Hi, Yeah same error here. always had that error but never payed attention to it since I didn't need DHCP on opt2 interface (only happens when I click on that tab in "DHCP server". The error from lighttpd: 2009-05-19 19:23:43: (mod_fastcgi.c.2462) unexpected end-of-file (perhaps the fastcgi process died): pid: 561 socket: unix:/tmp/php-fastcgi.socket-1 2009-05-19 19:23:43: (mod_fastcgi.c.3254) response not received, request sent: 950 on socket: unix:/tmp/php-fastcgi.socket-1 for /services_dhcp.php , closing connection 2009-05-19 19:23:44: (mod_fastcgi.c.2462) unexpected end-of-file (perhaps the fastcgi process died): pid: 557 socket: unix:/tmp/php-fastcgi.socket-0 2009-05-19 19:23:44: (mod_fastcgi.c.3254) response not received, request sent: 950 on socket: unix:/tmp/php-fastcgi.socket-0 for /services_dhcp.php , closing connection I haven't got a clue where to continue now…

@Assar: Suppose the user did not disable the wireless interface on laptop when physically connected. This would in that case result in two interfaces with same address. Is this desirable? DHCPD won't let that happen. It will check first to see if the address is actually in use, and if so, assign a different address. With ISC DHCPD, which pfSense uses, static DHCP reservations are not absolute. They are more of a preference. That's the reason you can't assign static addresses inside of your DHCP pool: That IP could end up assigned to another machine if the machine with the reservation was powered off.

@GruensFroeschli: You actually get a message when you change the IP on the LAN interface. Although not on the various OPT interface. Nice! Did not try to change the LAN interface since it's frequently used. Is this feature addable to other obscure interfaces to?

I've run into this wall as well.  My topology is internet –-- soekris/pfsense --192.168.0.1/30-- cisco 2621 ---- cisco 2950                                                                                      192.168.2.0/24                                                                                               |                                                                                               |                                                                                        Wireless AP                                                                                      192.168.2.0/24 The AP doesn't route, it just acts as a bridge.  I have the AP serving DHCP to the wireless segment.  Before I switched from openbsd to pfsense I had the 2621 relaying dhcp requests to my soekris box, but now I have to use the 2621 for DHCP duty.  The obvious question of course is "why is the 2621 there?".  it's a lab device and connects to a number of other cisco routers that are irrelevant to the production network topology.  the main reason it's there is so I can see how different things react to real production traffic since you can only learn so much in a lab environment. Any Cisco router is going to support the "ip helper-address" directive to relay DHCP, so it would be nice if pfsense could handle serving arbitrary subnets with DHCP.  Firewalls are rarely on the same physical subnet as workstations.  it's easy enough to do with BSD's DHCPD daemon, it doesn't care what subnets you put into it.  Maybe just an "allow arbitrary subnets" checkbox if you want to keep the same "you're using the wrong subnet, guy" logic it has in there now. To respond the the above comment...  When you do things that aren't completely standard, you just need to do it intelligently.  Thats why there are so many options for DHCP.  I use an ACL and address exclusions to handle having 2 DHCP servers on the same subnet, and it works wonderfully.  Each server has a chunk of the subnet it can assign to users.  The 2621 won't get any requests from the wireless network, and the ACL blocks the AP from getting requests from the wired network.  Everybody wins. on the 2621: ip dhcp excluded-address 192.168.2.0 192.168.2.10 ip dhcp excluded-address 192.168.2.120 192.168.2.254 ! ip dhcp pool wishbone   network 192.168.2.0 255.255.255.0   default-router 192.168.2.1   domain-name iggdawg.com   dns-server 192.168.0.1 on the AP: ip dhcp excluded-address 192.168.2.1 192.168.2.127 ip dhcp excluded-address 192.168.2.165 192.168.2.254 ! ip dhcp pool wishbone   network 192.168.2.0 255.255.255.0   default-router 192.168.2.1   domain-name iggdawg.com   dns-server 192.168.0.1 interface FastEthernet0 no ip address ip access-group Deny_DHCP in ---- snipping other interface config directives ---- ip access-list extended Deny_DHCP deny  udp any any eq bootpc deny  udp any any eq bootps permit ip any any

Thank you very much I did not know that fit123 exists I will try it!

Hi, Thanks for the reply. I had turned off the DHCP server in the GUI and DHCP was not show in the services tab. I can state however that this issue is not with pfSense or Squid. I have traced a mobile user who's laptop had the Alureon malware infection, this took over DHCP services on the network and happened to display the Gateway and DHCP server as being the pfSense boxes LAN IP address.  He happened to be at their head office today. Whilst the following is OT it might just help someone. In case anyone else has a similar issue here's how I traced it. 1. Disconnected servers and pfSense box from switch. 2. Connected laptop to master switch and it was assigned an IP (it shouldn't be) 3. Removed the 3 cascaded switches from the master and tried my laptop on each switch. 4. Laptop received an IP on switch #2. 5. In turn, removed each connection from switch #2 and repaired the laptops network connection. 6. Repeat until no IP is received, plug in the last removed connection and re-test. 7. Trace that connection to the patch panel and find out who's connection that is. 8. Leave that user un-plugged and re-patch all the other cables. 9. Reinstate that perfectly working pfSense box and sleep peacefully :D 10. Can't sleep, have a users machine to clean !!!  DoH!!! Thanks again Andy Hodges

This is critically important to me and I am willing to bounty the issue! I NEED DNS resolver for internal DHCP and DNS Forwarder hostnames to STAY UP despite WAN outage.

I forgot to add that the forward lookups for the 172.16.0.XX hosts work correctly.

