I've been banging my head on this problem and want to know if anyone else has any ideas.
PRETTY_NAME="FreeBSD 13.1-RELEASE-p5"
So I have 2 problems that may or may not be related and I have a FreeBSD bare metal server in Dallas and clients FreeBSD/Dell r720 Debain/r620 in the office.
I'll start with the ssh symptoms first since they are pretty reproducible and I have rebooted both the FreeBSD server and the FreeBSD client in the office.
I can't ssh from the FreeBSD client to the server directly but I have a VM on the server with ipfw forwarding port 55522 on the server to the VM on port 22 and I can ssh directly to that.
It doesn't seem to be a DNS issue as ssh directly by IP address doesn't work either.
I can connect from the FreeBSD client to the Debian machine in the same office and the Debian machine can ssh directly to the FreeBSD server.
Running a second sshd damon on the server port 62222 on the server ssh from FreeBSD client does not work but ssh from the Debian machine does work.
I have a ip dectection daemon running on the server (to assist with DDNS) and running the ipdect client on the FreeBSD client works eg socket connection in perl works.
I wonder if I should enable packet reassembly in the ipfw rules? I'll include an edited version of ipfw.rules below.
The other strange thing is I can access most sites on the internet including google.com and my own mail server (the vm on the FreeBSD server) but not mail.google.com which hangs on loading accounts.google.com. I have purged all my history. Nightly/LibreWolf also doesn't work with accounts.google.com but if I enable tor socks 127.0.0.1 :9050 I am able to use gmail normally. I did have bind running as a caching name server on the client as well as dnsmasq on 127.0.0.1 to handle /etc/hosts and it worked great for several months, and when this problem started I had made no changes. I have tried disabling dnsmasq and now running bind with resolvconf disabled and resolv.conf nameserver set to 127.0.0.1 and nslookups work well.
Both of these issues started at the same time. I work in networking and have been running FreeBSD for 25 years but am at a loss as to where to go from here, any ideas?
SJohn
PRETTY_NAME="FreeBSD 13.1-RELEASE-p5"
So I have 2 problems that may or may not be related and I have a FreeBSD bare metal server in Dallas and clients FreeBSD/Dell r720 Debain/r620 in the office.
I'll start with the ssh symptoms first since they are pretty reproducible and I have rebooted both the FreeBSD server and the FreeBSD client in the office.
I can't ssh from the FreeBSD client to the server directly but I have a VM on the server with ipfw forwarding port 55522 on the server to the VM on port 22 and I can ssh directly to that.
It doesn't seem to be a DNS issue as ssh directly by IP address doesn't work either.
I can connect from the FreeBSD client to the Debian machine in the same office and the Debian machine can ssh directly to the FreeBSD server.
Running a second sshd damon on the server port 62222 on the server ssh from FreeBSD client does not work but ssh from the Debian machine does work.
I have a ip dectection daemon running on the server (to assist with DDNS) and running the ipdect client on the FreeBSD client works eg socket connection in perl works.
I wonder if I should enable packet reassembly in the ipfw rules? I'll include an edited version of ipfw.rules below.
The other strange thing is I can access most sites on the internet including google.com and my own mail server (the vm on the FreeBSD server) but not mail.google.com which hangs on loading accounts.google.com. I have purged all my history. Nightly/LibreWolf also doesn't work with accounts.google.com but if I enable tor socks 127.0.0.1 :9050 I am able to use gmail normally. I did have bind running as a caching name server on the client as well as dnsmasq on 127.0.0.1 to handle /etc/hosts and it worked great for several months, and when this problem started I had made no changes. I have tried disabling dnsmasq and now running bind with resolvconf disabled and resolv.conf nameserver set to 127.0.0.1 and nslookups work well.
Both of these issues started at the same time. I work in networking and have been running FreeBSD for 25 years but am at a loss as to where to go from here, any ideas?
SJohn