1. Home
  2. Categories

Categories

  • 439
    Topics
    1.4k
    Posts

    M

    Did a forum search and i couldnt find anything directly related to TNSR support for MC-LAG itself. Will TNSR support MC-LAG in the future. Thinking of ditching my Juniper MX204s in the colo.

  • 119.6k
    Topics
    757.4k
    Posts

    P

    HI All,
    Your assistance is greatly appreciated. I have observed a numbers of DHCP issues, of which mostly of them cannot be duplicated. Lately i have a new problem of which I do not know how to resolve it.

    I have a netgate 5100, running with firmware24.11, kea-DHCP. I believe these random disconnection occurred after I switched to Kea-DHCP. Most of the time, I ignored these connection issue.

    My network setup as follow, the main LAN 192.168.2.x, Camera VLAN20 192.168.20.x, IOT VLAN30 192.168.30.x. I have a synology server on VLAN20 and all the cameras on VLAN20 with ethernet connection. All the cameras and the synology server with reserved static IP under the VLAN20. VLAN20 setting as follow: subnet range 20.1 to 20.254, pool range 20.100 to 20-200. All the reserved static IP are in 20.20 to 20.60.

    Lately, I have power failure at home, after the power has been restored. I noticed the following:

    A numbers of cameras and the synolgy server cannot connected to the network, after a new days, all the cameras are back online, but the synology server still unable to connected to the network.
    The DHCP status showed it was down., I checked the server's power is on, I reboot the synology server and still not able to get connected.
    I reboot the netgate device, it is the same result.

    I took out the synology server static IP setting, and let the DHCP do the work, it was assigned with ip 20.100. I can connect to the service via a Mac on LAN 192.168.2.x. But all the cameras (192.168.20.x) lost the connection with the server. I can access to all the camera via the Mac on the main LAN.

    I put back the synolgy server on static IP, 192.168.20.20. I was no longer able to connect to it from the MAC.
    I saw the following DHCP log the the server:
    Apr 17 17:07:31 kea-dhcp4 25053 INFO [kea-dhcp4.dhcpsrv.0x1056a3015f00] EVAL_RESULT Expression pool_lan_0 evaluated to 1
    Apr 17 17:07:31 kea-dhcp4 25053 INFO [kea-dhcp4.dhcpsrv.0x1056a3015f00] EVAL_RESULT Expression pool_opt5_0 evaluated to 1
    Apr 17 17:07:31 kea-dhcp4 25053 INFO [kea-dhcp4.dhcpsrv.0x1056a3015f00] EVAL_RESULT Expression pool_opt6_0 evaluated to 1
    Apr 17 17:07:31 kea-dhcp4 25053 INFO [kea-dhcp4.dhcpsrv.0x1056a3015f00] EVAL_RESULT Expression pool_opt7_0 evaluated to 1
    Apr 17 17:07:31 kea-dhcp4 25053 INFO [kea-dhcp4.leases.0x1056a3015f00] DHCP4_LEASE_ADVERT [hwtype=1 00:11:32:1a:8a:d1], cid=[01:00:11:32:1a:8a:d1], tid=0xc089f941: lease 192.168.20.20 will be advertised
    Apr 17 17:07:34 kea-dhcp4 25053 INFO [kea-dhcp4.dhcpsrv.0x1056a3015f00] EVAL_RESULT Expression pool_lan_0 evaluated to 1
    Apr 17 17:07:34 kea-dhcp4 25053 INFO [kea-dhcp4.dhcpsrv.0x1056a3015f00] EVAL_RESULT Expression pool_opt5_0 evaluated to 1
    Apr 17 17:07:34 kea-dhcp4 25053 INFO [kea-dhcp4.dhcpsrv.0x1056a3015f00] EVAL_RESULT Expression pool_opt6_0 evaluated to 1
    Apr 17 17:07:34 kea-dhcp4 25053 INFO [kea-dhcp4.dhcpsrv.0x1056a3015f00] EVAL_RESULT Expression pool_opt7_0 evaluated to 1
    Apr 17 17:07:34 kea-dhcp4 25053 INFO [kea-dhcp4.leases.0x1056a3015f00] DHCP4_LEASE_ADVERT [hwtype=1 00:11:32:1a:8a:d1], cid=[01:00:11:32:1a:8a:d1], tid=0xc089f941: lease 192.168.20.20 will be advertised

    What does it mean?