Are your LAN and WAN in different subnets? Are the clients configured with the correct default gateway?

windows firewall is OFF Antivirus OFF

Did you run the domain wizard first?

@GruensFroeschli: This raises the question: why do you want to use bridging in the first place when you dont want to connect one of the interfaces? Because the gateway will be delivered to a client, so currently he will not use PCs with cable, but nobody knows what will happen in the future, so I want a machine ready to be used with a switch, just plug and use :) Thanks to everybody for the comments ;), the loopback jack is cool.

Thank you Cry Havok. As you have suggested, I found out that my WAN side NIC (fxp1)  was acting up. When I moved the WAN interface to fxp2 the problem was resolved. Thanks again for help.

I made this: http://forum.pfsense.org/index.php/topic,15482.0.html I hope its not against the rules to make a new topic about it.

So gave up on finding a good script, (probably none exist since the XML is pfSense specific), and since I don't have time to write one myself just did bulk edits via spreadsheet, text editor and XML editor then pasted into /conf/config.xml.  Nothing blew up, seems to be fine.  Maybe put this in as a feature request?

Wanted to thank you for posting these instructions.  I modified them and got DNS Made Easy working.  For anyone who is trying to do this, here's what I did.  Keep in mind, this is my first try, so I'm sure there is a better way. First, edit /usr/local/www/services_dyndns.php Add the entries in bold below. $types = explode(",", "DynDNS (dynamic),DynDNS (static),DynDNS (custom),DHS,DyNS,easyDNS,No-IP,ODS.org,ZoneEdit,Loopia,freeDNS, DNS Made Easy"); $vals = explode(" ", "dyndns dyndns-static dyndns-custom dhs dyns easydns noip ods zoneedit loopia freedns dnsmadeeasy"); Next, edit /etc/inc/dyndns.class and add some entries (bolded) if ($this->_dnsService == 'dyndns' || $this->_dnsService == 'dyndns-static' || $this->_dnsService == 'dyndns-custom' || $this->_dnsService == 'dhs' || $this->_dnsService == 'noip' || $this->_dnsService == 'easydns' || $this->_dnsService == 'hn' || $this->_dnsService == 'zoneedit' || $this->_dnsService == 'dyns' || $this->_dnsService == 'ods' || $this->_dnsService == 'freedns' || $this->_dnsService == 'loopia' || $this->_dnsService == 'dnsmadeeasy' || $this->_dnsService == 'staticcling') Also make this change (same file).  I inserted it under the loopia entry. case 'loopia': $needsIP = TRUE; curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_USERPWD, $this->_dnsUser.':'.$this->_dnsPass); curl_setopt($ch, CURLOPT_URL, 'https://dns.loopia.se/XDynDNSServer/XDynDNS.php?hostname='.$this->_dnsHost.'&myip='.$this->_dnsIP); $data = curl_exec($ch); if (@curl_error($ch)) log_error("Curl error occurred: " . curl_error($ch)); curl_close($ch); $this->_checkStatus($data); break;                   **                                    case 'dnsmadeeasy':                                         $needsIP = TRUE;                                         $server = "https://www.dnsmadeeasy.com/servlet/updateip?"; curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);                                         curl_setopt($ch, CURLOPT_USERPWD, $this->_dnsUser.':'.$this->_dnsPass); curl_setopt($ch, CURLOPT_URL, $server.'username='.$this->_dnsUser.'&password='.$this->_dnsPass.'&id='.$this->_dnsHost.'&ip='.$this->_dnsIP);                                         $data = curl_exec($ch);                                         if (@curl_error($ch)) log_error("Curl error occurred: " . curl_error($ch));                                         curl_close($ch);                                         $this->_checkStatus($data);                                         break;** And this change (same file).  I put it under loopia again case 'loopia': if (preg_match("/nochg/i", $data)) { $status = "phpDynDNS: (Success) No Change In IP Address"; $successful_update = true; } else if (preg_match("/good/i", $data)) { $status = "phpDynDNS: (Success) IP Address Changed Successfully!"; $successful_update = true; } else if (preg_match('/badauth/i', $data)) { $status = "phpDynDNS: (Error) User Authorization Failed"; } else { $status = "phpDynDNS: (Unknown Response)"; log_error("phpDynDNS: PAYLOAD: {$data}"); $this->_debug($data); } break; case 'dnsmadeeasy':                                         if (preg_match("/nochg/i", $data)) {                                                 $status = "phpDynDNS: (Success) No Change In IP Address";                                                 $successful_update = true;                                         } else if (preg_match("/good/i", $data)) {                                                 $status = "phpDynDNS: (Success) IP Address Changed Successfully!";                                                 $successful_update = true;                                         } else if (preg_match('/badauth/i', $data)) {                                                 $status = "phpDynDNS: (Error) User Authorization Failed";                                         } else {                                                 $status = "phpDynDNS: (Unknown Response)";                                                 log_error("phpDynDNS: PAYLOAD: {$data}");                                                 $this->_debug($data);                                         }                                         break; Reload the web configurator and DNS Made Easy will now be listed.  In the hostname, put your Record ID in the HostName field for the particular record you want updated.  Mine is a 7 digit number, so I suspect that is the standard for them. Put in your username and password in the corresponding fields and you should be good.

@pfman: I had same problem ….. pfSense DHCP remembers all leased IPs and won't releases them even though 1 machine have several leases . I changed the IP range, save it then put the old IP range back, save it again. That resolves my problem till next time  the DHCP runs out of IP again. Do i understand this correctly, if many PC have several leases and every ip is used there will be no more leases until i do whats described here.