DHCP Issues

wc2l

Hi Folks
Running 23.09-release on a Netgate 3100.
Notice that I'm running Kea DHCP (guess it is having issues).
I have at least one piece of hardware that is not communicating with the DHCP server. It also does not seem to be allowing any communications to the network. I have even tried static IP. The manufacture does not recommend this. I have even tried setting the IP in the DHCP server so I can setup the port rules. I know the device appears to be communicating (I can see the MAC address in my network switch) and the port is active on the switch. The manufacture has also replaced the system board.

I've also been noticing that the DHCP Lease list shows devices offline (static and DHCP) that are actually up. It has been very frustrating to troubleshoot. Is the only option to change the DHCP Service to roll back to a different version of the OS? Are there any patches or fixes for these problems. When I first starting to have issues with the device, I didn't think about the DHCP server because other items were getting an address. Now that I have been reading the forums.. I see there are some issues.

johnpoz

@wc2l said in DHCP Issues:

Lease list shows devices offline (static and DHCP) that are actually up

If arp expires, ie the device hasn't actually talked to pfsense in a while, then yeah for all pfsense knows since it hasn't see any traffic the device is offline..

wc2l

@johnpoz I find it odd that you can use something like Advanced IP or port scanner and it sees the devices that show offline. Shouldn't pfsense see it too? Still does not explain why the one device doesn't get an IP address or is not communicating. I have used most my ideas up. I did install 23.09.1 to make sure it was not in that release, I may disable the service and see if I can turn it on somewhere else and see what happens,

johnpoz

@wc2l said in DHCP Issues:

like Advanced IP or port scanner

That is a active test.. Ie your going to arp.. Pfsense is just looking in its arp table.. Ping the IP from pfsense, if you get an answer, or even if it doesn't answer because of firewall on the device.. If pfsense got back an arp.. Then it would show as online.

your talking about active monitoring vs passive just hey look in my arp table..

Here - pfsense showing one of my AP offline.. I generated some traffic to that IP across pfsense (pfsense routed the traffic from my pc to the AP on a different network), and look at that pfsense now sees it online, because its in its arp table..

If you want - put in a feature request for pfsense to generate some traffic so that its arp table is always populated, and there you go - your stuff will show online ;) Or setup your devices to generate traffic to something off their network, or to pfsense for something else like dns or ntp, and it they will show online, if they are..

You could prob setup a cron on pfsense ping sweep on your network if you wanted.. The arp cache is 20 minutes.. So if you setup a cron to run say every 20 minutes.. Keep in mind the device could be offline for the last 19 minutes and pfsense would still think its online, because it has it in the arp cache.

wc2l

@johnpoz OK, it is definitely the DHCP Server, NOT the device!!
I have Synology NAS with the capability to it do DHCP. As soon as I switched, the device came online,.
Next is to switch back and see if it fails to communicate with the system.

OK, I can switch it back and it is good. IF you unplug or interrupt the network connection, it will fail again.
This has been confirmed. I'm only guessing.. Synology is using ISC DHCP instead of KEA DHCP.
Is this a reportable bug?

johnpoz

@wc2l said in DHCP Issues:

it is definitely the DHCP Server, NOT the device!!

Has ZERO to do with the dhcp server.. Pfsense pulls that online or not from its arp cache.. Has nothing to do with the dhcp server.

They are just combining that info from lease table and the arp cache is all. The dhcp has no way to know if something is online or not... It could of handed a 7 day lease to something that went off line 30 seconds after it handed its lease..

The info about online or not is pulled from the arp cache.. If there is entry in the cache, then its considered online.. It might not be, it might off gone offline 19 minutes ago.. It might be online and just not talked to pfsense in the last 20 minutes so its not in pfsense arp cache.. Like the example I showed with my 192.168.2.3 AP.. AP don't always talk to pfsense, that IP is just management IP.. The AP was clearly handling traffic for its wifi clients, etc.

edit: here clearly my AP are all onine - see they have clients connected too them, and the Controller is talking to them, but the controller is on the same management network as the AP.. So pfsense is not aware of that traffic, it would only see the AP mac and be able to put it into its arp cache when the AP has sent some traffic to pfsense.

wc2l

@johnpoz I understand the arp table being the knowledge for what is or isn't online.

So here is what has happened.
Upgraded the OS on the 3100 quite a while ago.
Wanted to upgrade the 8 port switches to 16 port switches.
A device lost the connection to the network as I moved the network cable to my new switch (nothing more).
Switch was fully booted and had communication (Tested before the move of cables)
Anything else into that switch works just fine. Only the one device stopped working.
The device stopped communicating. Nothing I did could get the unit back online.
Restarted services, rebooted router, test the old switch, changed the device to static (still could not communicate)
I even had the company replace the board in the device. Thinking it has to be the board!
The NetGate 3100 has been my DHCP Server for the network for 4-5 yrs.
Disabled the NetGate DHCP server and enabled the DHCP Server on the Synology NAS
As soon as the device sees the Synology DHCP services, it starts communicating.
if I disconnect the device now, it does recover in about 15 second.
When I tested this on the NetGate device, it does NOT recover.

So why does one DHCP server work and the other DHCP server does not.
FYI, I never used the DHCP server on the Synology NAS till today.

SteveITS

@wc2l said in DHCP Issues:

Is the only option to change the DHCP Service to roll back to a different version of the OS?

https://docs.netgate.com/pfsense/en/latest/releases/2-7-1.html#kea-dhcp-server-feature-preview-now-available
“Administrators can easily switch between ISC DHCPD and Kea by navigating to System > Advanced, Networking tab and changing the new Server Backend setting in the DHCP Options section.”

wc2l

@SteveITS Thank you!! I haven't had time to go read it (I will)
I actually just set the Synology to hand out one address to on MAC address.
I will let the 3100 do the rest.
The good news is that I will get the reports from the device.
My guess, the NIC in the device is not up to speed or there is a piece missing in the KEA DHCP services.
Something isn't matching up. Just not sure how I can submit a bug report. I don't have enough info on the board.