pfSense router does not receive IP adress from ISP

pwood999

@bingo600 Surely if the ISP router gives you a 192.168.10.x /24 address, then it's doing NAT to a public IP on the ISP WAN side ?

Gertjan

@Schmeling said in pfSense router does not receive IP adress from ISP:

When trying: echo "autoboot_delay="30"" >> /boot/loader.conf.local I get: Unmatched '"'.

[23.05.1-RELEASE][root@pfSense.bhf.net]/root: echo 'autoboot_delay="30"' >> /boot/loader.conf.local
[23.05.1-RELEASE][root@pfSense.bhf.net]/root: cat /boot/loader.conf.local
....
autoboot_delay="30"

@pwood999 said in pfSense router does not receive IP adress from ISP:

What if you give PfSense WAN a static IP in the ISP router subnet ? Then there should be no DHCP issues..

Depends.
Who/where is de DHCP server ?
Is it the ISP router ? In that case, a RFC1918 will be obtained, and a static setup for IPv4 can be used.

If the ISP router isn't a router at all, but some sort of device that behaves like a modem, then the situation becomes a bit more complex.
This type of device can, in the early boot phase, activate the LAN asap, use their on board DHCP server to hand out RFC1918 to the (only ! - must be a router) LAN based device.
This lease obtained isn't use for routing at all, just so the user can access its GUI to change the modem's settings. As soon as the ISP modem WAN side has a good working connection, it toggles the LAN side (up => down => up) and this will signal pfSense to restart its DHCP client - forcing it to redo the lease. This time, the ISP modem device is 'transparent' and the request will be send over the line to the ISP DHCP server. This one will hand over a lease that can be used to route, as it will contain a 'real' WAN IP, a usable gateway etc.

@Schmeling : can you tell us what you use ?

Schmeling

@stephenw10

Thanks. The "edit file" option in the GUI was very easy, and then I can disable ssh as well.

I edited /boot/loader.conf / autoboot_delay=80 and /boot/loader.conf.local / autoboot_delay=80 and tested. This seems to fix the problem and I even had a chance to do a firmware upgrade top 2.7. The changes in /boot/loader.conf.local persisted even after the firmware upgrade, so this seems like a real permanent solution.

Just one question: the changes in /boot/loader.conf reverted back to 3 seconds after first reboot/powercut. I'm assuming this is expected behavior and that the autoboot_delay in loader.conf is overruled by autoboot_delay in loader.conf.local. Am I correct here?

Gertjan

@Schmeling said in pfSense router does not receive IP adress from ISP:

Just one question: the changes in /boot/loader.conf reverted back to 3 seconds after first reboot/powercut. I'm assuming this is expected behavior and that the autoboot_delay in loader.conf is overruled by autoboot_delay in loader.conf.local. Am I correct here?

Answer : yes.
Long story short :
During pfSense boot,
/etc/rc.boot is called, and calls the function console_configure in /etc/inc/pgsense-utils.inc
Which calls the function setup_loader_settings() in the same file.
Which, amongst others, set "$data[] = 'autoboot_delay="3"';" and writes that out to /boot/loader.conf

Overriding it is possible, but the suage of /boot/laoder.conf.local will be needed.

stephenw10

You probably don't need as much as 80s, some tuning/testing required but might save you some frustration at reboot.

bingo600

@pwood999 said in pfSense router does not receive IP adress from ISP:

@bingo600 Surely if the ISP router gives you a 192.168.10.x /24 address, then it's doing NAT to a public IP on the ISP WAN side ?

I would always avoid an ISP router and get a pure L2 (modem) if possible.

/Bingo

Schmeling

@stephenw10

No you are right. I might be able to shave 30-50 seconds off, but still the Icotera fiber modem starts very slowly, and I'd rather have confidence in the bootup process after a powercut, by sacrificing a few seconds ;-)

Thank you for all the help with getting this to work.

Gertjan

@bingo600 said in pfSense router does not receive IP adress from ISP:

I would always avoid an ISP router and get a pure L2 (modem) if possible.

I fully agree.

This is also often true :

@Schmeling said in pfSense router does not receive IP adress from ISP:

but still the xxxx fiber (cable, whatever) modem starts very slowly

That said, my ISP router 'the biggest ISP Box in France = The Livebox 6 from the ISP Orange, 6 takes 110 seconds from power on to idle.

Not an easy one to replace, my Netgate 4100 has two FTP slots where I can slide in fibre optical transceivers, but the connection to the ISP Orange is not straight forward. Added to that : it also passes 'TV' network traffic and phone traffic.

Austin 0

@Schmeling I am curious. Do you not have a UPS, or are the power outages long enough to completely drain the battery on a UPS?

Schmeling

@Austin-0

Unfortunately I do not have a UPS at the moment, but I'm definitely getting one. I just moved to this place and since it is in the countryside, apparently power outs are more frequent. I have a few small servers also, and they are also suffering, so yes, I'm getting one asap. That being said, one of the power outs recently was 6 hours, which I think is just a bit on the high side time wise for a UPS. Therefore I do need the router to boot correctly on these longer power outs.

Austin 0

@Schmeling Makes sense. I would say that you should get the UPS ASAP though. If there are outages, there are probably also brown outs and spikes that could damage the equipment, and even a sudden outage could cause file corruption on most systems (This is very unlikely on PFsense though since they use ZFS now).