Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    FIOS - WAN DHCP Setup for G1100 (FiOS Quantum Router) with pfSense (no bridging)

    Scheduled Pinned Locked Moved Routing and Multi WAN
    33 Posts 14 Posters 19.0k Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S Offline
      sn0cr4sh
      last edited by

      @bamhm182:

      EDIT: It just occurred to me that the R210 has IPMI enabled by default and if there is no iDRAC Enterprise module installed, it uses eth0 to attempt to connect. I am thinking that what may have been the issue is that even though pfSense was working correctly, Verizon got confused when a different MAC address was reaching out to them for a DHCP lease in addition to the pfSense router. I disabled IPMI by rebooting the Dell R210 and pressing Ctrl+E when prompted to modify IPMI settings in the boot process, then disabling all functions within this menu. I connected my eth0 on my R210 to a LAN port on my G1100 before and after doing this. Before, there were 2 DHCP leases (one for pfSense, one for IPMI) and after there was just one (pfSense) so if this was causing the issue, it should be resolved now. Keep this in mind when you get your R210 II, nasomi. If this does solve my issues, I wonder if that's what was going on with your VM as well, nasomi. I'm wondering if your box was sending out multiple MACs asking for DHCP leases like mine was.

      EDIT 2: Left it in it connected w/ IPMI disabled overnight and it still works this morning. I would say it's safe to call it fixed and blame IPMI asking for a DHCP lease.

      Duuuude, right on!  I got bit by the IPMI overlap as well. My Super Micro C2758 was using the same port for IPMI that I had configured for WAN. I never realized it and managed to get away with it for several months, but suddenly couldn't hold a WAN IP for more than an hour before getting booted off FIOS completely.

      I kept getting these weird errors in my log that said a mac address was using the WAN IP. The mac address was the same as the WAN port, so I couldn't make any sense of it. As soon as I shut down and booted into the BIOS, sure enough, my WAN IP was assigned to the IPMI port.  I disabled IPMI on the board and have been running perfectly ever since.

      I would have never figured that out if you hadn't posted, so thank you!

      Super Micro C2758 | Intel(R) Atom(TM) CPU C2758 @ 2.40GHz | 8 CPUs: 1 package(s) x 8 core(s)

      M 1 Reply Last reply Reply Quote 0
      • C Offline
        Cant.Make.AnyPFSENSE...
        last edited by

        @Paint:

        Okay! I got this working finally! These instructions are based on the ActionTec DHCP WAN Impersonation guide, but updated to work for the G1100 FiOS Quantum Router.

        UPDATE: With the release of FiOS Gigabit speeds, there have been some changes to the DHCP WAN request. Please see the updated instructions here: https://forum.pfsense.org/index.php?topic=114389.msg716205#msg716205

        The G1100 FiOS Quantum Router uses option 61, instead of option 125 like the old Actiontec routers. The field contains the RAW hex of your MAC address. IE. If your MAC (cloned) address is aa:bb:cc:dd:ee:aa, then option 61 (or dhcp-client-identifier) should be set to dhcp-client-identifier 01:aa:bb:cc:dd:ee:aa

        If you are still using the Actiontec router, please see NOYB's instructions: https://forum.pfsense.org/index.php?topic=94298.msg523647#msg523647

        G1100 FiOS Quantum Router DHCP WAN Client Impersonation:

        IPv4 Configuration Type: DHCP

        MAC controls: aa:bb:cc:dd:ee:aa (replace with your G1100 WAN Ethernet MAC address)

        MTU:

        MSS:

        Speed and Duplex: 1000baseT full-duplex

        DHCP Client Configuration

        Options: Advanced Configuration is checked

        Hostname:

        FIOS_Quantum_Gateway
        

        Protocol Timing:

        Timeout: 90
        Retry: 30
        Select Timeout: 0
        Reboot: <blank>Backoff cutoff: <blank>Initial Interval: 2
        Presets: Saved Cfg</blank></blank> 
        

        Lease Requirements and Requests:
        Replace aa:bb:cc:dd:ee:aa with your cloned MAC address
        If you have issues where you lose your WAN connection every 2-4 hours, please do the following:
                Keep the MAC controls address as your G1100 Cloned WAN Address: aa:bb:cc:dd:ee:aa
                Change the last character of your cloned MAC in the option-61 variable below to something unique: aa:bb:cc:dd:ee:ac

        Send Options:```
        dhcp-class-identifier "FiOS-G1100:dslforum.org", dhcp-client-identifier 01:aa:bb:cc:dd:ee:aa, host-name "{hostname}", domain-name "verizon.net"

        
        **Request options:**
        

        broadcast-address, dhcp-lease-time, dhcp-rebinding-time, dhcp-renewal-time, domain-name, domain-name-servers, host-name, routers, static-routes, subnet-mask, vendor-encapsulated-options, default-ip-ttl, dhcp-class-identifier, dhcp-client-identifier, dhcp-parameter-request-list, dhcp-server-identifier, dhcp-requested-address, interface-mtu, log-servers, time-offset, time-servers, www-server

        
        **Require options:**
        

        subnet-mask, routers, domain-name, dhcp-lease-time

        Thank you Paint. :-)

        I followed the instructions to the "T" and bing bang boom everything worked as it should. I mean WOW!!!! Nothing else even came close to obtaining an IP address on the Wan. I have never had any luck with this verizon gigabit network from any other source but… YOUR POST! It was amazing! everything worked again after upgrading to verizon gigabit service.

