DHCP fails to log and issue ip addresses on all Vlans

Guest

re0: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 150                                                                                                                                                            0
        options=38db <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,polling,vlan_hwcsum,w   ="" ol_ucast,wol_mcast,wol_magic="">ether 00:00:00:00:00:08
        inet6 xx00::000:0000:00000e8%re0 prefixlen 64 scopeid 0x1
        inet 10.10.99.117 netmask 0xfffffe00 broadcast 10.10.28.255
        inet 10.10.99.234 netmask 0xffffff00 broadcast 10.10.24.255
        nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
re1: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 150                                                                                                                                                            0
        options=38db <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,polling,vlan_hwcsum,w   ="" ol_ucast,wol_mcast,wol_magic="">ether 00:00:00:00:00:089
        inet 10.10.32.254 netmask 0xfffffff0 broadcast 10.10.32.255
        inet6 fe80::290:7fff:fe33:fe9%re1 prefixlen 64 scopeid 0x2
        nd6 options=3 <performnud,accept_rtadv>media: Ethernet 100baseTX <full-duplex>status: active
re2: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 150                                                                                                                                                            0
        options=38db <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,polling,vlan_hwcsum,w   ="" ol_ucast,wol_mcast,wol_magic="">ether 00:00:00:00:00:ea
        inet 10.10.36.254 netmask 0xffffff80 broadcast 10.10.36.255
        inet6 0000::0000:0000:0000:fea%re2 prefixlen 64 scopeid 0x3
        nd6 options=3 <performnud,accept_rtadv>media: Ethernet 100baseTX <full-duplex>status: no carrier
re3: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 150                                                                                                                                                            0
        options=38db <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,polling,vlan_hwcsum,w   ="" ol_ucast,wol_mcast,wol_magic="">ether 00:00:00:00:00:08b
        inet 10.10.36.253 netmask 0xffffff80 broadcast 10.10.36.255
        inet6 re3 prefixlen 64 scopeid 0x4
        nd6 options=3 <performnud,accept_rtadv>media: Ethernet 100baseTX <full-duplex>status: no carrier
re4: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 150                                                                                                                                                            0
        options=38db <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,polling,vlan_hwcsum,w   ="" ol_ucast,wol_mcast,wol_magic="">ether 00:00:00:00:00:08c
        inet 10.10.36.252 netmask 0xffffff80 broadcast 10.10.36.255
        inet6 fe80::290:7fff:fe33:fec%re4 prefixlen 64 scopeid 0x5
        nd6 options=3 <performnud,accept_rtadv>media: Ethernet 100baseTX <full-duplex>status: no carrier
re5: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 150                                                                                                                                                            0
        options=38db <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,polling,vlan_hwcsum,w   ="" ol_ucast,wol_mcast,wol_magic="">ether 00:00:00:00:00:08d
        inet 10.10.32.253 netmask 0xfffffff0 broadcast 10.10.32.255
        inet6 re5 prefixlen 64 scopeid 0x6
        nd6 options=3 <performnud,accept_rtadv>media: Ethernet 100baseTX <full-duplex>status: no carrier
pflog0: flags=100 <promisc>metric 0 mtu 33200
lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384
        options=3 <rxcsum,txcsum>inet 127.0.0.1 netmask 0xff000000
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x8
        nd6 options=3 <performnud,accept_rtadv>pfsync0: flags=0<> metric 0 mtu 1460
        syncpeer: 224.0.0.240 maxupd: 128 syncok: 1
enc0: flags=0<> metric 0 mtu 1536
bridge0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        ether 00:00:00:00:00:08
        id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
        maxage 20 holdcnt 6 proto rstp maxaddr 100 timeout 1200
        root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
        member: re4 flags=3 <learning,discover>ifmaxaddr 0 port 5 priority 128 path cost 55
        member: re3 flags=3 <learning,discover>ifmaxaddr 0 port 4 priority 128 path cost 55
        member: re2 flags=223 <learning,discover,edge>ifmaxaddr 0 port 3 priority 128 path cost 55
bridge1: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        ether 00:00:00:00:00:08
        id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
        maxage 20 holdcnt 6 proto rstp maxaddr 100 timeout 1200
        root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
        member: re5 flags=93 <learning,discover,sticky,ptp>ifmaxaddr 0 port 6 priority 128 path cost 55
        member: re1 flags=93 <learning,discover,sticky,ptp>ifmaxaddr 0 port 2 priority 128 path cost 200000

