SOLVED Yet another lost connection to a jail GUI/IP. It's only 1 of 2 computers though. (Appears to be an eero mesh bridge issue)

thepixelgeek

Patron
Joined
Jan 21, 2016
Messages
271
I haven't figured out why/when exactly, but occasionally I've noticed that my Windows computer loses connection to the jail web GUI.
  • The jail is "up"
  • I can access the GUI from other computers on the network
  • I restarted the computer in question and reconnected it to the wifi
  • I can connect to my FreeNas server
  • I can connect to the internet
The Windows computer is on the same network/mask as the server. It's using Wifi with an automatic IP assignment.

The Macbook can connect to the GUI. It's hardwired with an auto IP assignment.

I greatly appreciate some guidance on solving this issue. Please let me know what other information is needed to help troubleshoot.

I'm running pfsense on bare metal. FreeNas specs in the signature.

Edit: I thought maybe it was Chrome, but I can't connect using Firefox either.
 
Last edited:

thepixelgeek

Patron
Joined
Jan 21, 2016
Messages
271
Additionally, I can no longer connect to my Windows Shares (SMB).
 

Patrick M. Hausen

Hall of Famer
Joined
Nov 25, 2013
Messages
7,740
Duplicate MAC addresses? What do the ARP caches on the involved systems contain?
 

thepixelgeek

Patron
Joined
Jan 21, 2016
Messages
271

Patrick M. Hausen

Hall of Famer
Joined
Nov 25, 2013
Messages
7,740
arp -n -a shows you the ARP table on Unixy systems. There's a utility of the same name in Windows, but IIRC the options are different. Use -? or /? ...
 

thepixelgeek

Patron
Joined
Jan 21, 2016
Messages
271
@Patrick M. Hausen

I ran arp -a
Code:
Interface: 192.168.1.106 --- 0xf
  Internet Address      Physical Address      Type
  192.168.1.1           3c-ec-ef-01-a9-2f     dynamic
  192.168.1.103         4c-01-43-61-91-e2     dynamic
  192.168.1.104         84-ba-3b-80-7e-69     dynamic
  192.168.1.105         00-71-47-48-45-56     dynamic
  192.168.1.117         00-0e-58-7c-16-66     dynamic
  192.168.1.118         94-9f-3e-d6-3d-a5     dynamic
  192.168.1.119         b8-e9-37-b7-88-4e     dynamic
  192.168.1.120         b8-e9-37-b7-b1-0a     dynamic
  192.168.1.121         b8-e9-37-b7-8a-d6     dynamic
  192.168.1.122         b8-e9-37-b7-8c-62     dynamic
  192.168.1.123         94-9f-3e-d1-fd-0b     dynamic
  192.168.1.124         78-28-ca-c3-24-4e     dynamic
  192.168.1.125         78-28-ca-c3-24-36     dynamic
  192.168.1.126         94-9f-3e-a2-87-86     dynamic
  192.168.1.127         b8-e9-37-ef-05-28     dynamic
  192.168.1.128         b8-e9-37-ef-07-62     dynamic
  192.168.1.136         34-d2-70-01-b9-9d     dynamic
  192.168.1.137         cc-b1-1a-52-dd-97     dynamic
  192.168.1.201         0c-c4-7a-86-65-c4     dynamic
  192.168.1.255         ff-ff-ff-ff-ff-ff     static
  224.0.0.22            01-00-5e-00-00-16     static
  224.0.0.251           01-00-5e-00-00-fb     static
  224.0.0.252           01-00-5e-00-00-fc     static
  239.255.255.250       01-00-5e-7f-ff-fa     static
  255.255.255.255       ff-ff-ff-ff-ff-ff     static
 

thepixelgeek

Patron
Joined
Jan 21, 2016
Messages
271
Gui in question is 192.168.1.203, that I can't reach.
 

Patrick M. Hausen

Hall of Famer
Joined
Nov 25, 2013
Messages
7,740
Ok, so now you know what your Windows(?) machine thinks the MAC address matching the IP address of your jail is. No try on another machine where the connection works.
My suspicion is that you have e.g. two jails with identical MAC addresses and once your Windows system put the IP/MAC combination of the wrong one into its cache, it cannot connect to the right one, anymore.
 

Patrick M. Hausen

Hall of Famer
Joined
Nov 25, 2013
Messages
7,740
OK, overlapping posts.

You don't have an ARP entry for the .203 address. Check the MAC address of your jail and look for another IP address in your list above with the identical MAC. If successful, there's your duplicate.
 

thepixelgeek

Patron
Joined
Jan 21, 2016
Messages
271
Would that be "ether"?

