Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Broken Static IPv4 WAN, DHCP WORKS

    Scheduled Pinned Locked Moved Virtualization
    1 Posts 1 Posters 851 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      Boethius
      last edited by

      Problem: WAN interface works for about 1 minute sometimes with a static ipv4 IP. DHCP WAN works fine for hours.

      I have an intel atom pfsense box I brought over to test. Static IPv4 works fine on it with the same settings. Also running 2.2.6.

      Troubleshooting thus far: On a machine on the LAN I had a continuous ping of 8.8.8.8 running. I ran a packet capture on the pfSense WAN interface during this whole process until I lost connectivity. I saw TCP application data, DNS response, ping replies, NTP exchanges, ARP broadcasts and replies, etc. Everything working fine. 40s into the capture it stops behaving and it shows nothing but DNS queries originating from WAN static IP, ping requests, some TCP retransmissions… and  ARP broadcasts from the ISP Router,
      Right before I stopped getting ping responses, the gateway ARPed for the static ip 5 times, once every ~30ms. pfsense responded immediately to each arp with the spoofed MAC as it did earlier in the capture. For the next 2 seconds I got 2 ping replies and then nothing. Same result without spoofing MAC.

      The hardware for the hypervisor:
      ASROCK Extreme 7+ with two onboard Intel NICs
      Intel I5 6500
      Crucial DDR5 2 x 8GB
      Intel PRO/1000 Pt 2 port NIC

      Proxmox 4.1
      Pfsense VM has...
      3 of the NICS assigned to pfSense VM. eth1-3. WAN on one of the PCI Intel ports.
      VirtIO for the network cards
      1 core
      2gb ram
      15gB RAW cache writeback virtio HD.

      /etc/network/interfaces

      # network interface settings; autogenerated
# Please do NOT modify this file directly, unless you know what
# you're doing.
#
# If you want to manage part of the network configuration manually,
# please utilize the 'source' or 'source-directory' directives to do
# so.
# PVE will preserve these directives, but will NOT its network
# configuration from sourced files, so do not attempt to move any of
# the PVE managed interfaces into external files!

auto lo
iface lo inet loopback

iface eth0 inet manual

iface eth1 inet manual

iface eth2 inet manual

iface eth3 inet manual

auto vmbr0
iface vmbr0 inet static
	address  172.31.1.0
	netmask  255.255.254.0
	gateway  172.31.0.10
	bridge_ports eth0
	bridge_stp off
	bridge_fd 0

#LAN
auto vmbr1
iface vmbr1 inet manual
	bridge_ports eth1
	bridge_stp off
	bridge_fd 0

#DMZ
auto vmbr2
iface vmbr2 inet manual
	bridge_ports eth2
	bridge_stp off
	bridge_fd 0

#WAN
auto vmbr3
iface vmbr3 inet manual
	bridge_ports eth3
	bridge_stp off
	bridge_fd 0
      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.