Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Firebox x750e / pfSense 2.1 system log flooded with an error I do not recognise

    Scheduled Pinned Locked Moved Hardware
    6 Posts 2 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      MrT0ad
      last edited by

      Hi beautiful people:

      I have a converted Firebox x750e with PS/2, USB and VGA output, Pentium M 740 and 2GB of RAM running pfSense (non nano) installed on a 160GB 2.5" drive.

      Everything went smoothly (thanks to the work of stephenw10 and others on the subject) and the box seems to be operational, but the system log is flooded with this message (it is logged every 3 to 5 minutes):

      kernel: cannot forward from c0a8:107:: to c0a8:171:: nxt 58 received on msk0

      msk0 is the LAN interface.

      The configuration of the box is pretty much stock at this point. All I have done is run the configuration wizard.

      Any idea what that message means?

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        Hmm, never seen that.
        That's two ipv6 local addresses. The hex equivalent of 192.168.1.7 and 192.168.1.113 if I'm not mistaken. Do you recognize those IPs? Usually they would be on the same subnet so there would be no need for pfSense to forward packets between them. Perhaps one of them has the wrong subnet set? Or maybe you have a port forward misconfigured?

        Nxt 58 could indicate icmpv6 packets?  :-\ My IPv6 knowledge is badly lacking.

        Steve

        1 Reply Last reply Reply Quote 0
        • M
          MrT0ad
          last edited by

          @stephenw10:

          Hmm, never seen that.
          That's two ipv6 local addresses. The hex equivalent of 192.168.1.7 and 192.168.1.113 if I'm not mistaken. Do you recognize those IPs? Usually they would be on the same subnet so there would be no need for pfSense to forward packets between them. Perhaps one of them has the wrong subnet set? Or maybe you have a port forward misconfigured?

          Nxt 58 could indicate icmpv6 packets?  :-\ My IPv6 knowledge is badly lacking.

          Steve

          I know exactly what those are :)

          I don't know why this particular pfSense box is trying to route traffic between both… I probably would do best if I isolate it in it's own subnet until is configured.

          Either way that was most helpful, thank you. Was getting into one of those "cannot see the wood for the trees" situations ;)

          1 Reply Last reply Reply Quote 0
          • M
            MrT0ad
            last edited by

            Thanks again… was one of those duh moments where one fires up two DHCP servers on the same subnet assigning IPs from the same pool.

            Leads to all sorts of funky stuff :D

            1 Reply Last reply Reply Quote 0
            • stephenw10S
              stephenw10 Netgate Administrator
              last edited by

              Easily done. Glad you found it.  :)

              Steve

              1 Reply Last reply Reply Quote 0
              • M
                MrT0ad
                last edited by

                A little more info on the subject, just in case this issue affects someone else in the future. There were two misconfigurations in the LAN that led to this:

                1. I had two DHCP servers on the same subnet assigning IPs from the same pool.

                2. I had one of the servers (192.168.1.7) with a dual NIC with Adaptive Load Balancing enabled BUT without a primary NIC selected for the team, which made it swap MACs between ports constantly. pfSense did not like this.

                Once the first issue was addressed the second issue kicked in and the log was flooded with the following (at a rate of about once per second).

                kernel: arp: 192.168.1.7 moved from a0:36:9f:07:70:61 to a0:36:9f:07:70:60 on em4
                kernel: arp: 192.168.1.7 moved from a0:36:9f:07:70:60 to a0:36:9f:07:70:61 on em4

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.