WAN down after lease expiry, doesn't renew
-
My WAN connection is a cable modem (Shaw Communications) on a 2.5Gb Ethernet connection to my pfSense box. My lease time is about 28 hours and at that time it usually renews but sometimes it seems to get stuck.
dpinger reports the following when this happens: Feb 8 16:24:31 dpinger 40211 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 70.66.236.1 bind_addr 70.66.237.106 identifier "WAN_DHCP "
I can renew it by simply unplugging the cable and replugging or running "dhclient igc0".
Is there anything I can do on my end to prevent this from happening? If not, I can create a script to monitor and renew but that seems less elegant.
-
@hiflyr777
Here's my lease file - I'm curious about the double lease:[2.7.2-RELEASE][root@pfSense.lan]/root: cat /var/db/dhclient.leases.igc0 lease { interface "igc0"; fixed-address 70.66.237.106; option subnet-mask 255.255.252.0; option time-offset -28800; option routers 70.66.236.1; option domain-name-servers 64.59.160.13,64.59.161.68; option host-name "S0106001b410a0a5a"; option domain-name "gv.shawcable.net"; option interface-mtu 1500; option broadcast-address 255.255.255.255; option dhcp-lease-time 100322; option dhcp-message-type 5; option dhcp-server-identifier 64.59.160.40; option dhcp-renewal-time 13922; option dhcp-rebinding-time 78722; renew 0 2025/2/9 04:35:40; rebind 0 2025/2/9 07:29:38; expire 1 2025/2/10 04:35:40; } lease { interface "igc0"; fixed-address 70.66.237.106; option subnet-mask 255.255.252.0; option time-offset -28800; option routers 70.66.236.1; option domain-name-servers 64.59.160.13,64.59.161.68; option host-name "S0106001b410a0a5a"; option domain-name "gv.shawcable.net"; option interface-mtu 1500; option broadcast-address 255.255.255.255; option dhcp-lease-time 100313; option dhcp-message-type 5; option dhcp-server-identifier 64.59.160.40; option dhcp-renewal-time 13913; option dhcp-rebinding-time 78713; renew 0 2025/2/9 04:35:40; rebind 0 2025/2/9 07:29:33; expire 1 2025/2/10 04:35:40; } -
@hiflyr777
Something related to find in system logs?
Check the DHCP log and search for dhcp_client lines. -
@viragomann
Here is what was in the dhcp logs:Feb 10 20:35:42 dhclient 10059 DHCPREQUEST on igc0 to 64.59.160.40 port 67 Feb 10 20:35:42 dhclient 10059 DHCPACK from 64.59.160.40 Feb 10 20:35:42 dhclient 49822 RENEW Feb 10 20:35:42 dhclient 50880 Creating resolv.conf Feb 10 20:35:42 dhclient 10059 bound to 70.66.237.106 -- renewal in 86400 seconds.So this fired at 8:35pm last night and it renewed for 24h.
There really is no other good log data for this, from what I can see. When the gateway is considered down, the only real message I get is from dpinger that it can't ping the gateway. sometimes it's able to recover after a few seconds and other times it just stays in a disconnected state until I do a "dhclient igc0" and it resets.
The DHCP lease activity on the WAN/cable modem port is fairly consistent...until it isn't. This is an XB7 cable modem, operating in bridge mode, if that helps at all.
Thanks for your reply!
-
@hiflyr777
The weird thing here is that the DHCP server is outside of your WAN subnet. This seems unusual to me. Hence DHCP requests has to be directed to the gateway, and if the gateway is not reachable for whatever reason, the connection will fail.So you have rather to troubleshoot the gateway down issue.
Maybe it's just the gateway not responding sometimes and hence pfSense considered it as down. So i'd try to set an alternativ monitoring IP in the gateway settings. You can use any public IP, which responses reliably. -
@viragomann
I noticed that too and agreed, it is weird to have a DHCP server outside the WAN subnet.I couldn't find the Gateway Monitoring IP field and while looking, I found this - given that when the Gateway connection fails, things just grind to a halt and it can be restarted by a cable reset or "dhclient igc0".
Could you point me to the gateway monitoring IP location and i'll try it. Thanks. The closest I can find is the Gateway status that shows the Monitor IP -- I just can't seem to find where to change it.
-
@hiflyr777 System / Routing / Gateways
Ted
-
@tedquade
Thank you!
