PS4 suddenly not getting IP address from DHCP after I update my Mikrotik switch
-
Isn't this more of a question for Mikrotik?
You didn't indicate what is providing DHCP services. Anything interesting in the DHCP logs for the PS4's MAC address?
I would packet capture on a mirror port of the port going to the PS4 and look at the actual DHCP exchange. Then capture the same type of exchange on the port from the DHCP server.
That should point at what is at-fault.
-
Isn't this more of a question for Mikrotik?
You didn't indicate what is providing DHCP services. Anything interesting in the DHCP logs for the PS4's MAC address?
I would packet capture on a mirror port of the port going to the PS4 and look at the actual DHCP exchange. Then capture the same type of exchange on the port from the DHCP server.
That should point at what is at-fault.
DHCP is provided by pfSense, can you provide a step-by-step how to check and capture the DHCP/port logs? My networking knowledge is limited.
-
Start with Diagnostics > Packet Capture on the pfSense interface in question. Filter on UDP port 67. About 10000 packets should be long enough. Reboot the PS4, wait for it to fail, and stop the capture. Anyone looking at the capture will need to know the PS4 MAC address.
Unfortunately, debugging these problems typically requires some networking knowledge, such as pulling the resulting capture into wireshark and understanding the DHCP protocol enough to know what you are looking at. At least enough to finger the device that isn't doing what it is supposed to be doing so you know whom to beat on.
You might need to engage Mikrotik (or pfSense/Netgate) support or hire someone if that is outside your skill set. But if it was all working, and you updated the switch firmware and it stopped working, I would start with Mikrotik probably.)
You could also download and post the pcap here. There shouldn't be much data leakage that matters in that capture on an inside interface with that udp/67 filter in place.
-
Status > System Logs, DHCP.
Click Filter at the top (the funnel icon) and enter the PS4 MAC address in the proper format (as indicated by the other log entries).
-
I downgraded my Mikrotik switch to previous version and everything works now.
-
I downgraded my Mikrotik switch to previous version and everything works now.
It appears there's some sort of problem with the switch then. One thing that helps is to use packet capture to see what's happening. While pfSense packet capture can help, I find Wireshark works better. Since that's a managed switch, you can set up port mirroring, which allows you to monitor any port. Also, given the description of the switch and what it can do, it might be configured in a way that interferes with the traffic.
-
pfSense packet capture, download capture, open in wireshark. I do it at least 6 times a day. MUCH simpler on most users than setting up mirror ports.
The only time I set up mirror ports is if someone, for some reason, doesn't trust the tcpdump results from the pfSense node and wants to see what it actually going out on the wire. Or, of course, if a capture needs to be done from another location in the topology.
-
pfSense packet capture, download capture, open in wireshark. I do it at least 6 times a day. MUCH simpler on most users than setting up mirror ports.
The only time I set up mirror ports is if someone, for some reason, doesn't trust the tcpdump results from the pfSense node and wants to see what it actually going out on the wire. Or, of course, if a capture needs to be done from another location in the topology.
What do you do when you want to monitor a point that's not directly connected to pfSense, such as the other side of that switch that seems to be causing the problems? Perhaps the DHCP request is being sent, but not passed by the switch. With port mirroring, you can watch any interface. Last year, I bought a small managed switch, just so that I could plug in anywhere and see what's happening. Also, with Wireshark, you can watch the traffic in real time. While I have used packet capture, I find Wireshark to be more useful. One very useful feature is being able to filter on multiple factors.
Incidentally, when I used Linux for my firewall, I often ran Wireshark on it. When I moved to pfSense, I had to use that managed switch to see the WAN side of pfSense. That's how I came across the problem with the IPv6 prefix changing, when all I did was disconnect/reconnect the WAN port. I carry that switch in my computer bag and have found it useful on occasion at work (One time I actually had to use it as a switch. <g>).</g>
-
pfSense packet capture, download capture, open in wireshark. I do it at least 6 times a day. MUCH simpler on most users than setting up mirror ports.
The only time I set up mirror ports is if someone, for some reason, doesn't trust the tcpdump results from the pfSense node and wants to see what it actually going out on the wire. Or, of course, if a capture needs to be done from another location in the topology.
-
I had the same issue. Updated a mikrotik switch to swos 2.5 and none of the devices on my network was able to get DHCP info. Downgraded to swos 2.4, everything works again. Wasted 8 hours trying to figure out what was going on because I had just made the switch to pfsense 2.4 just before I upgrade the mikrotik switch. Thought pfsense 2.4 had broken everything but this post gave me the answer. Hugely grateful! Thank you.