Kernel: arp: link address is broadcast for IP address 255.255.255.255!



  • Hi,
    in syslog, there are many message "kernel: arp: link address is broadcast for IP address 255.255.255.255!"
    and all of my user can not connect to pfsense, but WAN interface is OK. here is the output of ifconfig -a and netstat -rn:

    ifconfig -a
    em0: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 1500
            options=4209b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,vlan_hwtso>ether 00:ec:30:bc:03:44
            inet 202.123.177.236 netmask 0xfffffff0 broadcast 202.123.177.239
            inet6 fe80::2ec:30ff:febc:344%em0 prefixlen 64 scopeid 0x1
            nd6 options=1 <performnud>media: Ethernet autoselect (1000baseT <full-duplex>)
            status: active
    em1: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
            options=4209b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,vlan_hwtso>ether 00:ec:30:bc:03:45
            inet 192.168.50.1 netmask 0xffffff00 broadcast 192.168.50.255
            inet6 fe80::2ec:30ff:febc:345%em1 prefixlen 64 scopeid 0x2
            nd6 options=1 <performnud>media: Ethernet autoselect
            status: no carrier
    em2: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 1500
            options=4209b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,vlan_hwtso>ether 00:ec:30:bc:03:46
            inet 192.168.4.1 netmask 0xffffff00 broadcast 192.168.4.255
            inet6 fe80::2ec:30ff:febc:346%em2 prefixlen 64 scopeid 0x3
            nd6 options=1 <performnud>media: Ethernet autoselect
            status: no carrier
    em3: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
            options=5209b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,vlan_hwfilter,vlan_hwtso>ether 00:ec:30:bc:03:47
            inet6 fe80::2ec:30ff:febc:347%em3 prefixlen 64 scopeid 0x4
            inet 10.0.0.1 netmask 0xffffff00 broadcast 10.0.0.255
            nd6 options=1 <performnud>media: Ethernet autoselect (1000baseT <full-duplex>)
            status: active
    plip0: flags=8810 <pointopoint,simplex,multicast>metric 0 mtu 1500
    enc0: flags=0<> metric 0 mtu 1536
    pfsync0: flags=0<> metric 0 mtu 1460
            syncpeer: 224.0.0.240 maxupd: 128 syncok: 1
    lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384
            options=3 <rxcsum,txcsum>inet 127.0.0.1 netmask 0xff000000
            inet6 ::1 prefixlen 128
            inet6 fe80::1%lo0 prefixlen 64 scopeid 0x8
            nd6 options=3 <performnud,accept_rtadv>pflog0: flags=100 <promisc>metric 0 mtu 33192
    em3_vlan1: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
            options=3 <rxcsum,txcsum>ether 00:ec:30:bc:03:47
            inet6 fe80::2ec:30ff:febc:344%em3_vlan1 prefixlen 64 scopeid 0xa
            nd6 options=1 <performnud>media: Ethernet autoselect (1000baseT <full-duplex>)
            status: active
            vlan: 1 vlanpcp: 0 parent interface: em3
    em3_vlan2: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
            options=3 <rxcsum,txcsum>ether 00:ec:30:bc:03:47
            inet6 fe80::2ec:30ff:febc:344%em3_vlan2 prefixlen 64 scopeid 0xb
            inet 10.0.2.1 netmask 0xffffff00 broadcast 10.0.2.255
            nd6 options=1 <performnud>media: Ethernet autoselect (1000baseT <full-duplex>)
            status: active
            vlan: 2 vlanpcp: 0 parent interface: em3
    em3_vlan3: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
            options=3 <rxcsum,txcsum>ether 00:ec:30:bc:03:47
            inet6 fe80::2ec:30ff:febc:344%em3_vlan3 prefixlen 64 scopeid 0xc
            inet 10.0.3.1 netmask 0xffffff00 broadcast 10.0.3.255
            nd6 options=1 <performnud>media: Ethernet autoselect (1000baseT <full-duplex>)
            status: active
            vlan: 3 vlanpcp: 0 parent interface: em3
    em3_vlan4: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
            options=3 <rxcsum,txcsum>ether 00:ec:30:bc:03:47
            inet6 fe80::2ec:30ff:febc:344%em3_vlan4 prefixlen 64 scopeid 0xd
            inet 10.0.4.1 netmask 0xffffff00 broadcast 10.0.4.255
            nd6 options=1 <performnud>media: Ethernet autoselect (1000baseT <full-duplex>)
            status: active
            vlan: 4 vlanpcp: 0 parent interface: em3

    netstat -rn
    Routing tables

    Internet:
    Destination        Gateway            Flags    Refs      Use  Netif Expire
    default            202.123.177.225    UGS        0  5913642    em0
    10.0.0.0/24        link#4            U          0    3944    em3
    10.0.0.1          link#4            UHS        0        0    lo0
    10.0.2.0/24        link#11            U          0        0 em3_vl
    10.0.2.1          link#11            UHS        0        0    lo0
    10.0.3.0/24        link#12            U          0        0 em3_vl
    10.0.3.1          link#12            UHS        0        0    lo0
    10.0.4.0/24        link#13            U          0        0 em3_vl
    10.0.4.1          link#13            UHS        0        0    lo0
    127.0.0.1          link#8            UH          0    21597    lo0
    192.168.4.0/24    link#3            U          0  6127627    em2
    192.168.4.1        link#3            UHS        0        0    lo0
    192.168.50.0/24    link#2            U          0        0    em1
    192.168.50.1      link#2            UHS        0    2981    lo0
    202.123.177.224/28 link#1            U          0    60491    em0
    202.123.177.236    link#1            UHS        0        0    lo0

