DNS weirdness on new pfsense 2.0



  • I have a multi-homed Dell server on the LAN - sitting behind a pfsense 2.0 firewall in a rack.

    The server will fail to make DNS lookups until I delete the 1:1 mapping for it's primary LAN ip-address. There are lots of other mapping for the virtual IP's on the server .. which 1:1 map in the firewall to external IP's.

    Is there an issue with all the server IP's having the same mac address ?

    Putting in a port forward rule for say just ssh for the Ip address works fine, but 1:1 mapping breaks DNS immediately on the server.

    I looked at the arp table on firewall…all IP's from server have same MAC address, as you would suspect.

    Confused as to how to debug this / explain this more clearly.

    I think it also related to issue I have mapping port 8080 to an internal ip address on the same server ...again a 1:1 mapping sends the request stratight to the pfsense firewall...delete this and have a single port forward rule for the IP and it works.

    Any debug ideas / things to try gratefully received,
    dave



  • This is now resolved. I did nothing but delete the virtual IP and re-create it for the main IP address .. and this resolved the problem. I can only thing some tables either in the firewall or the switch that lies between firewall and server had got confused with so many IP addresses having the same arp mac address.

    So all happy now,
    Dave

    For the record my eth0 on the server looks like:-

    eth0 192.168.1.229  (I think of this as the main IP address - this is the one which caused problems).
    eth0:abc  192.168.1.230
    eth0:xyz 192.168.1.231
    ….
    Loads of multi-homed ip addresses on single server. All 255.255.255.0 netmask, and all 1:1 mapped to external IP's in firewall.


Log in to reply