        ...And then, one hour and forty five minutes goes by the Wan gateway shows offline and the Wan IP address shows 0.0.0.0

        Now I have no idea how to start over... And of course I"M A COMPLETE NOOB!

        Please, please, please help me out... :-(

        1 Reply Last reply Reply Quote 0
        • C Offline
          Cant.Make.AnyPFSENSE...
          last edited by

          BUMP…...

          Anyone here have any experience with something similar to my situation???

          I am willing to gladly PAY for any help that gets me back online...

          SERIOUSLY! Have paypal?

          I need some help please $$$

          1 Reply Last reply Reply Quote 0
          • P Offline
            Paint
            last edited by

            @Cant.Make.Any:PFSENSE...:

            BUMP…...

            Anyone here have any experience with something similar to my situation???

            I am willing to gladly PAY for any help that gets me back online...

            SERIOUSLY! Have paypal?

            I need some help please $$$

            Can you please PM me a diagram of your network and your issue?

            pfSense i5-4590
            940/880 mbit Fiber Internet from FiOS
            BROCADE ICX6450 48Port L3-Managed Switch w/4x 10GB ports
            Netgear R8000 AP (DD-WRT)

            1 Reply Last reply Reply Quote 0
            • J Offline
              jebeltra
              last edited by

              Paint and All:

              Thanks all for your posts, it would be great if someone creates a document with what is required from soup to nuts for the newbie to avoid going all over the net for a total solution. From hardware to software setup.  Everyone on this forum knows much more than I will ever do!!!

              My services:
              Gigabit service from Verizon (for full disclosure, I am a corporate employee)
              For gigabit service, Verizon runs an Ethernet cable plus the coax from the ONT (modem) to the router
              I have 2 STB and access to my DVR from anywhere

              My harware setup:
              ONT to Pfsense Box WAN Port:  ONT gives IP to pfsense  (thanks to Paint)
              Pfsense LAN port to 24 port switch
              Switch to Fios Router WAN port
              FiOs router receives IP from Pfsense box (192.168.x.y)
              FiOs router is also connected to the ONT via Coax
              Switch to Access Point for wireless and all other devices wireline

              In summary, I have two LANs, one from pfsense and one from the FiOs router.  I kept the FiOs router LAN to avoid problems with the video portion, like accessing the TV Guide, remote access to DVR, etc.  If you look at your current setup, the FiOS router gives your STB boxes an IP address via the COAX connection.

              I used the information provided by Paint to configure my WAN on pfsense (thanks!!). My setup worked, the ONT provided the Pfsense an IP address and all good.  Internet speeds, look a bit slower but ok (from 750 to 700 on fast.com, could be any other thing).  I followed the steps from Paint to sniff and got similar information to what he noted, but in my case, I was getting 2 alternating different MAC addresses, one the same as marked on the side of the FiOs Router.  My host name was the same one, FiOS_Quantum_Gateway.  So the sniff part in my case did not provide any new information.  I read this means I probably did something wrong?

              My problem:
              I can not access my DVR or STB remotely like I used to.

              Paint:  I looked at your later posts, and now I understand you have a setup where both, the Pfsense router and Fios router are getting a WAN Ip address.  I saw the graph with your hardware setup but I got lost on the VLAN configuration.  I do not have a "smart switch".  I guess throwing another $70 at Amazon is not going to kill me.  I also saw someone posting about a brigded solution but the link does not work.

              Is there an option to setup this and avoid the VLAN Switch?  I guess I would need to open the ports on my Pfsense to allow remote DVR and other to work?  What ports are these?
              Another thing, I do notice that Pfsense also has the STB in their DCHP leases list.  HOw is that possible?  Is that part of the problem?

              Thanks

              Jorge

              @Paint:

              G1100 FiOS Quantum Router DHCP WAN Client Impersonation - Updated 5-May-2017:

              With the release of FiOS Gigabit Speeds, it seems like Verizon changed the content of the DHCP WAN packet. My MAC address inside the packet and the hostname is DIFFERENT than the physical MAC of the Ethernet WAN port in the G1100 GUI. This means all users must run a TCPDUMP on the WAN interface from the G1100 to confirm this hidden information (Hostname and true MAC address). In summary, whatever MAC address you find in the packet sniff, should be the MAC address used in the packet impersonation on your pfSense router.

