Bonjour a tous,
Je suis en IPv4 full stack depuis Samedi. J'aimerais mettre un pfsense derrière ma freebox.
Pour l'instant la port SFP+ ne fonctionne pas en mode bridge, après posté sur la bug tracker de Free il me confirme la port SFP+ en mode bridge c'est pour bientôt.
Donc je teste avec un de un port giga.
Avant de basculer la pfsense je teste avec mon laptop windows 7 pro, FW désactive, dhcp, wireshark, je déconnecte tous mes autres Equipement de la box free sauf le laptop win 7.
En activant le mode bridge, mon laptop recevoir bien un IP via DHCP qui correspond a mon IP public et la DHCP Ack contient le GW, Serveur DNS et lease time.
Par contre je suis incapable de connecter sur l'internet dans ma browser, DNS timeout.
Jai forcer la dns manuelle 8.8.8.8 sur ma carte et toujours le DNS timeout.
Par contre, aucune souci pour pinger de serveur sur la internet (8.8.8.8 ou 1.1.1.1 ou le serveur de speed test Leonix)
Voici le DHCP ACk fournie par le Freebox :
Frame 2552: 590 bytes on wire (4720 bits), 590 bytes captured (4720 bits) on interface 0
Interface id: 0 (\Device\NPF_{03668E88-D7C6-4D21-A3FB-F9E1700F5EEF})
Interface name: \Device\NPF_{03668E88-D7C6-4D21-A3FB-F9E1700F5EEF}
Encapsulation type: Ethernet (1)
Arrival Time: Dec 31, 2018 14:50:19.475624000 Romance Standard Time
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1546264219.475624000 seconds
[Time delta from previous captured frame: 0.002212000 seconds]
[Time delta from previous displayed frame: 0.002212000 seconds]
[Time since reference or first frame: 788.115532000 seconds]
Frame Number: 2552
Frame Length: 590 bytes (4720 bits)
Capture Length: 590 bytes (4720 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ethertype:ip:udp:bootp]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: FreeboxS_61:df:42 (34:27:92:61:df:42), Dst: Vmware_50:3b:8a (00:0c:29:50:3b:8a)
Destination: Vmware_50:3b:8a (00:0c:29:50:3b:8a)
Address: Vmware_50:3b:8a (00:0c:29:50:3b:8a)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Source: FreeboxS_61:df:42 (34:27:92:61:df:42)
Address: FreeboxS_61:df:42 (34:27:92:61:df:42)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Type: IPv4 (0x0800)
Internet Protocol Version 4, Src: 82.64.83.254, Dst: 82.64.83.8
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
0000 00.. = Differentiated Services Codepoint: Default (0)
.... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
Total Length: 576
Identification: 0x0000 (0)
Flags: 0x4000, Don't fragment
0... .... .... .... = Reserved bit: Not set
.1.. .... .... .... = Don't fragment: Set
..0. .... .... .... = More fragments: Not set
...0 0000 0000 0000 = Fragment offset: 0
Time to live: 64
Protocol: UDP (17)
Header checksum: 0xed26 [validation disabled]
[Header checksum status: Unverified]
Source: 82.64.83.254
Destination: 82.64.83.8
User Datagram Protocol, Src Port: 67, Dst Port: 68
Source Port: 67
Destination Port: 68
Length: 556
[Checksum: [missing]]
[Checksum Status: Not present]
[Stream index: 1]
Bootstrap Protocol (ACK)
Message type: Boot Reply (2)
Hardware type: Ethernet (0x01)
Hardware address length: 6
Hops: 0
Transaction ID: 0x02f12938
Seconds elapsed: 0
Bootp flags: 0x0000 (Unicast)
0... .... .... .... = Broadcast flag: Unicast
.000 0000 0000 0000 = Reserved flags: 0x0000
Client IP address: 82.64.83.8
Your (client) IP address: 82.64.83.8
Next server IP address: 82.64.83.254
Relay agent IP address: 0.0.0.0
Client MAC address: Vmware_50:3b:8a (00:0c:29:50:3b:8a)
Client hardware address padding: 00000000000000000000
Server host name not given
Boot file name not given
Magic cookie: DHCP
Option: (53) DHCP Message Type (ACK)
Length: 1
DHCP: ACK (5)
Option: (54) DHCP Server Identifier
Length: 4
DHCP Server Identifier: 82.64.83.254
Option: (58) Renewal Time Value
Length: 4
Renewal Time Value: (302400s) 3 days, 12 hours
Option: (59) Rebinding Time Value
Length: 4
Rebinding Time Value: (526176s) 6 days, 2 hours, 9 minutes, 36 seconds
Option: (51) IP Address Lease Time
Length: 4
IP Address Lease Time: (604800s) 7 days
Option: (1) Subnet Mask
Length: 4
Subnet Mask: 255.255.255.0
Option: (3) Router
Length: 4
Router: 82.64.83.254
Option: (6) Domain Name Server
Length: 4
Domain Name Server: 212.27.38.253
Option: (255) End
Option End: 255
Padding: 000000000000000000000000000000000000000000000000...
En tappant l'ip de serveur DNS fournie dans le DHCP ACK je tombe sur l'interface web de ma freebox.
Dans wireshark je vois beaucop de "Destination Unreachable" pour le dns lookup :
Quelqu'un sait-il ce qui ne va pas ?
Bug ?
Il faut configure autrement ?