Brent Bohmont
Cadet
- Joined
- Feb 15, 2015
- Messages
- 4
I'm experiencing a network issue on my recently built server. Everything works correctly on my local network, but the server is unable to contact the network's default gateway or anything beyond (e.g. the Internet). I've dug into this a little and believe the network traffic is being correctly routed, but responses are being dropped. There's some bit of configuration I'm missing, perhaps?
Here's my troubleshooting...
FreeNAS Version - FreeNAS-9.3-STABLE-201502110455
ifconfig em0
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=4019b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,VLAN_HWTSO> ether xx:xx:xx:xx:xx
inet 172.21.120.10 netmask 0xffffff00 broadcast 172.21.120.255
inet6 fe80::225:90ff:fed7:2a1b%em0 prefixlen 64 scopeid 0x1
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
Ping default gateway
$ ping 172.21.120.1
PING 172.21.120.1 (172.21.120.1): 56 data bytes
--- 172.21.120.1 ping statistics ---
34 packets transmitted, 0 packets received, 100.0% packet loss
ping tcpdump trace
# tcpdump -nS host 172.21.120.1
09:45:55.157429 IP 172.21.120.10 > 172.21.120.1: ICMP echo request, id 45512, seq 0, length 64
09:45:55.158036 IP 172.21.120.1 > 172.21.120.10: ICMP echo reply, id 45512, seq 0, length 64
09:45:56.158376 IP 172.21.120.10 > 172.21.120.1: ICMP echo request, id 45512, seq 1, length 64
09:45:56.158889 IP 172.21.120.1 > 172.21.120.10: ICMP echo reply, id 45512, seq 1, length 64
09:45:57.159377 IP 172.21.120.10 > 172.21.120.1: ICMP echo request, id 45512, seq 2, length 64
09:45:57.159943 IP 172.21.120.1 > 172.21.120.10: ICMP echo reply, id 45512, seq 2, length 64
Ping generates a request and a reply, so the router is working correctly. I get similar results with a http GET request (e.g. curl http://www.google.com).
Firewall, perhaps? My grasp of FreeBSD networking is shaky at best, but it seems that any firewall is connected through hooks exposed by the ng_ether kernel module. Doesn't seem to be much there, however...zero hooks on each of four nodes.
# ngctl list
There are 4 total nodes:
Name: em0 Type: ether ID: 00000001 Num hooks: 0
Name: igb0 Type: ether ID: 00000002 Num hooks: 0
Name: ipfw0 Type: ether ID: 00000003 Num hooks: 0
Name: ngctl52556 Type: socket ID: 00000006 Num hooks: 0
The ipfw configuration seems empty, too.
#ipfw list
65535 allow ip from any to any
Here's my troubleshooting...
FreeNAS Version - FreeNAS-9.3-STABLE-201502110455
ifconfig em0
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=4019b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,VLAN_HWTSO> ether xx:xx:xx:xx:xx
inet 172.21.120.10 netmask 0xffffff00 broadcast 172.21.120.255
inet6 fe80::225:90ff:fed7:2a1b%em0 prefixlen 64 scopeid 0x1
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
Ping default gateway
$ ping 172.21.120.1
PING 172.21.120.1 (172.21.120.1): 56 data bytes
--- 172.21.120.1 ping statistics ---
34 packets transmitted, 0 packets received, 100.0% packet loss
ping tcpdump trace
# tcpdump -nS host 172.21.120.1
09:45:55.157429 IP 172.21.120.10 > 172.21.120.1: ICMP echo request, id 45512, seq 0, length 64
09:45:55.158036 IP 172.21.120.1 > 172.21.120.10: ICMP echo reply, id 45512, seq 0, length 64
09:45:56.158376 IP 172.21.120.10 > 172.21.120.1: ICMP echo request, id 45512, seq 1, length 64
09:45:56.158889 IP 172.21.120.1 > 172.21.120.10: ICMP echo reply, id 45512, seq 1, length 64
09:45:57.159377 IP 172.21.120.10 > 172.21.120.1: ICMP echo request, id 45512, seq 2, length 64
09:45:57.159943 IP 172.21.120.1 > 172.21.120.10: ICMP echo reply, id 45512, seq 2, length 64
Ping generates a request and a reply, so the router is working correctly. I get similar results with a http GET request (e.g. curl http://www.google.com).
Firewall, perhaps? My grasp of FreeBSD networking is shaky at best, but it seems that any firewall is connected through hooks exposed by the ng_ether kernel module. Doesn't seem to be much there, however...zero hooks on each of four nodes.
# ngctl list
There are 4 total nodes:
Name: em0 Type: ether ID: 00000001 Num hooks: 0
Name: igb0 Type: ether ID: 00000002 Num hooks: 0
Name: ipfw0 Type: ether ID: 00000003 Num hooks: 0
Name: ngctl52556 Type: socket ID: 00000006 Num hooks: 0
The ipfw configuration seems empty, too.
#ipfw list
65535 allow ip from any to any