After some network maintenance, my virtual pfSense firewall started to cause some major issues and parts of the network started to stop functioning. In the end, it came down to the following error message (arpresolve: can’t allocate llinfo for X.X.X.X on emX). Because this wasn’t the first time… it was time to do a proper blog post about this issue.
In this post, I’m going to describe the issues and solution to get your network back up and running.
Here is an overview of my current environment where the problem occurred. I created a basic image of the setup:
Not very spectacular, just two routers/firewalls connected with a interconnect network and they use the BGP Routing Protocol. On both sides, you have a set of VLANs connected to the router with a trunk. A so-called router on a stick topology. The reason I use the BGP routing protocol is related to my daily job. The BGP Routing Protocol is kind of the preferred one for VMware NSX.
The problem started when… I upgraded my physical Cisco Firewall with new firmware and IOS. The interconnect network between pfSense and the Cisco stopped working completely. At first, I wasted about 1.5 hours on the physical Cisco firewall instead of the pfSense appliance. Because it looked to me that the IOS update was causing issues.
I was completely wrong… the Cisco Firewall was running without any issues… but pfSense had developed a new feature…
When I looked in the pfSense interface and went to the “System Logs > System > General” there was a serious error message. The pfSense kernel reported the following issue (arpresolve: can’t allocate llinfo for 192.168.80.253 on em8). Here is a screen capture of the message:
It was unable to learn any new ARP entries in the interconnect network. This was causing the Cisco ASA & pfSense appliance to not form a BGP relationship.
In the case of sending a simple ping, it was not possible. Here is a basic diagram of the issue. All networks on both sides are functioning but the two routers are not able to talk and exchange BGP routes.
In the end, there are two solutions available for solving the problem:
- Option 01: Restart the entire pfSense appliance > Problem solved!
- Option 02: Deactivate interface and activate interface:
- Connect with Putty to the pfSense appliance.
- Activate the shell.
- Deactivate interface (
- Activate interface (
- Problem solved!
The root cause is not completely clear to me… In total, I encountered this issue for about ten times. This is what I figured out so far:
- The problem occurred for the first time after installing the package OpenBGPd on pfSense.
- The ARP issue i
sonly triggered when BGP neighbour states change, not always but sometimes.
- The issue only occurs on the interconnect network… all other networks just work.
Anybody experiencing the same problems? Anybody who has a definitive solution? Please comment below :)!