    Internet6:
    Destination                      Gateway                      Flags      Netif Expire
    ::1                              ::1                          UH          lo0
    fe80::%em0/64                    link#1                        U          em0
    fe80::2ec:30ff:febc:344%em0      link#1                        UHS        lo0
    fe80::%em1/64                    link#2                        U          em1
    fe80::2ec:30ff:febc:345%em1      link#2                        UHS        lo0
    fe80::%em2/64                    link#3                        U          em2
    fe80::2ec:30ff:febc:346%em2      link#3                        UHS        lo0
    fe80::%em3/64                    link#4                        U          em3
    fe80::2ec:30ff:febc:347%em3      link#4                        UHS        lo0
    fe80::%lo0/64                    link#8                        U          lo0
    fe80::1%lo0                      link#8                        UHS        lo0
    fe80::%em3_vlan1/64              link#10                      U      em3_vlan
    fe80::2ec:30ff:febc:344%em3_vlan1 link#10                      UHS        lo0
    fe80::%em3_vlan2/64              link#11                      U      em3_vlan
    fe80::2ec:30ff:febc:344%em3_vlan2 link#11                      UHS        lo0
    fe80::%em3_vlan3/64              link#12                      U      em3_vlan
    fe80::2ec:30ff:febc:344%em3_vlan3 link#12                      UHS        lo0
    fe80::%em3_vlan4/64              link#13                      U      em3_vlan
    fe80::2ec:30ff:febc:344%em3_vlan4 link#13                      UHS        lo0
    ff01::%em0/32                    fe80::2ec:30ff:febc:344%em0  U          em0
    ff01::%em1/32                    fe80::2ec:30ff:febc:345%em1  U          em1
    ff01::%em2/32                    fe80::2ec:30ff:febc:346%em2  U          em2
    ff01::%em3/32                    fe80::2ec:30ff:febc:347%em3  U          em3
    ff01::%lo0/32                    ::1                          U          lo0
    ff01::%em3_vlan1/32              fe80::2ec:30ff:febc:344%em3_vlan1 U      em3_vlan
    ff01::%em3_vlan2/32              fe80::2ec:30ff:febc:344%em3_vlan2 U      em3_vlan
    ff01::%em3_vlan3/32              fe80::2ec:30ff:febc:344%em3_vlan3 U      em3_vlan
    ff01::%em3_vlan4/32              fe80::2ec:30ff:febc:344%em3_vlan4 U      em3_vlan
    ff02::%em0/32                    fe80::2ec:30ff:febc:344%em0  U          em0
    ff02::%em1/32                    fe80::2ec:30ff:febc:345%em1  U          em1
    ff02::%em2/32                    fe80::2ec:30ff:febc:346%em2  U          em2
    ff02::%em3/32                    fe80::2ec:30ff:febc:347%em3  U          em3
    ff02::%lo0/32                    ::1                          U          lo0
    ff02::%em3_vlan1/32              fe80::2ec:30ff:febc:344%em3_vlan1 U      em3_vlan
    ff02::%em3_vlan2/32              fe80::2ec:30ff:febc:344%em3_vlan2 U      em3_vlan
    ff02::%em3_vlan3/32              fe80::2ec:30ff:febc:344%em3_vlan3 U      em3_vlan
    ff02::%em3_vlan4/32              fe80::2ec:30ff:febc:344%em3_vlan4 U      em3_vlan

    and I have found that my LAN interface got input error after recieve this message.

    EDIT: my pfsense is 2.1.1-RELEASE (i386)
    Thanks




    </full-duplex></performnud></rxcsum,txcsum></up,broadcast,running,simplex,multicast></full-duplex></performnud></rxcsum,txcsum></up,broadcast,running,simplex,multicast></full-duplex></performnud></rxcsum,txcsum></up,broadcast,running,simplex,multicast></full-duplex></performnud></rxcsum,txcsum></up,broadcast,running,simplex,multicast></promisc></performnud,accept_rtadv></rxcsum,txcsum></up,loopback,running,multicast></pointopoint,simplex,multicast></full-duplex></performnud></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,vlan_hwfilter,vlan_hwtso></up,broadcast,running,simplex,multicast></performnud></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,vlan_hwtso></up,broadcast,running,promisc,simplex,multicast></performnud></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,vlan_hwtso></up,broadcast,running,simplex,multicast></full-duplex></performnud></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,vlan_hwtso></up,broadcast,running,promisc,simplex,multicast>



  • after I reboot pfsense the LAN interface back to normal and after 2 minutes It happened again!.
    I checked in my network, there are some bad activity try to attack something using ARP. is pfsense or FreeBSD prone to this attack? which cause interface to be unable to communicate with users.
    Thanks.