Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Kernel: arp: link address is broadcast for IP address 255.255.255.255!

    Scheduled Pinned Locked Moved Firewalling
    2 Posts 1 Posters 916 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O Offline
      otgx
      last edited by

      Hi,
      in syslog, there are many message "kernel: arp: link address is broadcast for IP address 255.255.255.255!"
      and all of my user can not connect to pfsense, but WAN interface is OK. here is the output of ifconfig -a and netstat -rn:

      ifconfig -a
      em0: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 1500
              options=4209b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,vlan_hwtso>ether 00:ec:30:bc:03:44
              inet 202.123.177.236 netmask 0xfffffff0 broadcast 202.123.177.239
              inet6 fe80::2ec:30ff:febc:344%em0 prefixlen 64 scopeid 0x1
              nd6 options=1 <performnud>media: Ethernet autoselect (1000baseT <full-duplex>)
              status: active
      em1: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
              options=4209b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,vlan_hwtso>ether 00:ec:30:bc:03:45
              inet 192.168.50.1 netmask 0xffffff00 broadcast 192.168.50.255
              inet6 fe80::2ec:30ff:febc:345%em1 prefixlen 64 scopeid 0x2
              nd6 options=1 <performnud>media: Ethernet autoselect
              status: no carrier
      em2: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 1500
              options=4209b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,vlan_hwtso>ether 00:ec:30:bc:03:46
              inet 192.168.4.1 netmask 0xffffff00 broadcast 192.168.4.255
              inet6 fe80::2ec:30ff:febc:346%em2 prefixlen 64 scopeid 0x3
              nd6 options=1 <performnud>media: Ethernet autoselect
              status: no carrier
      em3: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
              options=5209b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,vlan_hwfilter,vlan_hwtso>ether 00:ec:30:bc:03:47
              inet6 fe80::2ec:30ff:febc:347%em3 prefixlen 64 scopeid 0x4
              inet 10.0.0.1 netmask 0xffffff00 broadcast 10.0.0.255
              nd6 options=1 <performnud>media: Ethernet autoselect (1000baseT <full-duplex>)
              status: active
      plip0: flags=8810 <pointopoint,simplex,multicast>metric 0 mtu 1500
      enc0: flags=0<> metric 0 mtu 1536
      pfsync0: flags=0<> metric 0 mtu 1460
              syncpeer: 224.0.0.240 maxupd: 128 syncok: 1
      lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384
              options=3 <rxcsum,txcsum>inet 127.0.0.1 netmask 0xff000000
              inet6 ::1 prefixlen 128
              inet6 fe80::1%lo0 prefixlen 64 scopeid 0x8
              nd6 options=3 <performnud,accept_rtadv>pflog0: flags=100 <promisc>metric 0 mtu 33192
      em3_vlan1: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
              options=3 <rxcsum,txcsum>ether 00:ec:30:bc:03:47
              inet6 fe80::2ec:30ff:febc:344%em3_vlan1 prefixlen 64 scopeid 0xa
              nd6 options=1 <performnud>media: Ethernet autoselect (1000baseT <full-duplex>)
              status: active
              vlan: 1 vlanpcp: 0 parent interface: em3
      em3_vlan2: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
              options=3 <rxcsum,txcsum>ether 00:ec:30:bc:03:47
              inet6 fe80::2ec:30ff:febc:344%em3_vlan2 prefixlen 64 scopeid 0xb
              inet 10.0.2.1 netmask 0xffffff00 broadcast 10.0.2.255
              nd6 options=1 <performnud>media: Ethernet autoselect (1000baseT <full-duplex>)
              status: active
              vlan: 2 vlanpcp: 0 parent interface: em3
      em3_vlan3: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
              options=3 <rxcsum,txcsum>ether 00:ec:30:bc:03:47
              inet6 fe80::2ec:30ff:febc:344%em3_vlan3 prefixlen 64 scopeid 0xc
              inet 10.0.3.1 netmask 0xffffff00 broadcast 10.0.3.255
              nd6 options=1 <performnud>media: Ethernet autoselect (1000baseT <full-duplex>)
              status: active
              vlan: 3 vlanpcp: 0 parent interface: em3
      em3_vlan4: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
              options=3 <rxcsum,txcsum>ether 00:ec:30:bc:03:47
              inet6 fe80::2ec:30ff:febc:344%em3_vlan4 prefixlen 64 scopeid 0xd
              inet 10.0.4.1 netmask 0xffffff00 broadcast 10.0.4.255
              nd6 options=1 <performnud>media: Ethernet autoselect (1000baseT <full-duplex>)
              status: active
              vlan: 4 vlanpcp: 0 parent interface: em3

      netstat -rn
      Routing tables

      Internet:
      Destination        Gateway            Flags    Refs      Use  Netif Expire
      default            202.123.177.225    UGS        0  5913642    em0
      10.0.0.0/24        link#4            U          0    3944    em3
      10.0.0.1          link#4            UHS        0        0    lo0
      10.0.2.0/24        link#11            U          0        0 em3_vl
      10.0.2.1          link#11            UHS        0        0    lo0
      10.0.3.0/24        link#12            U          0        0 em3_vl
      10.0.3.1          link#12            UHS        0        0    lo0
      10.0.4.0/24        link#13            U          0        0 em3_vl
      10.0.4.1          link#13            UHS        0        0    lo0
      127.0.0.1          link#8            UH          0    21597    lo0
      192.168.4.0/24    link#3            U          0  6127627    em2
      192.168.4.1        link#3            UHS        0        0    lo0
      192.168.50.0/24    link#2            U          0        0    em1
      192.168.50.1      link#2            UHS        0    2981    lo0
      202.123.177.224/28 link#1            U          0    60491    em0
      202.123.177.236    link#1            UHS        0        0    lo0

