you want to configure the modem.



  • Is there a way to stop the modem from dialing in, and use the PPP from pfsense instead?

    It looks like in 1.2.3 it only says link#2, I assume this is an alias and who knows what it is. I see in you netstat -n the 192.168.1.1 entry, it doesn't mean it is being used as a gateway, just a connection, as if the modem sent a broadcast message or something..

    If your interface is assigned a public IP address, and you're trying to use a private IP address as a gateway, it ends up being non-routeable. That is like saying on your windows XP computer, you assign 10.0.0.7 to the interface using gateway 192.168.1.1, well since they're different subnets, XP will not successfully use that gateway, unless you add a static route… Quick google pulled this up..
    http://social.technet.microsoft.com/Forums/en-US/ForefrontedgeIA/thread/6f79860e-d8a9-4ed2-b79f-f4e16c678c66


Log in to reply