Machine on a vLAN is showing up as all vLAN GW's in the ARP Table



  • I have been using my laptop on vLAN10 as client (who's IP is present in the ARP Table, but listed as my wired MAC) and I noticed when I go to Diagnostics -> ARP Table, my Wireless card shows up with an ARP entry as every single vLAN's GW and PFSense's WAN IP.

    I tried rebooting the PFSense box, but all entries persist. Also I connected via wired prior to the reboot and it did not allow me to connect to the PFSense box or anything outside of the local network. It also still shows an ARP entry for that interface after a reboot.

    Image: http://i.imgur.com/b8jfz.png



  • @iggi:

    I have been using my laptop on vLAN10 as client (who's IP is present in the ARP Table, but listed as my wired MAC) and I noticed when I go to Diagnostics -> ARP Table, my Wireless card shows up with an ARP entry as every single vLAN's GW and PFSense's WAN IP.

    Your WAN interface and VLAN10, VLAN20 and VLAN30 all share the same physical interface and the displayed MAC address is the MAC address of that interface? If so, what you are seeing is to be expected.

    @iggi:

    Also I connected via wired prior to the reboot and it did not allow me to connect to the PFSense box or anything outside of the local network. It also still shows an ARP entry for that interface after a reboot.

    Perhaps the wired interface you connected to does not have a firewall rule allowing the access. (The default on every interface other than LAN is to block all accesses.)



  • My laptop is a client on vLAN10, the MAC address displayed is the MAC address of my laptop and not of the PFSense Box.

    Also, if I connect other machines to the exact same connection (even ones who have never been on the network before) they can access the network without a problem.



  • If you want me to help you you with this you will need to be much more specific. Are you looking for help with a connection issue (for example, my laptop can't connect to …)? Have you provided the incomplete arp table display as information you think might be relevant to  the connection issue?

    If the answer to the first question is "yes" please also provide:

    • a description of what equipment is between the laptop and the pfsense box

    • what you have tried to connect to, what program you used and what it reported

    Is a VLAN capable switch involved?



  • A vLAN capable switch is connected to the LAN. The issue is that I am seeing some packet loss and issues with DHCP discovers not reaching the DHCP server.

    When I check the ARP table and I see a laptop, which is connected to the VLAN capable switch, and it having entries for each VLANs gateway and the WAN IP I know it can't be right.



  • @iggi:

    A vLAN capable switch is connected to the LAN. The issue is that I am seeing some packet loss and issues with DHCP discovers not reaching the DHCP server.

    What is the relationship between the pfSense box, the switch and DHCP server - how are they interconnected? How did you determine DHCP DISCOVERs are (sometimes?) not reaching the server?

    @iggi:

    When I check the ARP table and I see a laptop, which is connected to the VLAN capable switch, and it having entries for each VLANs gateway and the WAN IP I know it can't be right.

    What specific thing do you think is wrong with the arp table screenshot you provided?  Here is my arp table

    IP address     MAC address ▾ Hostname Interface
    192.168.211.207 00:03:47:81:cd:f7 LAN
    192.168.37.200 00:0f:ea:45:62:1e DMZ
    192.168.211.241 00:12:7b:46:e7:65 LAN
    192.168.211.231 00:1c:bf:b8:96:1d LAN
    192.168.211.202 00:1f:c6:f1:77:00    LAN
    192.168.211.244 00:27:19:b8:ad:62 LAN
    192.168.211.217 00:30:18:b0:19:85 LAN
    192.168.1.2    00:30:18:b0:50:fb OPT5
    192.168.37.197 00:30:18:b0:50:fb DMZ
    192.168.211.204 08:00:27:9c:53:da LAN
    192.168.211.173 ea:4e:57:fd:a2:f9 LAN

    The MAC address 00:30:18:b0:50:fb is that of a pfSense interface which is host to two VLANs, the interfaces for OPT5 and DMZ.

    Sometimes when I take a quick look at a group of MAC addresses I conclude some are the same when in reality they are only 'similar". If you provide the full ARP table and the output of the pfSense shell command ifconfig -a other pairs of eye can look to see if there is something "unusual" about your ARP data.



  • The DHCP server is on the PFSense box and clients connecting to the switch on any vlan will sometimes send 2-3 discovers to the DHCP server and the PFSense log will only see one of them or sometimes none at all.

    OK, for the ARP table, I think I found the problem. For some reason or another, my laptop's MAC address is the same as the PFsense box's interface.

    I'm going to try changing my MAC address and run some tests.


Log in to reply