I have a fresh Wheezy install on my home network and have run into a strange problem. The system leases an IP from my pfSense firewall, which correctly sets its mask, gateway, and DNS entries, but I can't ping the gateway, other hosts, or the Internet at-large. I have several other devices connected to the same switch, on the same VLAN, and happily talking amongst each other and to the Internet. Where should I start digging in on this?

Are you sure it has leased an address? If it can get that far, then the port is live and can perform MAC broadcasts and recieve packets.

Anyway...First things to try:

Can you ping yourself: if not, the TCP/IP stack is not correctly configured and you need to look at /etc/network/interfaces as a start. Also, /var/log/syslog will probably have some hints about what is going on
If you can ping yourself, do an "ifconfig" on the offending system, and compare it to one thats working correctly. It should show an IP addresss, mask, etc and show "UP BROADCAST NOTRAILERS RUNNING". If that is not the case, it will give you some clues where to look....if it doesn't say "RUNNING", which is most likely, then networking has not been started properly.

And just to be complete...be sure the physical connectivity is good in BOTH Directions

If you do all this and still have problems, post up /etc/network/interfaces and the output of ifconfig and we can look at it some more

1 members found this post helpful.

Thanks for the feedback. Yes, I'm positive the lease is genuine because I can see it via the firewall as well as in the local syslog. For that matter, the firewall cannot ping this box either. However, the box itself can ping 127 as well as its DHCP assigned IP (10.0.10.114 in this case).

/etc/network/interfaces
I actually threw in an old (working) 3COM card as well so you'll see this come in as eth1. This interface is an onboard Broadcom.

ifconfig
Physical media was also a thought so I swapped cables as well as tried a different port on the switch (and NIC). All gives the same behavior so I'm left thinking this is a firewall issue, but there's literally 1 rule on this network which allows access to everything (and other mixed-OS wired and wireless devices are good)!

More info... I have the issue narrowed down to the switch I think. The other machines plugged in to it are 2 Windows and 1 AP. All work fine. I plugged in another linux (Mint) machine that's normally on wireless and it exhibited the same behavior. I'll take a close look at the switch config and see what's up. It's weird because VLAN tagging is obviously working since it's pulling an IP from the correct network, but once on it can't do a thing... and doubly so that the Windows boxes are just fine!

Solved! It boiled down to a VLAN issue that, for whatever reason, Windows didn't mind and linux did. I had the port configured to tag traffic on VLAN 10 and the PVID to VLAN 10 as well, but the correct configuration was to set it untagged on VLAN 10 with the same PVID. It's counter-intuitive terminology so I'll have to read up more on it, but it's working as expected now.

Interesting! What was the native VLAN (That is, which VLAN's traffic was sent untagged? that my be where the issue comes from.

Still, Thanks for letting us know!

For this Netgear switch, they call the native VLAN the PVID (Port VLAN ID), so I effectively had the native VLAN set for 10. It was how I had joined the port to VLAN 10 group as Tagged, instead of Untagged, that it fell over once hitting the IP layer. Still seems counter-intuitive to me.