btw since the last changes were made i am no longer able to get into the web interface. but the reqested out put is posted</learning,discover,sticky,ptp></learning,discover,sticky,ptp></up,broadcast,running,simplex,multicast></learning,discover,edge></learning,discover></learning,discover></up,broadcast,running,simplex,multicast></performnud,accept_rtadv></rxcsum,txcsum></up,loopback,running,multicast></promisc></full-duplex></performnud,accept_rtadv></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,polling,vlan_hwcsum,w ></up,broadcast,running,promisc,simplex,multicast></full-duplex></performnud,accept_rtadv></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,polling,vlan_hwcsum,w ></up,broadcast,running,promisc,simplex,multicast></full-duplex></performnud,accept_rtadv></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,polling,vlan_hwcsum,w ></up,broadcast,running,promisc,simplex,multicast></full-duplex></performnud,accept_rtadv></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,polling,vlan_hwcsum,w ></up,broadcast,running,promisc,simplex,multicast></full-duplex></performnud,accept_rtadv></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,polling,vlan_hwcsum,w ></up,broadcast,running,promisc,simplex,multicast></full-duplex></performnud,accept_rtadv></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,polling,vlan_hwcsum,w ></up,broadcast,running,promisc,simplex,multicast>

wallabybob

@xtdanno:

the steps taken were to the letter as per your directions no devation was taken.

It looks to me as if you left out  the last step in this sequence:
@wallabybob:

You should remove the VLAN on re2, re3 and re4, disable DHCP on those interfaces and change the interface type to None on those interfaces.

You might be able to gain access to the web GUI through re0. Here I run into a difficulty in that the IP address, netmask and broadcast address reported are inconsistent. For example, if the IP address is really 10.10.99.234 with netmask 0xffffff00 then the broadcast address is really 10.10.99.255 not the reported 10.10.24.255. Whatever the facts of the matter, if you want to try this approach you will need to configure the computer you plug into re0 with an IP address that is on one of the subnets on re0 and different from the re0 IP address on that subnet. Then plug the computer into re0 and see if you can attach to the pfSense web GUI. If the computer can attach to the pfSense web GUI, then you need to
1. disable DHCP on re2, re3 and re4,
2. set the interface type of re2, re3 and re4 to None,
3. assign an appropriate IP address and netmask to bridge0 (say 10.10.36.253/25)
4. enable DHCP on bridge0.
5. Check DHCP log to verify it started correctly.

If DHCP started correctly then you can do a similar set of steps to re1, re5 and bridge1. Can I trust you to correctly extrapolate? :-)

Guest

so it looks after my last changes i pooched the install no prob i'll follow these instructions after i reload that HDD with a fresh image. and post the results.

Guest

You might be able to gain access to the web GUI through re0. Here I run into a difficulty in that the IP address, netmask and broadcast address reported are inconsistent. For example, if the IP address is really 10.10.99.234 with netmask 0xffffff00 then the broadcast address is really 10.10.99.255 not the reported 10.10.24.255. Whatever the facts of the matter, if you want to try this approach you will need to configure the computer you plug into re0 with an IP address that is on one of the subnets on re0 and different from the re0 IP address on that subnet. Then plug the computer into re0 and see if you can attach to the pfSense web GUI.
this failed miserably but was able to get back in by simply going in by putty and resetting the web configurator.  and resetting factory defaults.

If the computer can attach to the pfSense web GUI, then you need to
1. disable DHCP on re2, re3 and re4, this was already done
2. set the interface type of re2, re3 and re4 to None, after a bit of searching i was able to find this option and it has been done.
3. assign an appropriate IP address and netmask to bridge0 (say 10.10.36.253/25) i have not been able to locate this option
4. enable DHCP on bridge0.
5. Check DHCP log to verify it started correctly.

If DHCP started correctly then you can do a similar set of steps to re1, re5 and bridge1. Can I trust you to correctly extrapolate? :-)

Guest

ok so i wiped out the current config for the bridge and setting s for the individual lan ports. i'm stuck on a small issue regarding your directions  and need a bit of help to find the correct locations for these settings.