      Internet6:
      Destination                      Gateway                      Flags      Netif Expire
      ::1                              ::1                          UH          lo0
      fe80::%em0/64                    link#1                        U          em0
      fe80::2ec:30ff:febc:344%em0      link#1                        UHS        lo0
      fe80::%em1/64                    link#2                        U          em1
      fe80::2ec:30ff:febc:345%em1      link#2                        UHS        lo0
      fe80::%em2/64                    link#3                        U          em2
      fe80::2ec:30ff:febc:346%em2      link#3                        UHS        lo0
      fe80::%em3/64                    link#4                        U          em3
      fe80::2ec:30ff:febc:347%em3      link#4                        UHS        lo0
      fe80::%lo0/64                    link#8                        U          lo0
      fe80::1%lo0                      link#8                        UHS        lo0
      fe80::%em3_vlan1/64              link#10                      U      em3_vlan
      fe80::2ec:30ff:febc:344%em3_vlan1 link#10                      UHS        lo0
      fe80::%em3_vlan2/64              link#11                      U      em3_vlan
      fe80::2ec:30ff:febc:344%em3_vlan2 link#11                      UHS        lo0
      fe80::%em3_vlan3/64              link#12                      U      em3_vlan
      fe80::2ec:30ff:febc:344%em3_vlan3 link#12                      UHS        lo0
      fe80::%em3_vlan4/64              link#13                      U      em3_vlan
      fe80::2ec:30ff:febc:344%em3_vlan4 link#13                      UHS        lo0
      ff01::%em0/32                    fe80::2ec:30ff:febc:344%em0  U          em0
      ff01::%em1/32                    fe80::2ec:30ff:febc:345%em1  U          em1
      ff01::%em2/32                    fe80::2ec:30ff:febc:346%em2  U          em2
      ff01::%em3/32                    fe80::2ec:30ff:febc:347%em3  U          em3
      ff01::%lo0/32                    ::1                          U          lo0
      ff01::%em3_vlan1/32              fe80::2ec:30ff:febc:344%em3_vlan1 U      em3_vlan
      ff01::%em3_vlan2/32              fe80::2ec:30ff:febc:344%em3_vlan2 U      em3_vlan
      ff01::%em3_vlan3/32              fe80::2ec:30ff:febc:344%em3_vlan3 U      em3_vlan
      ff01::%em3_vlan4/32              fe80::2ec:30ff:febc:344%em3_vlan4 U      em3_vlan
      ff02::%em0/32                    fe80::2ec:30ff:febc:344%em0  U          em0
      ff02::%em1/32                    fe80::2ec:30ff:febc:345%em1  U          em1
      ff02::%em2/32                    fe80::2ec:30ff:febc:346%em2  U          em2
      ff02::%em3/32                    fe80::2ec:30ff:febc:347%em3  U          em3
      ff02::%lo0/32                    ::1                          U          lo0
      ff02::%em3_vlan1/32              fe80::2ec:30ff:febc:344%em3_vlan1 U      em3_vlan
      ff02::%em3_vlan2/32              fe80::2ec:30ff:febc:344%em3_vlan2 U      em3_vlan
      ff02::%em3_vlan3/32              fe80::2ec:30ff:febc:344%em3_vlan3 U      em3_vlan
      ff02::%em3_vlan4/32              fe80::2ec:30ff:febc:344%em3_vlan4 U      em3_vlan

      and I have found that my LAN interface got input error after recieve this message.

      EDIT: my pfsense is 2.1.1-RELEASE (i386)
      Thanks

      aaaa.PNG
      aaaa.PNG_thumb
      aaaa.PNG
      aaaa.PNG_thumb</full-duplex></performnud></rxcsum,txcsum></up,broadcast,running,simplex,multicast></full-duplex></performnud></rxcsum,txcsum></up,broadcast,running,simplex,multicast></full-duplex></performnud></rxcsum,txcsum></up,broadcast,running,simplex,multicast></full-duplex></performnud></rxcsum,txcsum></up,broadcast,running,simplex,multicast></promisc></performnud,accept_rtadv></rxcsum,txcsum></up,loopback,running,multicast></pointopoint,simplex,multicast></full-duplex></performnud></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,vlan_hwfilter,vlan_hwtso></up,broadcast,running,simplex,multicast></performnud></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,vlan_hwtso></up,broadcast,running,promisc,simplex,multicast></performnud></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,vlan_hwtso></up,broadcast,running,simplex,multicast></full-duplex></performnud></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,vlan_hwtso></up,broadcast,running,promisc,simplex,multicast>

      1 Reply Last reply Reply Quote 0
      • O Offline
        otgx
        last edited by

        after I reboot pfsense the LAN interface back to normal and after 2 minutes It happened again!.
        I checked in my network, there are some bad activity try to attack something using ARP. is pfsense or FreeBSD prone to this attack? which cause interface to be unable to communicate with users.
        Thanks.

        attack.PNG
        attack.PNG_thumb

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.