DCHP server of VLAN doesn't work (2.0-BETA5 - build Jan 15)

cmb

@krisken:

My problem is that the DHCP server don't work anymore.  So the solution have to be found there…

You still need to get a packet capture of the traffic, see if the request is getting to the firewall.

krisken

Extraction of the system log

Jan 18 19:09:22 dhcpd: For info, please visit https://www.isc.org/software/dhcp/
Jan 18 19:09:22 dhcpd: /etc/dhcpd.conf line 23: expecting numeric value.
Jan 18 19:09:22 dhcpd: /etc/dhcpd.conf line 23: expecting numeric value.
Jan 18 19:09:22 dhcpd: subnet netmask
Jan 18 19:09:22 dhcpd: subnet netmask
Jan 18 19:09:22 dhcpd: ^
Jan 18 19:09:22 dhcpd: ^
Jan 18 19:09:22 dhcpd: /etc/dhcpd.conf line 32: expecting numeric value.
Jan 18 19:09:22 dhcpd: /etc/dhcpd.conf line 32: expecting numeric value.
Jan 18 19:09:22 dhcpd: subnet netmask
Jan 18 19:09:22 dhcpd: subnet netmask
Jan 18 19:09:22 dhcpd: ^
Jan 18 19:09:22 dhcpd: ^
Jan 18 19:09:22 dhcpd: Configuration file errors encountered – exiting
Jan 18 19:09:22 dhcpd: Configuration file errors encountered -- exiting
Jan 18 19:09:22 dhcpd:
Jan 18 19:09:22 dhcpd:
Jan 18 19:09:22 dhcpd: If you did not get this software from ftp.isc.org, please
Jan 18 19:09:22 dhcpd: If you did not get this software from ftp.isc.org, please
Jan 18 19:09:22 dhcpd: get the latest from ftp.isc.org and install that before
Jan 18 19:09:22 dhcpd: get the latest from ftp.isc.org and install that before
Jan 18 19:09:22 dhcpd: requesting help.
Jan 18 19:09:22 dhcpd: requesting help.
Jan 18 19:09:22 dhcpd:
Jan 18 19:09:22 dhcpd:
Jan 18 19:09:22 dhcpd: If you did get this software from ftp.isc.org and have not
Jan 18 19:09:22 dhcpd: If you did get this software from ftp.isc.org and have not
Jan 18 19:09:22 dhcpd: yet read the README, please read it before requesting help.
Jan 18 19:09:22 dhcpd: yet read the README, please read it before requesting help.
Jan 18 19:09:22 dhcpd: If you intend to request help from the dhcp-server@isc.org
Jan 18 19:09:22 dhcpd: If you intend to request help from the dhcp-server@isc.org
Jan 18 19:09:22 dhcpd: mailing list, please read the section on the README about
Jan 18 19:09:22 dhcpd: mailing list, please read the section on the README about
Jan 18 19:09:22 dhcpd: submitting bug reports and requests for help.
Jan 18 19:09:22 dhcpd: submitting bug reports and requests for help.
Jan 18 19:09:22 dhcpd:
Jan 18 19:09:22 dhcpd:
Jan 18 19:09:22 dhcpd: Please do not under any circumstances send requests for
Jan 18 19:09:22 dhcpd: Please do not under any circumstances send requests for
Jan 18 19:09:22 dhcpd: help directly to the authors of this software - please
Jan 18 19:09:22 dhcpd: help directly to the authors of this software - please
Jan 18 19:09:22 dhcpd: send them to the appropriate mailing list as described in
Jan 18 19:09:22 dhcpd: send them to the appropriate mailing list as described in
Jan 18 19:09:22 dhcpd: the README file.
Jan 18 19:09:22 dhcpd: the README file.
Jan 18 19:09:22 dhcpd:
Jan 18 19:09:22 dhcpd:
Jan 18 19:09:22 dhcpd: exiting.
Jan 18 19:09:22 dhcpd: exiting.
Jan 18 19:09:22 php: /services_dhcp.php: The command '/usr/local/sbin/dhcpd -user dhcpd -group _dhcp -chroot /var/dhcpd -cf /etc/dhcpd.conf re0 re0_vlan100 re0_vlan200' returned exit code '1', the output was 'Internet Systems Consortium DHCP Server 4.1.1-P1 Copyright 2004-2010 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ /etc/dhcpd.conf line 23: expecting numeric value. subnet netmask ^ /etc/dhcpd.conf line 32: expecting numeric value. subnet netmask ^ Configuration file errors encountered -- exiting If you did not get this software from ftp.isc.org, please get the latest from ftp.isc.org and install that before requesting help. If you did get this software from ftp.isc.org and have not yet read the README, please read it before requesting help. If you intend to request help from the dhcp-server@isc.org mailing list, please read the section on the README about submitting bug reports and requests for help. Please do not u

But when i want to edit /etc/dhcpd.conf, i see that…that doesn't exists?

cmb

it's not running at all with that. go to Diagnostics>Command and run:

cat /var/dhcpd/etc/dhcpd.conf

and paste the output.

