Certainly nothing on the pfSense box. Completely wrong forum.

wifi routers being used as AP rarely support dhcp on the lan interface..  But sure if they support dhcp then he could create reservations - but they would still be outside the pool, reservations with pfsense dhcp server are always outside the pool.

Just an update on this, the password had nothing to do with it.  In fact I feel like an idiot, as the problem was a conflicting IP address.  I thought I changed the IP of the old router away from the new one, once done I changed the PfSense WAN1 IP.  Neither reported an issue, no logs on the PfSense end showed this either.  It has now been up and running for the past 4-5 hours without failing.

That's just dressing. You're vain. There 's no way to change this order at GUI. However, you can change it in the configuration file: Go to Diagnostic > Backup/Restore and backup the interfaces area. Open the xml file in your text editor and move the interfaces sections to your fit, save the file and re-import it. If you use CARP do the same on each machine!

Sigh. I'm merely suggesting proven tools designed for the purpose and providing pretty much realtime information. Javascript dashboard gimmick refreshed every X seconds is not one of them, not to mention that they - as you have already noticed - heavily affect the system resources.

@bl00d666: fyi i am on 2.2.2 but the alx module is still missing. something to do with the cut before the rc of pfsense or something. So to be clear, 2.2.2 does not detect your ar8171? alc is the proper driver for that chip, not alx. I've raised a bug in redmine asking to update alc(4), if it's not already in place for the 2.2.3 release. https://redmine.pfsense.org/issues/4725 [edit] Looks like that will not be included until 2.3, unless someone submits a patch, but r273366 should drop right in.

Sweet, i have been waiting for this fix as well. Glad it was noted as a bug. Its been an issue for a while like it says in the bug post. Really happy that a fix will make it to the next stable point release.

Ugh, I did save a copy before removing it from /var/dhcpd/var/db, by copying it to /tmp. As part of trying to get everything fixed (shotgun killing dhcpd processes), I wound up in a state where check_reload_status was spinning so I rebooted the firewall… forgetting that /tmp gets cleaned up on reboot :-( So I've managed to lose the evidence from this incident. If it recurs, I'll make sure I get a copy saved before I reboot. Thanks! Tim

What are the rules you put on your opt interfaces that are you vlans - can you post your vlan setup in pfsense. So for example here are 2 vlans I have in pfsense that are connected to my em2 physical interface.  So your saying if you plug a device on your switch that is in vlan 10 you get IP from dhcp for that vlan, and if you put in switch port for 20 you get IP from that vlan pool. Can you ping the pfsense IP you put on that vlan?  So for example mine are 192.168.4.253 and 192.168.5.253.. Devices on those vlans can ping pfsense IP address on that vlan.  Pinging pfsense IP address on your lan segment would depend on your firewall rules.  Well for that matter even pinging pfsense IP in that vlan would depend on your firewall rules.  Please post up your vlan configuration, the ips of your pf interfaces in those vlans.  Your firewall rules for those vlans and ipconfig from clients in those segments. Your using just /24 for your masks right? [image: vlanspfsense.png] [image: vlanspfsense.png_thumb]

you sniff on pfsense under diag, packet capture. And your floating tab is empty? I see your blocking bogon - is it possible your source of dns traffic would be in bogon?

There has never been a problem when the dongle loses and later finds the signal (other than that I have to manually reconnect because pfSense doesn't do that automatically). My problem only exists when my ISP decides it's time to change the IP.

@jqueiroz: No, the time on the internal time server is correct. This server is my internal network's official NTP server. It was the HV2012 host that was out-of-sync… The good news is that the pfsense's problem is solved; the bad is that now I have to fix time sync in 4 HV2012 hosts. :( Glad you figured it out … Yes, time sync in VMs can be a minefield

Thanks for everything Derelict, i´ve solved my problem, it had the DNS resolver activated (by default) and the DNS forwarder too (activated by me) which is what i actually needed. Now everything is running normally.

http://www.openbsd.org/faq/pf/tables.html "A table is used to hold a group of IPv4 and/or IPv6 addresses. Lookups against a table are very fast and consume less memory and processor time than lists. For this reason, a table is ideal for holding a large group of addresses as the lookup time on a table holding 50,000 addresses is only slightly more than for one holding 50 addresses. Tables can be used in the following ways: source and/or destination address in rules.     translation and redirection addresses nat-to and rdr-to rule options, respectively.     destination address in route-to, reply-to, and dup-to rule options. " So a quick google searching for "cannot define table bogons:" threw up this link. https://forum.pfsense.org/index.php?topic=90838.0 Might be worth a go although an error message saying it cant create what is in effect a memory table might suggest not enough ram perhaps or something being loaded out of order perhaps? Do you see the same problem in a different version of pfsense? Seems to be a similar problem, http://www.reddit.com/r/PFSENSE/related/30r784/cannot_define_table_bogons_error_frustrating_me/.compact Might also be relevant https://208.123.73.68/index.php?topic=3353.0 http://comments.gmane.org/gmane.comp.security.firewalls.pfsense.general/270

@doktornotor: @johnpoz: If the device is in standby/sleep why would it send out a dhcprequest is the question I would have. This is not really any suspend-to-disk/ram hibernation. The only thing "hibernating" are the HDDs which are spun down. Now, look at this: # ps ax | grep dhclient 4606 ?        Ss    0:00 /usr/sbin/dhclient -4 -d -q -lf /etc/dhclient/ipv4/dhcpv4.leases.eth0 -pf /etc/dhclient/ipv4/dhcpcd-eth0.pid eth0 5551 ?        Ss    0:00 /usr/sbin/dhclient -6 -pf /tmp/dhclient6-eth0.pid -lf /etc/dhclient/ipv6/dhcpv6.lease.eth0 -cf /etc/dhclient/ipv6/dhcpv6.conf.eth0 -nw eth0 Those dhcpv[46].lease.eth? files have stuff like this: lease {   interface "eth0";   fixed-address 192.168.1.10;   option subnet-mask 255.255.255.0;   option routers 192.168.1.1;   option dhcp-lease-time 7200;   option dhcp-message-type 5;   option domain-name-servers 192.168.1.1;   option dhcp-server-identifier 192.168.1.1;   option host-name "DiskStation";   option domain-name "example.com";   renew 2 2015/05/19 19:46:58;   rebind 2 2015/05/19 20:35:47;   expire 2 2015/05/19 20:50:47; } This is just stupid. There's /tmp which is on tmpfs (ramdisk). Now, the lease file is on /etc instead, which is a HDD. Of course, when the lease is renewed, the HDD needs to spin up to write to the file. Tell Synology to move their temporary dhcpv[46].lease.eth? shit to /tmp when people enable "hibernation" – and it won't wake up HDDs from hibernation.  ::) This is a good catch. Thanked.

True, But if the LAN device is FTPing to another box on the LAN then it never hits pfSense and its not going to get mirrored to SO… The nice thing about SO is that it can be setup in a distributed format in a Network... I have it currently monitoring pfSense LAN, MS AD Server, and MS File/Print Servers at different locations all tied together into one Master SO Server.  :)