Multi WAN on DHCP Fails
-
Hoping someone can help me out. I am currently using pfsense with two WAN interfaces over DHCP. The problem i have is when i try to force traffic over the second WAN interface (using firewall rule to force over WAN2), it fails, and i get the following error message in system logs:
kernel: arpresolve: can't allocate llinfo for xxx.xxx.xxx.xxx
This error repeats about every few seconds. All traffic fails going outside of the firewall although i can still communicate through internal lan. I am not using any kind of traffic shaping or load balancing. The end goal is to have a second WAN interface that can be used for a second web server using https traffic amongst a few other ports already in use on the first WAN interface.
If i force all traffic to the first WAN (using firewall rule to force over WAN1) all works as expected.
Thanks in advance for any help you can provide me with.
-
An update…
I put in matching Gig intel network cards (same model and everything) and i still have the same problem. When i'm running just one wan interface everything is great, but all hell breaks lose when i enable the second wan.
-
Are both interfaces totally separated? no linking between them?
-
It goes like this:
Wan1
–->
ISP Modem ---> Hub-----| ----> pfSense
--->
Wan2 -
That log message is what you get when the system tries to ARP something that isn't on a locally connected network (may be possible in other circumstances but that's the only time I've seen it). What's the IP, subnet, gateway like on that interface? Is the gateway and subnet different on each WAN?
-
The gateway and subnet are the same on both wan interfaces.
Subnet: 255.255.240.0
Gateway: 72.49.176.1
IP's for both WAN's: 72.49.190.xxx and 72.49.185.xxx -
pfsense does not support same gateway for multiple wan interfaces …
only way,i know, to get it to work is by putting a cheap linksys/dlink/whatever router in between 1 of the interface -
yeah that's why, that must be another circumstance that can trigger that. The system has an ARP entry for that gateway IP on another NIC, and you're trying to force it to ARP that on a different NIC, and one particular IP can only have one ARP entry. An intermediate box doing NAT on one of the WANs is the way to work around that.
-
I have seen that before when my cable modem lost sync and some states were still around from the 192.168.x.x IP for whatever reason. Since pf still had states referring to that gateway, the ARP errors continued.
Try resetting the states table (or perhaps run pfctl -g x.x.x.x where x.x.x.x is the IP you're seeing the arp messages for) and see if they clear up.
-
I'm pretty sure i tried that already, but i'll give it another shot. Sounds like i might just be sol
-
OK. (Actually it's pfctl -b, not -g, apparently had a brain misfile on my last reply)
-
pfsense does not support same gateway for multiple wan interfaces …
only way,i know, to get it to work is by putting a cheap linksys/dlink/whatever router in between 1 of the interfaceI thought it did now.
-
-
pfsense does not support same gateway for multiple wan interfaces …
only way,i know, to get it to work is by putting a cheap linksys/dlink/whatever router in between 1 of the interfaceI thought it did now.
Only for PPPoE, not DHCP/Static/anything else.
Ahh…No wonder my Multiwan PPPoE is working.
-
I don't call that multi WAN dude, one WAN, seperated using switch??
