Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DHCPREQUEST for WAN2 actually goes out WAN1

    Scheduled Pinned Locked Moved Routing and Multi WAN
    1 Posts 1 Posters 300 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      ryan87
      last edited by ryan87

      I'm running into an issue where DHCP requests for WAN2 of a dual-WAN config are actually leaving via WAN1. I have a simple failover gateway group where WAN1 is tier 1 and WAN2 is tier 2. IE: WAN1 is the main connection and failover happens to WAN2 if WAN1 goes down. I use this failover group as the default IPv4 gateway on the System, Routing page.

      WAN2 is losing connectivity at a fairly consistent interval and comes back up when it's DHCP lease reaches the EXPIRE time. It looks like I can initially get a lease via broadcast and after that renewal requests will happen via unicast to a specific IP. Sometimes the renewal works, sometimes it doesn't. It acts like pfSense is sending the renewal request via the wrong interface, but not 100% of the time.

      I see this in my logs. I've replaced IPs and MAC addresses with descriptive names.

      Oct 29 21:46:03	dhclient	50374	DHCPREQUEST on igb2 to DHCP_SERVER_IP port 67
Oct 29 21:46:04	dhclient	50374	DHCPREQUEST on igb2 to DHCP_SERVER_IP port 67
Oct 29 21:46:06	dhclient	50374	DHCPREQUEST on igb2 to DHCP_SERVER_IP port 67
Oct 29 21:46:08	dhclient	50374	DHCPREQUEST on igb2 to DHCP_SERVER_IP port 67

      However, I was running tcpdump on igb0 (WAN1) and igb2 (WAN2) while the above happened and the request was on igb0 with nothing on igb2.

      tcpdump -ni igb0 "port 67 or port 68"

      21:46:03.876692 IP WAN2_IP.68 > DHCP_SERVER_IP.67: BOOTP/DHCP, Request from WAN2_MAC, length 300
21:46:04.883074 IP WAN2_IP.68 > DHCP_SERVER_IP.67: BOOTP/DHCP, Request from WAN2_MAC, length 300
21:46:06.891376 IP WAN2_IP.68 > DHCP_SERVER_IP.67: BOOTP/DHCP, Request from WAN2_MAC, length 300
21:46:08.897311 IP WAN2_IP.68 > DHCP_SERVER_IP.67: BOOTP/DHCP, Request from WAN2_MAC, length 300

      In the above logs, DHCP_SERVER_IP is on a different subnet than WAN2_IP. Does anyone know what I might be running into here? It seems like a bug for those requests to go out the wrong interface, but I don't understand why it sometimes works for the first renewal (or two sometimes). To be clear, I don't know which interface the successful requests are sent via. They likely go out the correct interface, but I haven't observed a successful renewal yet, so I can't say for sure.

      This is on pfSense 2.7.0 CE.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.