Pfsense dhcp server second dns not updated to clients

guy3145

Hi

my pfsense is also my dhcp server, it worked ok no issues untill i just wanted to add a secondary dns record for him to give to clients, i made the required change in: services-dhcp server-"interface name"-dns
but after i do on one of the clients "ipconfig /release" and "ipconfig /renew" they get the same ip settings with only 1 dns server.
is that a known issue?

johnpoz

what version are you running of pfsense?

Do you have a static/reservation setup for this client? If so then you would have to edit that reservation not the overall pool.

I just tested this with a reservation client.. I added a 2nd dns to its reservation, and was only getting the first. I then wiped out first one and put in the 2nd one, and put the 1st one in the 2nd spot and applied and this took.

You would have to look in the actual dhcp.conf file to validate your changes are getting applied. So for example I set 2 dns for my clients reservation - did release renew got what was in the dhcp.conf for that clients reservation

[2.4.0-BETA][root@pfsense.local.lan]/var/dhcpd/etc: cat dhcpd.conf


host s_lan_3 {
        hardware ethernet 18:03:73:b1:0d:d3;
        fixed-address 192.168.9.100;
        option host-name "i5-win";
        option domain-name-servers 192.168.9.253,192.168.3.10;
        default-lease-time 172800;
        max-lease-time 345600;
        option ntp-servers 192.168.9.32,192.168.9.40;


Ethernet adapter Local:

   Connection-specific DNS Suffix  . : local.lan
   Description . . . . . . . . . . . : Broadcom NetLink (TM) Gigabit Ethernet
   Physical Address. . . . . . . . . : 18-03-73-B1-0D-D3
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.9.100(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, May 24, 2017 5:46:10 AM
   Lease Expires . . . . . . . . . . : Friday, May 26, 2017 5:46:10 AM
   Default Gateway . . . . . . . . . : 192.168.9.253
   DHCP Server . . . . . . . . . . . : 192.168.9.253
   DNS Servers . . . . . . . . . . . : 192.168.9.253
                                       192.168.3.10
   NetBIOS over Tcpip. . . . . . . . : Enabled

guy3145

Hi, thank you for your answer.

im using pfsense version: 2.3.2-RELEASE
i dont have any static/reservation setup for this client.
i did a test : i keep only the first dns in pfsense dhcp then i changed the first dns to something else and that didnt change either!
it seems that any change in dns in dhcp dosent apply

guy3145

i even deleted any dns entry in pfsense dns server and it is still getting the old dns to clients, this is insane…

gjaltemba

I am assuming that the client is configured to obtain dns servers automatically. Which version of Windows are you running and how do you trace what the dhcp client is getting from dhcp server?

johnpoz

"it seems that any change in dns in dhcp dosent apply"

So you checked the conf file???

cat /var/dhcpd/etc/dhcpd.conf


subnet 192.168.9.0 netmask 255.255.255.0 {
        pool {
                option domain-name-servers 192.168.3.10;

                range 192.168.9.210 192.168.9.239;
        }

        option routers 192.168.9.253;
        option domain-name-servers 192.168.3.10;
        default-lease-time 345600;
        max-lease-time 792000;
        option ntp-servers 192.168.3.32,192.168.9.40;

        option custom-lan-0 "\n";
}

Do you see your change in there or not??
option domain-name-servers 192.168.3.10;

If the conf file is not getting changed - then no its not going to hand it out..

You sure you didn't hard code the client? Its possible to set the client to dhcp, but have dns it points to hard coded. Simple sniff on pfsense for dchp when you release/renew will show you what dhcpd is offering.. But first thing to validate is its actually been set in the .conf

dhcpoffer.png_thumb

k0ssi

same here

changing dns server using the UI appear in config file which looks fine.
But DHCP clients still configure pfsense as dns server

running 2.3.2-RELEASE (amd64)

will checkout by wireshark later

pfsense.png_thumb

guy3145

this is getting even weirder…
i disable the dhcp on a specific interface. i unchecked the box of "Enable DHCP server on ITMANAGERS interface" and still my windows client is getting ip address from the pfsense. something is wrong

johnpoz

Well that would explain it - if your dhcpd is not restarting/reloading the config when you make a change then it wouldn't hand out any new info you put in the conf. Force the dhcpd to restart.

guy3145

fixed! restart didnt help i had to stop it and then start