Incorrect ARP Response From Wireless Bridge
I have been using pfSense for some time now and have had a very stable set-up with 1.2.3.
I decided to upgrade to version 2.
My setup is a fairly typical home network. It is based on an ALIX board (2D2 I think) with an Atheros based wireless adapter.
I have the following three interfaces :-
vr0 - Internal Network
vr1 - Internet Link (PPPoE)
ath0_wlan0 - Wireless Network
vr0 and ath0_wlan0 are bridged.
vr0 has an address of 192.168.x.1/24 and is the gateway of last resort for the internal network.
Under 1.2.3, the wireless interface had an address of 192.168.y.1/24 and this had carried over into the version 2 config. The problem I will describe also exists if the wireless interface is redefined to have no IP address.
DHCP is handled by another host on the network.
I currently have the gwled and OpenVPN Client Export packages installed.
The problem :
Since the upgrade I have noticed that some wireless devices were unable to access anything on the Internet but were able to connect to internal devices.
After investigation, I have noticed that the devices that do not work have different entries in their ARP table for the gateway address (192.168.x.1) and after watching some network traffic for a while, I can see that ARP responses for 192.168.x.1 on the wireless network are referring to the wireless card's MAC address whereas the still functioning devices use the MAC address associated with vr0.
This problem has to be some artifact from my old 1.2.3 config but I am not at all sure where to find the problem.
Does anyone have any ideas?
Thanks in advance,
Ach! I'm barking up the wrong tree here, there's something else going on with it :(
OK, it looks like I'm looking at the wrong half of the ARP protocol. I have noticed that the firewall does not have an entry in it's ARP table for the affected hosts and seems to be therefore silently dropping the replies.
If I add a static ARP entry for a problem host (in this case a Pure Sensia Internet Radio), things spring back to life.