Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Status host in dhcp lease

    Scheduled Pinned Locked Moved DHCP and DNS
    7 Posts 3 Posters 482 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • frankzF
      frankz
      last edited by johnpoz

      Hi, I have a pfsense with 5 NIc. In one of these, the dhcp server has been installed for a long time. In the static assignment of a host , everyone appears offline in the list even if the hosts are active , except one . These hosts are located on an OPT GUEST that is configured by a master AP , on which another second AP is connected in repeater mode and behind the latter are all the hosts that despite working perfectly , are marked as off line in pfsense sense . Only one host is highlighted as active , but this is linked to the first master AP . I think it's an ARP problem or some additional configuration is missing on pfsense .
      AP.png

      johnpozJ GertjanG 2 Replies Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator @frankz
        last edited by johnpoz

        @frankz that info is pulled from the arp table.. So if devices are in the arp table they should be listed as active.

        On your pfsense do a arp -a do you see any of those devices listed with those IPs and mac addresses? If not then no they wouldn't be listed as online there. ie the green up arrow.

        If some IP is not listed as green And you ping it from and it answers, does it then show up?

        There are some AP that can just use their mac and hide client devices mac.. So could be related to that - is that 8.87 your AP ip ? Range extenders more common to see that.

        edit: btw why did you post this exact same question twice?

        https://forum.netgate.com/topic/188015/dhcp-leaase-status

        I am just going to delete that other post.. And fix your typo in the thread subject ;)

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        frankzF 1 Reply Last reply Reply Quote 0
        • GertjanG
          Gertjan @frankz
          last edited by

          @frankz said in Statud host in dhcp lease:

          I think it's an ARP problem

          The green arrow here :

          75f890dc-7800-4934-8f54-1ed4964d3327-image.png

          means : look here : Diagnostics > ARP Table

          So, example : 192.168.2.6 has a green arrow, because it's temporary ( ! ) present in the pfSense arp cache.
          And yes, if pfSense want to connect to that device half an hours later, it will broadcast over the LAN : who has "192.168.2.6" and the device with the MAC e0:92:5c:xx:yy will answer : me !
          Now, the relation "192.168.2.6" <=> will be kept in the pfSense arp cache for 1200 or 20 minutes again.

          This doesn't' mean the device is off line or so.
          This doesn't mean the device will answer, or not, to ping requests.
          The device might be silent all the time.
          In fact, pfSense just can't know if a device is 'there' or just not there anymore.
          See the green arrow as a 'gadget'.

          If you really want to know if an IP (a device) is active, other tools are needed, like these packages :
          bandwidthd ?
          darkstat ?
          ntopng ?
          softflowd ?
          and maybe I forgot some.
          I've marked a ? because I've never used any of them.

          Take a look at the arpwatch packet, as it is small and easy to setup.

          No "help me" PM's please. Use the forum, the community will thank you.
          Edit : and where are the logs ??

          frankzF 1 Reply Last reply Reply Quote 0
          • frankzF
            frankz @johnpoz
            last edited by

            @johnpoz Hi, I really think it's like you suspect and unfortunately I too, that is, the hosts behind that AP repeater are masked, in short, as if it were similar to an ARP proxy.

            If you see an arp ping to the host and the answer .

            Next I stress command to the AP repeater . The Mac is the same ..

            This box:   Interface: vtnet0.200  IP: 192.168.8.254   MAC address: e2:85:46:6a:14:0b
ARPING 192.168.8.13
60 bytes from 2e:87:ba:44:41:94 (192.168.8.13): index=0 time=4.305 msec
60 bytes from 2e:87:ba:44:41:94 (192.168.8.13): index=1 time=3.942 msec
60 bytes from 2e:87:ba:44:41:94 (192.168.8.13): index=2 time=4.988 msec


This box:   Interface: vtnet0.200  IP: 192.168.8.254   MAC address: e2:85:46:6a:14:0b
ARPING 192.168.8.251
60 bytes from 2e:87:ba:44:41:94 (192.168.8.251): index=0 time=2.705 msec
60 bytes from 2e:87:ba:44:41:94 (192.168.8.251): index=1 time=4.977 msec
60 bytes from 2e:87:ba:44:41:94 (192.168.8.251): index=2 time=3.904 msec
            johnpozJ 1 Reply Last reply Reply Quote 0
            • frankzF
              frankz @Gertjan
              last edited by

              @Gertjan Thank you, I have been using arp-watch for years with email notifications that report any flip-flops or anything else. The fact of using it as a widget instead is important because it visually gives you the real or almost updated state ....

              1 Reply Last reply Reply Quote 0
              • johnpozJ
                johnpoz LAYER 8 Global Moderator @frankz
                last edited by

                @frankz said in Status host in dhcp lease:

                behind that AP repeater are masked

                Repeaters are well known to do that.. Repeaters are generally a horrible option.. If you need wifi coverage in another area run a wire and deploy another AP.

                Or use a mesh setup if you can not run a wire.. But running a wire and another AP is going to always be the best option.

                An intelligent man is sometimes forced to be drunk to spend time with his fools
                If you get confused: Listen to the Music Play
                Please don't Chat/PM me for help, unless mod related
                SG-4860 24.11 | Lab VMs 2.8, 24.11

                frankzF 1 Reply Last reply Reply Quote 0
                • frankzF
                  frankz @johnpoz
                  last edited by

                  @johnpozYes you are right and I share it. Unfortunately it's a makeshift cfg... the wireless controller system is there I have it active on Omada with 3 APs. Unfortunately, this connection exists between one house 🏠 towards the other in a distance of 300 mt aircraft .... I should buy at least two outdoor omada antennas, but at the moment I have to postpone ...

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.