Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Incorrect ARP Response From Wireless Bridge

    Scheduled Pinned Locked Moved Wireless
    3 Posts 1 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J Offline
      jaark
      last edited by

      Hi,

      I have been using pfSense for some time now and have had a very stable set-up with 1.2.3.

      I decided to upgrade to version 2.

      My setup is a fairly typical home network. It is based on an ALIX board (2D2 I think) with an Atheros based wireless adapter.

      I have the following three interfaces :-

      vr0 - Internal Network
      vr1 - Internet Link (PPPoE)
      ath0_wlan0 - Wireless Network

      vr0 and ath0_wlan0 are bridged.

      vr0 has an address of 192.168.x.1/24 and is the gateway of last resort for the internal network.
      Under 1.2.3, the wireless interface had an address of 192.168.y.1/24 and this had carried over into the version 2 config. The problem I will describe also exists if the wireless interface is redefined to have no IP address.

      DHCP is handled by another host on the network.

      I currently have the gwled and OpenVPN Client Export packages installed.

      The problem :

      Since the upgrade I have noticed that some wireless devices were unable to access anything on the Internet but were able to connect to internal devices.
      After investigation, I have noticed that the devices that do not work have different entries in their ARP table for the gateway address (192.168.x.1) and after watching some network traffic for a while, I can see that ARP responses for 192.168.x.1 on the wireless network are referring to the wireless card's MAC address whereas the still functioning devices use the MAC address associated with vr0.

      This problem has to be some artifact from my old 1.2.3 config but I am not at all sure where to find the problem.

      Does anyone have any ideas?

      Thanks in advance,

      Jack

      1 Reply Last reply Reply Quote 0
      • J Offline
        jaark
        last edited by

        Ach! I'm barking up the wrong tree here, there's something else going on with it :(

        1 Reply Last reply Reply Quote 0
        • J Offline
          jaark
          last edited by

          OK, it looks like I'm looking at the wrong half of the ARP protocol. I have noticed that the firewall does not have an entry in it's ARP table for the affected hosts and seems to be therefore silently dropping the replies.

          If I add a static ARP entry for a problem host (in this case a Pure Sensia Internet Radio), things spring back to life.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.