Code:
 # ifconfig
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
        inet 127.0.0.1 netmask 0xff000000
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        groups: lo
epair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8<VLAN_MTU>
        ether 0e:c4:7a:ea:be:20
        hwaddr 02:38:04:00:06:0b
        inet 192.168.1.203 netmask 0xffffff00 broadcast 192.168.1.255
        nd6 options=1<PERFORMNUD>
        media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
        status: active
        groups: epair
 

thepixelgeek

Patron
Joined
Jan 21, 2016
Messages
271
Running arp -a on my Macbook:

(192.168.1.203) at 0:c4:7a:ea:be:20 on en5 ifscope [ethernet]
 

thepixelgeek

Patron
Joined
Jan 21, 2016
Messages
271
Here’s the full list from MacBook arp -a


Code:
pfsense.localdomain (192.168.1.1) at 3c:ec:ef:1:a9:2f on en5 ifscope [ethernet]

(192.168.1.101) at 64:4b:f0:2b:24:1f on en5 ifscope permanent [ethernet]
(192.168.1.105) at 0:71:47:48:45:56 on en5 ifscope [ethernet]
(192.168.1.106) at 2c:fd:a1:ce:55:1f on en5 ifscope [ethernet]
(192.168.1.107) at 44:18:fd:99:eb:c4 on en5 ifscope [ethernet]
(192.168.1.117) at 0:e:58:7c:16:66 on en5 ifscope [ethernet]
(192.168.1.118) at 94:9f:3e:d6:3d:a5 on en5 ifscope [ethernet]
(192.168.1.119) at b8:e9:37:b7:88:4e on en5 ifscope [ethernet]
(192.168.1.122) at b8:e9:37:b7:8c:62 on en5 ifscope [ethernet]
(192.168.1.123) at 94:9f:3e:d1:fd:b on en5 ifscope [ethernet]
(192.168.1.127) at b8:e9:37:ef:5:28 on en5 ifscope [ethernet]
(192.168.1.138) at 7c:c3:a1:b1:d:2e on en5 ifscope [ethernet]
(192.168.1.202) at e:c4:7a:57:7e:c1 on en5 ifscope [ethernet]
(192.168.1.203) at e:c4:7a:ea:be:20 on en5 ifscope [ethernet]
(192.168.1.204) at e:c4:7a:5c:dc:a3 on en5 ifscope [ethernet]
(192.168.1.255) at ff:ff:ff:ff:ff:ff on en5 ifscope [ethernet]
(224.0.0.251) at 1:0:5e:0:0:fb on en5 ifscope permanent [ethernet]
(239.255.255.250) at 1:0:5e:7f:ff:fa on en5 ifscope permanent [ethernet]
 

Patrick M. Hausen

Hall of Famer
Joined
Nov 25, 2013
Messages
7,740
Yes, and I cannot find a duplicate entry. Try to access the UI first on Windows, then run the arp command, please.
 

thepixelgeek

Patron
Joined
Jan 21, 2016
Messages
271
Ok. I tried to access the GUI, and then ran arp. Same list as before. 192.168.1.203 did not show up on Win.

1591390709788.png
 

Patrick M. Hausen

Hall of Famer
Joined
Nov 25, 2013
Messages
7,740
Sorry, then it's not duplicates. Bring someone knowledgeable to your installation and have them run tcpdump/Wireshark. I fear this is beyond forum/remote debugging.
Unless you are familiar with network debugging but in that case I assumed you would not be asking about arp ;)
 

thepixelgeek

Patron
Joined
Jan 21, 2016
Messages
271
Ok. Do I run it on the troubled Windows computer to get the dump? I'll take a stab at learning about it and getting a dump. I doubt I'll be able to analyze it. Worth a shot though.
 

Patrick M. Hausen

Hall of Famer
Joined
Nov 25, 2013
Messages
7,740
If Wireshark on the Windows side does not get enough data to come to a diagnose, you might need to run tcpdump on the FreeNAS too, but given the friendlier interface, I'd start on Windows.
 

Patrick M. Hausen

Hall of Famer
Joined
Nov 25, 2013
Messages
7,740
For example your Windows system will try to find the MAC address for IP .203. At least hopefully so. So it will send out "arp who-has" requests. If it doesn't, your Windows machine is broken in some way. If it does but doesn't get an answer back, you need to check on the other side if the requests reach the jail. If they don't, some network equipment is interfering. If they do, but the jail does not answer, something is fishy over there, If it does answer but the answers don't get back to the Windows machine, it's some network thingy again ...
You need a mental image of the package exchange that should take place and then check if reality matches that.
 

Samuel Tai

Never underestimate your own stupidity
Moderator
Joined
Apr 24, 2020
Messages
5,399
This is a layer 2 bridge table problem between the wireless and wired network. By any chance, are you using eero mesh APs? An earlier thread said this behavior was seen, and went away by switching to different mesh hardware.
 

Patrick M. Hausen

Hall of Famer
Joined
Nov 25, 2013
Messages
7,740
This is a layer 2 bridge table problem between the wireless and wired network. By any chance, are you using eero mesh APs? An earlier thread said this behavior was seen, and went away by switching to different mesh hardware.
Can I borrow your crystal ball?
 
Top