krisken

This is the output of cat /var/dhcpd/etc/dhcpd.conf

$ cat /var/dhcpd/etc/dhcpd.conf

option domain-name "office.it2go.eu";
option ldap-server code 95 = text;
option domain-search-list code 119 = text;

default-lease-time 7200;
max-lease-time 86400;
log-facility local7;
ddns-update-style none;
one-lease-per-client true;
deny duplicates;
ping-check true;
authoritative;
subnet 10.0.0.0 netmask 255.255.255.0 {
pool {
range 10.0.0.100 10.0.0.245;
}
option routers 10.0.0.1;
option domain-name-servers 10.0.0.1;
option ntp-servers 193.110.251.50;

}
subnet  netmask 0.0.0.0 {
pool {
range 10.2.0.100 10.2.0.254;
}
option routers ;
option domain-name-servers ;
option ntp-servers 193.110.251.50;

}
subnet  netmask 0.0.0.0 {
pool {
range 10.1.0.100 10.1.0.254;
}
option routers ;
option domain-name-servers ;
option ntp-servers 193.110.251.50;

}

eri--

I put a fix for this it should be in new snapshots.

Do you have any interface that is configured as 'none' assigned?

krisken

If you mean that i have some unused nics : yes : i only use two of my 4nic pci card.

eri--

Can you show me an output of status interfaces and config.xml <interfaces></interfaces>part?

krisken

Belgacom Interface

BELGACOM interface (pppoe0)
Status up
PPPoE up  
Uptime 04:21:16
MAC address 00:00:00:00:00:00
IP address 91.182.220.8  
Subnet mask 255.255.255.255
Gateway 91.182.220.1
ISP DNS servers 193.110.251.50
94.23.53.69
208.67.222.222
In/out packets 75380/74429 (63.27 MB/5.46 MB)
In/out packets (pass) 74429/60029 (62.80 MB/5.46 MB)
In/out packets (block) 951/0 (482 KB/0 bytes)
In/out errors 0/0
Collisions 0

Lan Interface

LAN interface (re0)
Status up
MAC address 70:71:bc:08:b8:67
IP address 10.0.0.1  
Subnet mask 255.255.255.0
Media 1000baseT <full-duplex>In/out packets 72755/72671 (8.22 MB/80.65 MB)
In/out packets (pass) 72671/89265 (8.21 MB/80.65 MB)
In/out packets (block) 84/0 (6 KB/0 bytes)
In/out errors 0/0
Collisions 0</full-duplex>

Dommel Interface

DOMMEL interface (pppoe1)
Status up
PPPoE up  
Uptime 04:21:16
MAC address 00:00:00:00:00:00
IP address 83.101.6.45  
Subnet mask 255.255.255.255
Gateway 83.101.6.1
In/out packets 44245/40297 (17.69 MB/3.74 MB)
In/out packets (pass) 40297/40424 (17.08 MB/3.74 MB)
In/out packets (block) 3948/0 (623 KB/0 bytes)
In/out errors 0/0
Collisions 0

Publicwifi Interface

PUBLICWIFI interface (re0_vlan100)
Status down

Privatewifi Interface

PRIVATEWIFI interface (re0_vlan200)
Status down

Config.xml

<interfaces><wan><enable><if>pppoe0</if>
<media><mediaopt><spoofmac><ipaddr>pppoe</ipaddr></spoofmac></mediaopt></media></enable></wan>
<lan><enable><if>re0</if>
<ipaddr>10.0.0.1</ipaddr>
<subnet>24</subnet>
<media><mediaopt></mediaopt></media></enable></lan>
<opt1><if>pppoe1</if>

<enable><spoofmac><ipaddr>pppoe</ipaddr></spoofmac></enable></opt1>
<opt2><if>re0_vlan100</if>
<enable><spoofmac><ipaddr>10.2.0.1</ipaddr>
<subnet>24</subnet></spoofmac></enable></opt2>
<opt3><if>re0_vlan200</if>
<enable><spoofmac><ipaddr>10.1.0.1</ipaddr>
<subnet>24</subnet></spoofmac></enable></opt3></interfaces>

krisken

@ermal:

I put a fix for this it should be in new snapshots.

Do you have any interface that is configured as 'none' assigned?

I got the snapshot of today (2.0-BETA5 (i386) built on Wed Jan 19 02:10:47 EST 2011) where it isn't fixed yet?

