Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DHCP leasing + Policy Based Routing

    DHCP and DNS
    2
    3
    2.2k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      Curium
      last edited by

      I have 3 WAN connections and I want to balance traffic across them.  However I do not want to use load balancing as that has caused issues in the past with users IP addresses changing on them depending on their connection.  So I have opted for source IP policy based routing.  I did this many years ago with PFsense 1.2 and it worked great.  However the DHCP server leasing has changed in 2.0 and is making it a little more difficult.

      For example, in 1.2 I had a DHCP scope on the LAN of 10.0.1.0 - 10.0.3.255 / 16 bit.  It would nicely round robin:
      10.0.3.255
      10.0.2.255
      10.0.1.255
      10.0.3.254
      10.0.2.254
      10.0.1.254
      10.0.3.253
      and so on, you get the picture.
      I would then create 3 firewall rules, if source is 10.0.1.0/24 go out WAN 1, if 10.0.2.0/24 go out WAN 2, if 10.0.3.0/24 go out WAN 3.  Worked perfect and based on a computer IP I knew what WAN they are using.
      However in PfSense 2.0, it seems to no longer round robin and just incrementally climb from bottom up like Windows server DHCP does:
      10.0.1.0
      10.0.1.1
      10.0.1.2
      However if a computer had an IP and requested that, say 10.0.2.15, it caused the DHCP server to jump to 10.0.2.16 for the next lease.
      This doesn't seem very favorable for what I am trying to accomplish.  So, I am posing this out there what others have done or recommend.  Is there a setting I can change in DHCPD to change it's behavior?
      A less favorable solution I am thinking of is creating 3 aliases, each assigned to the previous firewall rules that direct out each WAN.  And break the subnet up with /27's.  Like first /27 goes out WAN 1, the next /27 goes out WAN 2, and so on and keep repeating WAN1, WAN2, WAN3 until I have covered 10.0.1.0 - 10.0.3.255.

      1 Reply Last reply Reply Quote 0
      • C
        Curium
        last edited by

        Nada?

        1 Reply Last reply Reply Quote 0
        • C
          cmb
          last edited by

          Pretty sure ISC dhcpd's method of assigning IPs has never changed, it's worked the way you describe it as working currently for at least 15 years, back when I started using it. Our config of it has never changed. Maybe you had reservations setup? Or something different at least, not sure what that could be.

          Short of assigning reservations, or changing the method you use for distributing load, don't think there's an alternative there.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.