Mac does not get DNS server address from DHCP
-
When I connect my Mac to my network running pfSense 2.6.0 (and before that 2.5.2) it does get an IP address but the DNS server address is not (re)set to the right server (the pfSense's address). It works with windows machines and iPads etc, and it works at work when I connect my Mac there. But when I get back home, the IP address is again updated correctly but the DNS from work sticks. Does that ring a bell for anyone who have experienced the same? Of course it does not have to be pfSense, but can also be the Mac. Any hint would be appreciated, since it is a nag to manually clear the server entry every day. If I clear the address in DNS settings for the interface on the mac, it becomes the correct one for my local network. It is as if the work DNS "sticks" to the network adapter.
-
@hoegge Do you have in the advance networks a DNS set?
-
@flat4 Yes that is set when I get back from work - to the DNS of the work network. When I clear that, it takes the pfSense address of my network. So the work DNS kind of sticks.
-
@hoegge So when you delete the unwanted DNS, you press ok go back to the main window and press apply. the mac is pulling a DHCP address from pfsense but when you go into the dns part of the there's no entry in the dns tab?
-
I'd check to make sure that your location is set to automatic, if you created other locations they will use parameters that you or some else set.
Think of it a profiles.
-
@flat4 I have never set it myself, but I have to clear it over and over again.
As soon as I clear the unwanted DNS in DNS settings, the connection is up and the right DNS is shown in grey in the list.
I have never used locations, so they are set to automatic. -
@hoegge said in Mac does not get DNS server address from DHCP:
I have never used locations, so they are set to automatic.
Are "Locations" like Profiles ?
Upfront : I'm not using a Mac, never used one, but I'm an iPhone users since day 1.
They told me that it was based on system X and that was the Mac OS back then.The DHCP client on my I devices take an IP, network, Gateway and DNS just fine.
On any network : pfSense, or any other ISP router. If that wouldn't work out of the box, a couple of billion would yell out over the Internet right now.I guess you've overridden ones your local DNS on your Mac, using some manual = static setting, and that got sticky. Now your Mac is outsmarting you, like :
If you connect to your local network, your Mac identifies the local network by the gateway's (pfSense) MAC address, and does what you told it to do, somewhere in the past => Assign a DNS, and reject what pfSense / DHCP was saying.
Delete your settings, profile ( ? ), reconnect, and default DHCP will kick in, using default behaviour, and the issue is gone. -
@gertjan Hi - no I have not overridden any settings. Unless, another DHCP server could do that to make DNS stick,but I doubt that is part of the protocol. Of course it could also be a MacOS bug. Dunno.
Some people have had the same experience:
https://apple.stackexchange.com/questions/377429/why-does-my-dns-server-not-update-when-i-switch-networks -
Been out for a while, in the article that you tagged it does mention that these folks are waking there macs from sleep. Are you doing the same or are you shutting down and powering on.
Have you tried the disable wifi and re-enable it to see if that grabs a the correct dns.
-
@flat4 said in Mac does not get DNS server address from DHCP:
Have you tried the disable wifi and re-enable it to see if that grabs a the correct dns.
This happens both on wifi and LAN - it does get the IP address and GW address, but not DNS. And it is only on my pfsense it happens, never when I go to other places.
-
@hoegge said in Mac does not get DNS server address from DHCP:
This happens both on wifi and LAN
Is this an 'Apple' device ?
Throw away the 'profile'.
Reconnect.
Now you'll see the IP, gateway, DNS etc.Or, just to convince yourself : snif the DHCP lease packets coming from pfSense. The DNS IP (one or more) was in there, it was just the device not taking/accepting it.
-
@gertjan
Thanks - what do you mean with "profile"? Network adapter?When I get home to my pfSense box, the DNS is stuck at what it was at the office:
then I can clear it by clicking the minus button and it reverts to the one delivered by pfSense:
At the office the DNS settings is not "set with solid" but greyed out and set by DHCP like the last image - just at their DNS: 192.168.0.1
Renewing DHCP does not change that. So somehow the DNS gets stuck, when I get back home to my own network.
-
Go back to the first screen when you open network. It will say Automatic.
You can do the pull down and create a new profile, call it whatever you like.I have a screenshot posted already.
After you create that profile setup the wifi and make sure that you can surf. reboot and test, it should stay on the profile you created but if it does not change it and see if it automatically connects.
What we are saying is that the automatically profile has corrupted when you are at home but it knows what to connect to at work. It Possible that its also not working for work but they (work) may assign static ip based on your mac address (sticky mac or dhcp reservation)
-
@hoegge said in Mac does not get DNS server address from DHCP:
Thanks - what do you mean with "profile"?
I only have i¨hones and iPads, no Apple PC's.
But, when connected to an Wifi SSID, I can select "Delete this connection".
This means, when I reconnect, I have to enter the wifi password again, if there is one, etc.
This is what I mean with "profile". -
@gertjan Ok. But then it is not related. It is not WiFi related, it is on ethernet wired connection.
-
These are my DHCP server settings on my PORTAL interface :
Note : no DNS IP is set, so pfSense uses the default, its LAN IP = 192.168.2.1, as unbound should listen on this interface.
A packet capture of the DHCP negotiation :
Result :
10:08:14.020638 d2:35:34:2e:b0:39 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: (tos 0x0, ttl 255, id 17090, offset 0, flags [none], proto UDP (17), length 328) 0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from d2:35:34:2e:b0:39, length 300, xid 0xfad3a52, Flags [none] (0x0000) Client-Ethernet-Address d2:35:34:xx:xx:39 Vendor-rfc1048 Extensions Magic Cookie 0x63825363 DHCP-Message Option 53, length 1: Request Parameter-Request Option 55, length 9: Subnet-Mask, Classless-Static-Route, Default-Gateway, Domain-Name-Server Domain-Name, Option 108, URL, Option 119 Option 252 MSZ Option 57, length 2: 1500 Client-ID Option 61, length 7: ether d2:35:34:2e:b0:39 Requested-IP Option 50, length 4: 192.168.2.5 Lease-Time Option 51, length 4: 7776000 10:08:14.021181 90:ec:77:29:39:2d > d2:35:34:2e:b0:39, ethertype IPv4 (0x0800), length 342: (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 328) 192.168.2.1.67 > 192.168.2.5.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, xid 0xfad3a52, Flags [none] (0x0000) Your-IP 192.168.2.5 Client-Ethernet-Address d2:35:34:xx:b0:39 Vendor-rfc1048 Extensions Magic Cookie 0x63825363 DHCP-Message Option 53, length 1: ACK Server-ID Option 54, length 4: 192.168.2.1 Lease-Time Option 51, length 4: 86398 Subnet-Mask Option 1, length 4: 255.255.255.0 Default-Gateway Option 3, length 4: 192.168.2.1 Domain-Name-Server Option 6, length 4: 192.168.2.1 Domain-Name Option 15, length 20: "a.b.c.d.net"
As you can see, my iPhone asks for a DNS :
Parameter-Request Option 55, length 9: Subnet-Mask, Classless-Static-Route, Default-Gateway, Domain-Name-Server
and it gets a DNS :
Domain-Name-Server Option 6, length 4: 192.168.2.1
Your turn ;)
-
-
-
-
@gertjan Thanks a lot for the detailed feedback. I will try that, as soon as I can. I have now experienced the same problem on a total other network, so this points at MacOs network as the problem. Will test and get back.
Thanks again