Logs

Jan 19 20:51:00 kernel: re0_vlan2: link state changed to UP
Jan 19 20:51:00 kernel: re0_vlan3: link state changed to UP
Jan 19 20:51:00 php: : ROUTING: change default route to 83.101.6.1
Jan 19 20:51:00 check_reload_status: reloading filter
Jan 19 20:51:00 apinger: Starting Alarm Pinger, apinger(42244)
Jan 19 20:51:01 php: : ROUTING: change default route to 83.101.6.1
Jan 19 20:51:01 check_reload_status: reloading filter
Jan 19 20:51:01 php: : The command '/sbin/ifconfig 're0_vlan100' -staticarp ' returned exit code '1', the output was 'ifconfig: interface re0_vlan100 does not exist'
Jan 19 20:51:01 php: : The command '/usr/sbin/arp -d -i 're0_vlan100' -a > /dev/null 2>&1 ' returned exit code '1', the output was ''
Jan 19 20:51:01 php: : The command '/sbin/ifconfig 're0_vlan200' -staticarp ' returned exit code '1', the output was 'ifconfig: interface re0_vlan200 does not exist'
Jan 19 20:51:04 php: : The command '/usr/sbin/arp -d -i 're0_vlan200' -a > /dev/null 2>&1 ' returned exit code '1', the output was ''
Jan 19 20:51:04 php: : Gateways status could not be determined, considering all as up/active.
Jan 19 20:51:04 php: : Gateways status could not be determined, considering all as up/active.
Jan 19 20:51:04 php: : Gateways status could not be determined, considering all as up/active.
Jan 19 20:51:04 dhcpd: Internet Systems Consortium DHCP Server 4.1.1-P1
Jan 19 20:51:04 dhcpd: Copyright 2004-2010 Internet Systems Consortium.
Jan 19 20:51:04 dhcpd: All rights reserved.
Jan 19 20:51:04 dhcpd: For info, please visit https://www.isc.org/software/dhcp/
Jan 19 20:51:04 dnsmasq[63428]: started, version 2.55 cachesize 10000
Jan 19 20:51:04 dnsmasq[63428]: compile time options: IPv6 GNU-getopt no-DBus I18N DHCP TFTP
Jan 19 20:51:04 dnsmasq[63428]: reading /etc/resolv.conf
Jan 19 20:51:04 check_reload_status: updating all dyndns
Jan 19 20:51:04 dnsmasq[63428]: using nameserver 208.67.222.222#53
Jan 19 20:51:04 dnsmasq[63428]: using nameserver 94.23.53.69#53
Jan 19 20:51:04 dnsmasq[63428]: using nameserver 193.110.251.50#53
Jan 19 20:51:04 dnsmasq[63428]: read /etc/hosts - 2 addresses
Jan 19 20:51:05 php: : Gateways status could not be determined, considering all as up/active.
Jan 19 20:51:05 php: : Gateways status could not be determined, considering all as up/active.
Jan 19 20:51:05 php: : Gateways status could not be determined, considering all as up/active.
Jan 19 20:51:08 php: : Resyncing OpenVPN instances for interface BELGACOM.
Jan 19 20:51:08 php: : Resyncing OpenVPN instances for interface DOMMEL.
Jan 19 20:51:09 php: : Creating rrd update script
Jan 19 20:51:09 php: miniupnpd: Starting service on interface: lan
Jan 19 20:51:09 miniupnpd[43849]: HTTP listening on port 2189
Jan 19 20:51:09 miniupnpd[43849]: HTTP listening on port 2189
Jan 19 20:51:09 miniupnpd[43849]: Listening for NAT-PMP traffic on port 5351
Jan 19 20:51:09 miniupnpd[43849]: Listening for NAT-PMP traffic on port 5351
Jan 19 20:51:16 php: : WARNING! Configuration written on bootup. This can cause stray openvpn and load balancing items in config.xml
Jan 19 20:51:16 check_reload_status: syncing firewall
Jan 19 20:51:16 php: : WARNING! Configuration written on bootup. This can cause stray openvpn and load balancing items in config.xml
Jan 19 20:51:16 check_reload_status: syncing firewall
Jan 19 20:51:17 kernel: pid 62289 (php), uid 0: exited on signal 11
Jan 19 20:51:17 php: : Beginning package installation for RRD Summary.
Jan 19 20:51:18 php: : WARNING! Configuration written on bootup. This can cause stray openvpn and load balancing items in config.xml
Jan 19 20:51:18 check_reload_status: syncing firewall
Jan 19 20:51:18 php: : WARNING! Configuration written on bootup. This can cause stray openvpn and load balancing items in config.xml
Jan 19 20:51:19 check_reload_status: syncing firewall
Jan 19 20:51:19 php: : Resyncing configuration for all packages.
Jan 19 20:51:21 login: login on ttyv0 as root
Jan 19 20:51:21 sshlockout[4978]: sshlockout/webConfigurator v3.0 starting up

Status > Interfaces

PUBLICWIFI interface (re0_vlan100)
Status down
PRIVATEWIFI interface (re0_vlan200)
Status down

Porter

Please disregard my earlier comments in this thread… my issue was unrelated, turned out to be a bad stacking cable on our switch stack.

krisken

Still down on the Thu Jan 20 05:02:05 EST 2011 version

cmb

@krisken:

Still down on the Thu Jan 20 05:02:05 EST 2011 version

Looks like that has nothing to do with the version, just that you broke your config. You have VLANs 100 and 200 assigned, but you apparently changed those to VLANs 2 and 3 without properly re-assigning or deleting the interfaces.