DCHP not sending router/gateway to endpoint after fresh install
-
Yes I captured it but I send it to you via private message because it contains the domains. This capture is from the pfsense interface without the gateway filled out.
-
@hispeed What does "Without the gateway filled out" mean? There is not a gateway set on the interface configuration itself?
A gateway should only be set on "WAN" or "Outside" interfaces. Are you saying the capture is on the "LAN" or "Inside" interface?
-
-
"Without the gateway filled out" -> This means I did not add 192.168.100.1 into the Gateway field in the DHCP Server on the LAN interface (other options). This means this field was empty.
Interface Lan it was always like this ( I never changed it for any test):
The capture was made on the pfsense with interfance "LAN". I disconected the VM and reconected it.
Info: IPv6 was deactivated I just activated for tests with IPv6.
-
I don't know if I recieve from this provider a gateway on the WAN interface. This is possible because my provider is special (Swisscom - Switzerland).
I also have to set DHCP Option 60 with VLAN 10 to recieve an IP address.
-
@hispeed Personally, I would leave IPv6 alone until you get IPv4 working but that might just be me.
-
@hispeed You don't have an IPv4 gateway there.
-
IPv4 is working fine when i add the pfsense gateway in the dhcp server on every interface.
-
@hispeed I would specifically set a gateway to be sent by the DHCP server on the 192.168.100.1 interface (set 192.168.100.1 there) and see if that corrects the inside DHCP. Then I would work on why you are not getting a gateway from the upstream DHCP server at the ISP.
-
@hispeed Did you mess about with anything here on the ISP interface?
-
Yes we have to use "Configuration Override" and add there:
interface "{interface}" {
send dhcp-class-identifier "100008,0001,,pfsense";
}The whole set up took me around 100h with testing and setting up, so its made with love and they do everything you will never use a pfsense or any other router which is not from them.
Nobody knows why and it would be better for Switzerland if you teach Swisscom how they need to set up the network. Make and keep it simple. This is also the reason why will go offline in the future and nobody can fix it :D.A friend will ask a friend tomorrow from the networking core team maybe I get an answer.
-
Since my OP, I've purchased a Netgate 4100.
On first boot. . .with only an endpoint plugged into LAN1. . .the macOS endpoint (Mac Mini) gets a DHCP-issued IP of 192.168.1.100 - and the Router/Gateway info is blank just like the image in the OP. It's exactly the same behavior as with the Protectli device in the OP. So it doesn't seem like it's the Protectli device.
Unplugged the Mac Mini and plugged in a MacBook Air via a USB-C adapter. Exactly the same result as above.
Unplugged the MacBook Air and plugged in a Windows 10 Pro desktop. Running ipconfig from the command prompt - for Default Gateway it gives me an IPv6 address and not an IPv4 address.
To clarify, this is a first-boot experience. No configuration at all.
Is this now expected behavior? Because this has never been my experience until v2.5.2. -
Interesting thread. I just tested on my 6100 running 22.05 snaps and traced the DHCP conversation with Wireshark. Definitely receiving opt 3 here. But this is a unit that's been through years of upgrades. Not a fresh install. I don't have time to pave and test right now but I have a new install scheduled in a couple of days with a 4100 and I'll be testing this for sure.
-
@luckman212
When you get your 4100, I'd love to see what your Mac's network preferences show you on first boot.With 2.5 and prior, first boot - with no WAN connected - always gave the Mac a local IP, subnet, & router. And after 2.5 it seems that there's no router info passed to macOS - at least not via IPv4. So it seems that something changed after v2.5.
This just-arrived 4100 is the only pfSense+ device I have on hand, so not really able to directly compare CE builds to pfSense+.
-
Update. After running the setup wizard and setting the WAN interface information, upon reboot it fills in the IP, subnet, and router information on the macOS endpoint as expected.
It seems that for v2.5 and prior, it wasn't necessary to configure the WAN for it to pass IPv4 router/gateway over the LAN via DHCP. It just showed up on first boot with no configuration. Then after 2.5 it seems to have changed.
Hmmmm.
-
I took a VM and wiped it and put 2.6.0 on and didn't touch the GUI at all. First boot I used the console to look at
dhcpd.confand it has the gateway in there. Used an Ubuntu client and it pulled an IP address including the proper gateway and it can get out.Tracing through the code the only way I can see it omitting the gateway on a fresh installation is if the firewall doesn't have any knowledge of its own upstream gateway.
If the upstream DHCP server does not send an IPv4 gateway, or if the WAN is down and has no gateway on it, pfSense thinks it's an endpoint and not a router, since that's the information it's been given.
The potential bug here is that it still defines an IPv6 gateway here when it maybe shouldn't.
IIRC this is the issue that resulted in that change in behavior:
https://redmine.pfsense.org/issues/5135If you manually define the gateway in DHCP or if you edit/save the gateway entry while it exists so it persists in the configuration then it will keep handing out a gateway even when the upstream doesn't send one.
-
@jimp Thanks. That makes sense. Just seems that it was a change for versions after 2.5. Now I know it's expected behavior going forward and will get sorted when the device is configured.
