pfSense router does not receive IP adress from ISP

Schmeling

@johnpoz said in pfSense router does not receive IP adress from ISP:

Schmeling this seems to be same problem

https://forum.netgate.com/topic/142695/dhclient-doesn-t-work-after-boot-up-for-wan-conected-to-modem

Setting Timeout = 900 as pr. the other post does nothing. Behavior is exactly the same.

The aprox. boot up time for the ISP fiber modem is only 90 seconds.

stephenw10

It's a timing issue. If the modem brings down the link during it's boot process pfSense will not start the dhclient on it. Normally the client would start as soon as the link comes back up but if that is while pfSense is still booting it will ignore the link-up event.

Edit /boot/loader.conf and set autoboot_delay to something larger so that the modem has brought the link up by the time pfSense tries to start the dhclient.
If that works create the loader entry in /boot/loader.conf.local so it never gets overwritten.

Steve

Gertjan

@stephenw10 said in pfSense router does not receive IP adress from ISP:

If the modem brings down the link during it's boot process pfSense will not start the dhclient on it

I presume that pfSEnse is up and running at that moment.
A down event doesn't produce any dhclient activity, that's ... understandable.
If the ISP router brings down (de activates) it's LAN interface, - presuming its booting or at the end of the boot prcoess, then this will be followed by an activation == UP event. As pfSense is still on hold, and has activated the (WAN) link on his side, this will be detected and a dhclient exchange will (should) happen.

@stephenw10 said in pfSense router does not receive IP adress from ISP:

Normally the client would start as soon as the link comes back up but if that is while pfSense is still booting it will ignore the link-up event.

In this case, I presume the ISP router is up and ready, and has its LAN interface activated.
pfSense boots, activates the WAN, and if the link is up, this will (should) fire up a dhclient event right away.
This is exactly what happens when we reboot pfSense - while the ISP router is 'untouched'.

stephenw10

But when both are rebooted simultaneously, like if there's a power outage, then you can hit this issue.

Schmeling

@stephenw10 said in pfSense router does not receive IP adress from ISP:

But when both are rebooted simultaneously, like if there's a power outage, then you can hit this issue.

This is exactly my problem. Power outages are not uncommon where I live, which is exactly why this is a problem for me. I have a public IP, with ports open and if the power goes, and the router cant get an IP address, I'm screwed.

I'm assuming, that I just connect with ssh/Putty chose shell in the menu and use VI to edit the file, and as far as I can see right now, the autoboot_delay =3 is that in seconds? Second I do not seem to be able to find the file loader.conf.local in the boot directory. Am I looking in the wrong place?

stephenw10

Yes, or you can edit the file in gui in Diag > Edit File. Or use the easy editor (ee) in the gui if you're not familiar with vi.

Yes the default delay is 3 seconds. I'd try 30 seconds and see if that fixes it.
You will see in the boot logs if it doesn't, it reports /rc.linkup: Ignoring link event during boot sequence.

Yes, you need to create /boot/loader.conf.local

Steve

viragomann

@Schmeling
Yes, the delay time is in seconds.

The /boot/loader.conf.local doesn't exist out of the box. You have to create it.
Just enter in the shell

echo "autoboot_delay=\"30\"" >> /boot/loader.conf.local

to create it and enter the option for 30 s delay.

Schmeling

I just tested with autoboot_delay=80 and cut the power. The bootup actually worked, but when I open loader.conf with vim, the delay is back at 3. Is this expected behaviour and was the value of 80 even used?

When trying: echo "autoboot_delay="30"" >> /boot/loader.conf.local I get: Unmatched '"'.

johnpoz

@Schmeling you would have to create the loader.conf.local file

You need the \ in there to escape those " etc..

bingo600

I have encountered excactly this issue too, on power outage.
If the Wan Etherlink isn't up at pfSense boot time, pfSense never retry to get a DHCP ip address.
Disconnecting the WAN or reboot pfSense would solve it ... But my summerhouse is in Sweden

I had to put a "fast booting" switch between the pfSense Wan & ISP Ether.

Nice to see there is a "better" solution

Even though i still think pfSense should keep retrying, instead of just "give up".

/Bingo

pwood999

What if you give PfSense WAN a static IP in the ISP router subnet ? Then there should be no DHCP issues..

bingo600

@pwood999 said in pfSense router does not receive IP adress from ISP:

What if you give PfSense WAN a static IP in the ISP router subnet ? Then there should be no DHCP issues..

That would work too.

