Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DHCP Lease Pool Exhausted and Disabled Leases not deleted

    Scheduled Pinned Locked Moved DHCP and DNS
    6 Posts 3 Posters 58 Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J Offline
      jbariyo
      last edited by

      DHCP Lease Pool exhausted and disabled Leases not deleted what can i do help

      johnpozJ GertjanG J 3 Replies Last reply Reply Quote 0
      • johnpozJ Offline
        johnpoz LAYER 8 Global Moderator @jbariyo
        last edited by

        @jbariyo what do you mean by disabled? You can delete a lease that is not active. ie no device currently active on that IP.

        You may want to clear the arp cache on pfsense - cache normally lasts 20 minutes.

        deletelease.jpg

        If your lease shows a green arrow - this means that it is currently in the arp cache and no you wouldn't be able to delete it from the gui.

        You would have to directly edit the lease file to delete them.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

        1 Reply Last reply Reply Quote 0
        • GertjanG Offline
          Gertjan @jbariyo
          last edited by

          @jbariyo said in DHCP Lease Pool Exhausted and Disabled Leases not deleted:

          DHCP Lease Pool exhausted

          Call the admin and ask him to make the pool bigger ?!.
          Or
          Allow/connect less devices to your network.

          @jbariyo said in DHCP Lease Pool Exhausted and Disabled Leases not deleted:

          disabled Leases not deleted

          Leases that are expired can still show up in the 'known' leases file, the file that shows up in the GUI ( Status > DHCP Leases ).
          They are kept in the file, so if the device that used the now 'previous' lease comes back, it will get the same IPv4
          If the DHCP pool starts to fill up, the not active leases will get recycled = used for new leases.

          No "help me" PM's please. Use the forum, the community will thank you.
          Edit : and where are the logs ??

          1 Reply Last reply Reply Quote 0
          • J Offline
            jbariyo @jbariyo
            last edited by

            Users complain of losing access to the network on the LAN and pfsense shows lease utilization goes all the way up to 90% plus, deleting the disabled IPs one by one is hectic i normally have to clear all DHCP leases to enable people to connect back to the network. What is the best default and maximum lease time i checked online for an 9-5 environment you can give 8 hours and 9 hours respectively i configured this today. However i have never faced this challenge before so i don't know...

            GertjanG johnpozJ 2 Replies Last reply Reply Quote 0
            • GertjanG Offline
              Gertjan @jbariyo
              last edited by Gertjan

              @jbariyo

              Show some concrete number ? Like how many device are (trying to) connecting ?

              Show the DHCP server settings.
              And the 'LAN' network setting.

              For example : if you do this :

              85935810-7228-4569-8585-9dc965b46ac3-image.png

              = my network is 255 - ( (192.168.1.1) + 192.168.1.255) = 255-2=249 IPv4s.

              and this :

              dda3f751-af45-4c78-b147-4d8f5d59d855-image.png

              See the "192.168.1.1 - 192.168.1.254" ? ^^

              where I created a pool between .70 and .200 = 130 IPs for my DHCP LAN network.

              I have about 55 devices, but nearly (99 %) of them use static 'MAC' DHCP leases between 192.168.1.2 and 192.168.1.69.

              Typically, a pool should be 10/20/30 % bigger as the maximum number of devices connected.
              That's my own rule of course. I'm not sure if there is a more official rule for this.

              edit :
              A joke :
              What if I wrote a script on a device that :

              1. Get a DHCP lease.
              2. Resets the interface, and generates a random MAC fro that interface.
                3 Restart the interface.
              3. Jump to 1.

              In no time you wind up will plenty of valid (non expired) DHCPv4 leases, and your DHCP pool will be empty.
              This will empty a 192.168.0.0/16 pool which is about 65k IPs in the pool.
              Not that I've ever seen this happen before but (looking to the east) I've already encountered devices who really break do all they can (breaking all known RFC's) just trying exist to break your network.
              I love those cameras, doorbell and other stupid light bubs.

              No "help me" PM's please. Use the forum, the community will thank you.
              Edit : and where are the logs ??

              1 Reply Last reply Reply Quote 0
              • johnpozJ Offline
                johnpoz LAYER 8 Global Moderator @jbariyo
                last edited by johnpoz

                @jbariyo said in DHCP Lease Pool Exhausted and Disabled Leases not deleted:

                9-5 environment you can give 8 hours and 9 hours respectively i configured this today

                The default is 2 hours - what did you have it set to before.. You understand you could set it to 30 minutes or something if you wanted to.. If a client is still on they will just renew it. There is little need to set it for length of the work day.

                If your scope is oversubscribed - ie more clients than you have IPs then you going to have a bad day if more clients are trying to be on at same time than you have IPs. How many clients do you have total.. You should prob setup your network to have more IPs than that. Be it you increase the scope size out of your network, or increase the network size by increasing the mask from say a /24 to a /23 or even a /22

                Are these wireless clients? If clients are changing their macs on you - then yeah you could run through a more IPs via dhcp than you actually need. If so would make a short lease so that if client rotates their mac the old lease expires quickly so it could be re-used.

                Do you have idiot users? (this is a given normally) where they have both wired and wireless at the same time - that are in the same network?

                edit: As @Gertjan mentioned maybe the client is borked - I would look into a specific client when they complain this is happening. Are you really out of leases, is the client getting a 169.254? This is what a client will normally give itself when its set for dhcp and can not get a lease. Are you getting clients with duplicate IPs? I would look into the details of a specific failure so you better understand what is happening. Is there currently a lease for that client and it just not renewing and using up new leases, etc.

                What dhcpd are you using isc or kea? Maybe there is an issue with reusing expired leases? More info on what is actually going on is always helpful.. But yeah if you are oversubscribed you either need allow for more IPs, or use really short lease times.. And just actually hope you never have more clients on at the same time than you could possible supply ips for.

                An intelligent man is sometimes forced to be drunk to spend time with his fools
                If you get confused: Listen to the Music Play
                Please don't Chat/PM me for help, unless mod related
                SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.