Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
21.7 Legacy Series
»
[SOLVED] Missing ARP entry for WAN Gateway (bridged 4G/5G CPE via Ethernet)
« previous
next »
Print
Pages: [
1
]
Author
Topic: [SOLVED] Missing ARP entry for WAN Gateway (bridged 4G/5G CPE via Ethernet) (Read 2947 times)
Mr.Goodcat
Full Member
Posts: 103
Karma: 8
[SOLVED] Missing ARP entry for WAN Gateway (bridged 4G/5G CPE via Ethernet)
«
on:
November 21, 2021, 05:26:36 pm »
Hi,
my setup has two WANs:
one via Cable (DOCSIS), one via a 4G/5G CPE which is in bridge mode and attached via Ethernet.
For some reason, the latter's WAN gateway in OPNSense does not come up on its own. OPNSense receives an IP via DHCP, but there is
no corresponding ARP entry for the 4G/5G CPE
. If I add this manually, everything works.
However, as the 4G/5G WAN IP can change setting a static entry is no real solution - i.e. there is no fixed MAC-IP combination.
As of now, my best guess for this behaviour is that both WAN and Gateway IP are in the 100.64.0.0/10 range, i.e. carrier-grade NAT IPs. However, the corresponing WAN interface at OPNSense is set to allow both bogons and private IPs.
Thus I'm looking for any other issues which could cause the observed behaviour. Any ideas would be greatly appreciated!
«
Last Edit: November 28, 2021, 04:06:37 pm by Mr.Goodcat
»
Logged
Mr.Goodcat
Full Member
Posts: 103
Karma: 8
Re: Missing ARP entry for WAN Gateway (bridged 4G/5G CPE attached via Ethernet)
«
Reply #1 on:
November 24, 2021, 03:52:36 pm »
As the issue persists, I tried to get additional information.
Attached is an image of a packet capture on the WAN interface connecting OPNSense (Mellanox NIC) and the ZTE 5G CPE/Gateway. As can be seen, the CPE sends ARP requests to OPN's WAN port and receives propper replys. For some reaseon though, this keeps repeating indefinitely.
The Firewall itself doesn't seem to send any ARP request to the CPE and also doesnt't infer the data from the received requests.
Logged
Mr.Goodcat
Full Member
Posts: 103
Karma: 8
Re: Missing ARP entry for WAN Gateway (bridged 4G/5G CPE attached via Ethernet)
«
Reply #2 on:
November 28, 2021, 04:06:07 pm »
Issue solved!
The interface I used for attaching the 5G WAN CPE was previously used for internal purposes. As such, the DHCP server was configured with "Deny unknown clients" and "Enable Static ARP entries". These entries for the DHCP server disappeared from the GUI after switching the WAN interface from static IP to DHCP client, just like they should.
However, the
DHCP server config appears to have been active nonetheless
. This can't be the intended behaviour and
should be fixed
. After switching the WAN interface to static IP, removing the DHCP server entries and then switching WAN back to DHCP client for getting an IP, everything works as intended.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
21.7 Legacy Series
»
[SOLVED] Missing ARP entry for WAN Gateway (bridged 4G/5G CPE via Ethernet)