@pablo: I'm also wondering if there's any chance that it could be related  to the modem giving itself a LAN IP of 192.168.100.1 and my LAN being 192.168.0.xx… Doubtful, as that describes my setup exactly. Cheers.

@Itwerx: Depending on your hardware and network configuration it's possible that there might be a more robust solution, but if it's just a single pfsense box with the multi-WAN being the only difference from a typical configuration, then yes, that should be fine. You're right i've a single pfsense box for 2 wan, 1 lan and 1 DMZ plus another ethernet card connected to another pfsense box which serves only as a proxy server. Why I decided to use a second machine just for the proxy? Simple, is an old PC and in this way i can solve the problem of squid in multi wan configuration.  ;)

The script you posted displays the IP address displayed by the web server myip.dnsomatic.com. It doesn't make sense to me that the public web server myip.dnsomatic.com receives a connection from a private IP address and returns a response to that private IP address. Something is wrong with this picture! Maybe your php command isn't executing the script you think it is. Do you get the same result if you specify the full path to the getip.php script in the php command? Maybe your DNS is returning a different IP address for myip.dnsomatic.com from what I get on my system. If the correct getip.php script is being executed then it would appear your system thinks myip.dnsomatic.com is on the pfSense's WAN subnet - your TP-LINK router trying to be helpful? What do you get from the shell command: ping -c 1 myip.dnsomatic.com On my system I see: $ ping -c 1 myip.dnsomatic.com PING updates.dnsomatic.com (208.69.38.210) 56(84) bytes of data. 64 bytes from 208.69.38.210: icmp_seq=1 ttl=50 time=204 ms –- updates.dnsomatic.com ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 204.111/204.111/204.111/0.000 ms $

2.0 has this, IIRC.

Any news on this topic? Just upgraded to version 1.2.3 and no luck.. my promised bounty from January 2007 didn't help :-) Are there hidden options possible or is this a myth? We need SLP support (Option 78/79)

I can state with confidence that pfSense's DHCP server is as I had hoped. Seems fully compliant and once a lease has expired it will, in a top down fashion, reassign a long expired IP address to a new MAC. Again, this was just a concern because I did have some high end appliances, (or alledgedly high end),  that simply would stop providing IP addresses once the IP database was full as all IPs in the range had been allocated even though they were expired. Go figure! Thanks! John

In order for that to happen, you would have had to make a firewall rule on the WAN side to allow that traffic in to the pfSense box. So the fix would be to remove those rules, or fix any overly permissive WAN rules you have. A screenshot of your WAN rules page would help more if you can provide one.

Now i have another strange problem. When i disconnect the cable from lan i dont get any ip from dchp on any of the other 4 ports. Is there a way to fix this os is it a bugg?

Damn.. you know what.. they are. LAN and OPT1 are connected to a switch.. guess i should put the tesbed switch into the OPT1 interface directly. cheers Hotliner

I don't understand what you mean by "I have a static IP client who need DYNDNS". Please give more details.

Eh.  Doesn't matter any more.  I decided to not push my pfSense boxes and instead bought some L3 switches (Dell PowerConnect 6248) for each of my racks.  LAN routing & DHCP relaying is now being handled by them.

Here's a basic setup in pfSense: Go go Services and then Dynamic DNS. Check the "Enable" checkbox in the Dynamic DNS header.   Service Type: DNS-O-Matic   Hostname: all.dnsomatic.com   MX: <leave blank="">Wildcard: Check   Username: <your dns-o-matic="" username="">Password:</your></leave> Click save. See the DNS-O-Matic documentation for more details. A DynDNS tip If you have multiple hostnames mapped to the same IP address with DynDNS and you're using DNS-O-Matic to keep them up to date, list all of the hostnames as a comma-separated list in the host field of a single service entry in DNS-O-Matic. For example, create a single DynDNS service entry in DNS-O-Matic, enter your DynDNS username and password, and then your list of hosts: myhost1.homeip.net,myhost2.dyndns.net,myhost3.dyndns.net. I have found this to be much more reliable than creating a separate service entry for each hostname because it updates all of those hosts at once instead of one at a time. This is specific to the DynDNS update API.

Unfortunately you have not provided much information to work with. Please elaborate on "internet disconnected". For example, complete the sentence "I did … and I saw ... but I expected to see ...". That might help narrow the problem field a little.

The scheduled rules approach should work. That said, if you want to continue using your cron method your best option is to killall -9 dhcpd before restarting it, that way it won't ever be running when you run it from cron.