    In addition, i saw the following as well

    Apr 27 23:46:51 kea-dhcp6 76271 WARN [kea-dhcp6.dhcp6.0x367760812000] DHCP6_MULTI_THREADING_INFO enabled: yes, number of threads: 4, queue size: 64
    Apr 27 23:47:02 kea-dhcp6 76271 WARN [kea-dhcp6.dhcpsrv.0x367760812000] DHCPSRV_MT_DISABLED_QUEUE_CONTROL disabling dhcp queue control when multi-threading is enabled.
    Apr 27 23:47:02 kea-dhcp6 76271 WARN [kea-dhcp6.dhcp6.0x367760812000] DHCP6_RESERVATIONS_LOOKUP_FIRST_ENABLED Multi-threading is enabled and host reservations lookup is always performed first.
    Apr 27 23:47:02 kea-dhcp4 62263 WARN [kea-dhcp4.dhcpsrv.0x3a889c212000] DHCPSRV_MT_DISABLED_QUEUE_CONTROL disabling dhcp queue control when multi-threading is enabled.
    Apr 27 23:47:02 kea-dhcp4 62263 WARN [kea-dhcp4.dhcp4.0x3a889c212000] DHCP4_RESERVATIONS_LOOKUP_FIRST_ENABLED Multi-threading is enabled and host reservations lookup is always performed first.
    Apr 27 23:47:02 kea-dhcp6 76271 WARN [kea-dhcp6.dhcpsrv.0x367760812000] DHCPSRV_NO_SOCKETS_OPEN no interface configured to listen to DHCP traffic

    The other random connection issue as follow:(not often, cannot duplicate, just observation)

    A wifi device connected to the network. It was working fine and suddenly the connection to the internet is lost a while then return.

    A PC connected to the network via a ethernet cable and was not able to get connected. ie cannot a ip address. or it is connected via wifi n took forever to get a ip address. (similar to the situation for the ethernet connected ip camera)

    I urgently needed to resolved the surveillance camera network connection problem. It was working fine, nothing has been modified, until the power failure.

  • Discussions about pfSense software packages

    Cache/Proxy IDS/IPS Traffic Monitoring pfBlockerNG UPS Tools ACME FRR Tailscale WireGuard
    20.1k
    Topics
    126.8k
    Posts

    S

    @rpm5099

    Thank you.

    I'm still very new to the concept, so please excuse my asking naive (aka stupid) questions:

    This looks to me like we look for three conditions to be fulfilled (plus the host match) and if they are fulfilled, we forward to the backend that matches the host. And if requirements are not met, we don't forward (because the Action part implies an AND operator). In other words, some backends can only be reached, if a websocket upgrade is requested.

    My situation is that I have a number of hosts and some require the websocket upgrade and others don't.

    Can't I just forward the connection request as is to a backend that matches the host (say, app1.example.com) and let the host deal with it, i.e. if the connection request contains a websocket upgrade request, either upgrade or not and if the connection request doesn't contain an upgrade request, don't upgrade.

    Why would I filter out certain requests to certain hosts?

    Sorry, if the answer is obvious... (to me it isn't).

    Thank you.

  • 42.5k
    Topics
    266.7k
    Posts

    V

    @tpf
    Eine FW-Regel für den Zugriff auf die private IP hast du?
    Die braucht es schon, denn das NAT geschieht vor der FW.

  • Information about hardware available from Netgate

    2.5k
    Topics
    20.1k
    Posts

    M

    Thank you for all of your input. Just to close my personl thread, I contacted NetGate support directly, they were very helpful.

    My original purchase was this, it was ONLY 10Gb/s:
    10Gtek ASF-10G-T80

    Then I got this (as recommended by NetGate support), and it also worked at 1Gb/s as well as 10Gb/s:
    10Gtek ASF-10G2-T

    So far it's working great.

  • Information about hardware available from Netgate

    44
    Topics
    211
    Posts

    AriKellyA

    It looks like unified web management could be coming soon. It would be great if it means easier control and management of all web services in one place. Let's see if any companies announce more details about it!

  • Feel free to talk about anything and everything here

    Forum Feedback Community Job Board
    3.5k
    Topics
    18.7k
    Posts

    L

    @JonathanLee Oh, yeah 😁 All the garbage truck drivers in the neighborhood know my son. They always wave and greet him.

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.