If the computer can attach to the pfSense web GUI, then you need to
1. disable DHCP on re2, re3 and re4, this was already done
2. set the interface type of re2, re3 and re4 to None, after a bit of searching i was able to find this option and it has been done.
3. assign an appropriate IP address and netmask to bridge0 (say 10.10.36.253/25)could not find this option
4. enable DHCP on bridge0. could not find this option
5. Check DHCP log to verify it started correctly.

so where do i find the options for step 3 and 4

wallabybob

Sorry, I think I did leave out a step. Its some months since I added a bridge interface to pfSense.

After creating the bridge interface it is necessary to add it to pfSense's list of interfaces. On my previous list between step 2 and 3 add:
2.a On Interfaces -> (assign) if bridge0 doesn't appear in the Network Ports column click the "+" button towards the bottom of the page to add bridge0 to the pfSense pool of usable interfaces. It should then appear in the Network Ports column to the right of an interface named OPTx (x a counting number). The name OPTx will then be used in steps 3 and 4 which become:
3. assign an appropriate IP address and netmask (say 10.10.36.253/25) to the pfSense OPTx interface (bridge0): Interfaces -> OPTx
4. enable DHCP on pfSense OPTx interface (Services -> DHCP server, click on OPTx tab and click the Save button)

Guest

ok so i setup re2 re 3 re 4 on bridge 2 and re1 and re5 on bridge1 applied settings and lost all connectivity i think i should have stuck to my guy feeling and kept re 1 as management and re 5 as it's own so i'm going to reinstall pfsense and start from scratch and try it again.

Guest

ok so

RE0=WAN
RE1=Management
RE2=Domain
RE3=Bridge1
RE4=Bridge1
RE5=Bridge1

followed your steps to the letter . the bridge is working and the so are the other dhcp servers. so now i'm totally stumped as i have entered my static information and yet i still get no internet, i'm a bit puzzeled as i checked the log files and it does show some connectivity but yet not pinging to the internet only to other devices. on the same lan even though this was a fresh install i followed the setup wizard and then created the bridge needed and segrated port bounced the box and still nothing but local machines.

wallabybob

@xtdanno:

the bridge is working and the so are the other dhcp servers.

Progress!

I'm sorry if I gave the impression fixing the bridging wass you needed to do.

@xtdanno:

so now i'm totally stumped as i have entered my static information and yet i still get no internet, i'm a bit puzzeled as i checked the log files and it does show some connectivity but yet not pinging to the internet only to other devices.

No internet from where - pfSense console? machine on bridge1? machine on Management lan? machine on Domain lan? What application are you using to test internet connectivity and what doe the application report?

What connectivity is shown in the log files? please identify which log files and provide the relevant text from the log file,

Maybe you have DNS problem, maybe a client configuration problem, maybe a problem on the pfSense WAN link, maybe a firewall rule problem etc etc.

Guest

it was and the dhcp is now working my first problem was DHCPD was not working as the service kept dying. and not starting up.
so yes thank you for your help on this and even with my isp line plugged in i still don't get internet on any of the interfaces. so now i'm trying to get the internet interface working ultimately what i want to do is this

RE0  =  isp ip 123.123.123.122  =  RE1 and RE2
RE0  =  isp ip 123.123.123.123    =  Bridge1

as i have two static ip's from my ISP  and route my 122 address to my domain firewall and create a DMZ for my firewall using pfsense to do the prefiltering for  my exchange server. and use the 123 address for my game lan.
segragating  both my networks but giving the speed for my online gaming.

Guest

it was and the dhcp is now working my first problem was DHCPD was not working as the service kept dying. and not starting up.
so yes thank you for your help on this and even with my isp line plugged in i still don't get internet on any of the interfaces. so now i'm trying to get the internet interface working ultimately what i want to do is this

RE0  =  isp ip 123.123.123.122  =  RE1 and RE2
RE0  =  isp ip 123.123.123.123    =  Bridge1

as i have two static ip's from my ISP  and route my 122 address to my domain firewall and create a DMZ for my firewall using pfsense to do the prefiltering for  my exchange server. and use the 123 address for my game lan.
segragating  both my networks but giving the speed for my online gaming.
i hope this clears things up a bit more.