But at least where i live, there aren't many ISP's that offer a static IP. ... (For home use)
They often use pure DHCP , or "MAC Locked DHCP"

/Bingo

pwood999

@bingo600 Surely if the ISP router gives you a 192.168.10.x /24 address, then it's doing NAT to a public IP on the ISP WAN side ?

Gertjan

@Schmeling said in pfSense router does not receive IP adress from ISP:

When trying: echo "autoboot_delay="30"" >> /boot/loader.conf.local I get: Unmatched '"'.

[23.05.1-RELEASE][root@pfSense.bhf.net]/root: echo 'autoboot_delay="30"' >> /boot/loader.conf.local
[23.05.1-RELEASE][root@pfSense.bhf.net]/root: cat /boot/loader.conf.local
....
autoboot_delay="30"

@pwood999 said in pfSense router does not receive IP adress from ISP:

What if you give PfSense WAN a static IP in the ISP router subnet ? Then there should be no DHCP issues..

Depends.
Who/where is de DHCP server ?
Is it the ISP router ? In that case, a RFC1918 will be obtained, and a static setup for IPv4 can be used.

If the ISP router isn't a router at all, but some sort of device that behaves like a modem, then the situation becomes a bit more complex.
This type of device can, in the early boot phase, activate the LAN asap, use their on board DHCP server to hand out RFC1918 to the (only ! - must be a router) LAN based device.
This lease obtained isn't use for routing at all, just so the user can access its GUI to change the modem's settings. As soon as the ISP modem WAN side has a good working connection, it toggles the LAN side (up => down => up) and this will signal pfSense to restart its DHCP client - forcing it to redo the lease. This time, the ISP modem device is 'transparent' and the request will be send over the line to the ISP DHCP server. This one will hand over a lease that can be used to route, as it will contain a 'real' WAN IP, a usable gateway etc.

@Schmeling : can you tell us what you use ?

Schmeling

@stephenw10

Thanks. The "edit file" option in the GUI was very easy, and then I can disable ssh as well.

I edited /boot/loader.conf / autoboot_delay=80 and /boot/loader.conf.local / autoboot_delay=80 and tested. This seems to fix the problem and I even had a chance to do a firmware upgrade top 2.7. The changes in /boot/loader.conf.local persisted even after the firmware upgrade, so this seems like a real permanent solution.

Just one question: the changes in /boot/loader.conf reverted back to 3 seconds after first reboot/powercut. I'm assuming this is expected behavior and that the autoboot_delay in loader.conf is overruled by autoboot_delay in loader.conf.local. Am I correct here?

Gertjan

@Schmeling said in pfSense router does not receive IP adress from ISP:

Just one question: the changes in /boot/loader.conf reverted back to 3 seconds after first reboot/powercut. I'm assuming this is expected behavior and that the autoboot_delay in loader.conf is overruled by autoboot_delay in loader.conf.local. Am I correct here?

Answer : yes.
Long story short :
During pfSense boot,
/etc/rc.boot is called, and calls the function console_configure in /etc/inc/pgsense-utils.inc
Which calls the function setup_loader_settings() in the same file.
Which, amongst others, set "$data[] = 'autoboot_delay="3"';" and writes that out to /boot/loader.conf

Overriding it is possible, but the suage of /boot/laoder.conf.local will be needed.

stephenw10

You probably don't need as much as 80s, some tuning/testing required but might save you some frustration at reboot.

bingo600

@pwood999 said in pfSense router does not receive IP adress from ISP:

@bingo600 Surely if the ISP router gives you a 192.168.10.x /24 address, then it's doing NAT to a public IP on the ISP WAN side ?

I would always avoid an ISP router and get a pure L2 (modem) if possible.

/Bingo

Schmeling

@stephenw10

No you are right. I might be able to shave 30-50 seconds off, but still the Icotera fiber modem starts very slowly, and I'd rather have confidence in the bootup process after a powercut, by sacrificing a few seconds ;-)

Thank you for all the help with getting this to work.

Gertjan

@bingo600 said in pfSense router does not receive IP adress from ISP:

I would always avoid an ISP router and get a pure L2 (modem) if possible.

I fully agree.

This is also often true :

@Schmeling said in pfSense router does not receive IP adress from ISP:

but still the xxxx fiber (cable, whatever) modem starts very slowly

That said, my ISP router 'the biggest ISP Box in France = The Livebox 6 from the ISP Orange, 6 takes 110 seconds from power on to idle.

Not an easy one to replace, my Netgate 4100 has two FTP slots where I can slide in fibre optical transceivers, but the connection to the ISP Orange is not straight forward. Added to that : it also passes 'TV' network traffic and phone traffic.