              Sniffing the Packet:
              First connect your G1100 WAN port to your pfSense router. I used my WAN interface, but you can use any available interface.
              Open an SSH or CLI session and run the following TCPDUMP command - make sure to change igb0 to the name of your interface.

              tcpdump -i igb0 -vvv -s 0 '((port 67 or port 68) and (udp[8:1] = 0x1))'
              

              You will then start seeing packets that look like this:

              00:40:38.866254 IP (tos 0x0, ttl 128, id 57388, offset 0, flags [none], proto UDP (17), length 335)
                  pool-123-123-123-123.<region>.fios.verizon.net.bootpc > lo0-100.NYCMNY-VFTTP-380.verizon-gni.net.bootps: [udp sum ok] BOOTP/DHCP, Request from aa:bb:cc:dd:ee:aa (oui Unknown), length 307, xid 0xadf6f1c7, Flags [none] (0x0000)
                        Client-IP pool-123-123-123-123.<region>.fios.verizon.net
                        Client-Ethernet-Address aa:bb:cc:dd:ee:aa (oui Unknown)
                        Vendor-rfc1048 Extensions
                          Magic Cookie 0x63825363
                          DHCP-Message Option 53, length 1: Request
                          Client-ID Option 61, length 7: ether aa:bb:cc:dd:ee:aa
                          Requested-IP Option 50, length 4: pool-123-123-123-123.<region>.fios.verizon.net
                          Hostname Option 12, length 22: "securenat-aabbccddeeaa"
                          Vendor-Class Option 60, length 8: "MSFT 5.0"
                          Parameter-Request Option 55, length 12:
                            Subnet-Mask, Domain-Name, Default-Gateway, Domain-Name-Server
                            Netbios-Name-Server, Netbios-Node, Netbios-Scope, Router-Discovery
                            Static-Route, Classless-Static-Route, Classless-Static-Route-Microsoft, Vendor-Option
                          END Option 255, length 0</region></region></region>
              

              You need to extract two pieces of information from the packet sniff:

              • The MAC address (e.g. aa:bb:cc:dd:ee:aa)

              • The Hostname (e.g. securenat-aabbccddeeaa)

              Notice how the hostname contains your mac address without colons.

              Now that we have the packet, it is time to start configuring pfSense!!!

              Login to the pfSense Web GUI. Click on Interfaces -> WAN.

              IPv4 Configuration Type: DHCP

              MAC controls: aa:bb:cc:dd:ee:aa (replace with your G1100 WAN Ethernet MAC address from the sniffed packet)

              MTU: 1500

              MSS:

              Speed and Duplex: 1000baseT full-duplex

              DHCP Client Configuration

              Options: Advanced Configuration is checked

              Hostname:

              securenat-aabbccddeeaa
              ```(replace with your G1100 WAN Ethernet hostname from the sniffed packet)
              
              **Protocol Timing:**
              

              Timeout: 60
              Retry: 30
              Select Timeout: 0
              Reboot: <blank>Backoff cutoff: <blank>Initial Interval: 1
              Presets: Saved Cfg</blank></blank>

              You may need to change the timeout and retry parameters based on your individual setup. I find that a retry of 15 seconds or less is too quick for FiOS.
              
              **Lease Requirements and Requests:**
              
              **Send Options:**```
              dhcp-class-identifier "MSFT 5.0", dhcp-client-identifier 01:{mac_addr_asciiL:}, domain-name "verizon.net"
              

              Request options:

              subnet-mask, domain-name, routers, domain-name-servers, netbios-name-servers, netbios-node-type, netbios-scope, router-discovery, static-routes, classless-routes,
               option-249, vendor-encapsulated-options
              

              Require options:

              subnet-mask, routers
              
              1 Reply Last reply Reply Quote 0
              • P Offline
                Paint
                last edited by

                @jebeltra:

                Paint and All:

                Thanks all for your posts, it would be great if someone creates a document with what is required from soup to nuts for the newbie to avoid going all over the net for a total solution. From hardware to software setup.  Everyone on this forum knows much more than I will ever do!!!

                My services:
                Gigabit service from Verizon (for full disclosure, I am a corporate employee)
                For gigabit service, Verizon runs an Ethernet cable plus the coax from the ONT (modem) to the router
                I have 2 STB and access to my DVR from anywhere

                My harware setup:
                ONT to Pfsense Box WAN Port:  ONT gives IP to pfsense  (thanks to Paint)
                Pfsense LAN port to 24 port switch
                Switch to Fios Router WAN port
                FiOs router receives IP from Pfsense box (192.168.x.y)
                FiOs router is also connected to the ONT via Coax
                Switch to Access Point for wireless and all other devices wireline

                In summary, I have two LANs, one from pfsense and one from the FiOs router.  I kept the FiOs router LAN to avoid problems with the video portion, like accessing the TV Guide, remote access to DVR, etc.  If you look at your current setup, the FiOS router gives your STB boxes an IP address via the COAX connection.

                I used the information provided by Paint to configure my WAN on pfsense (thanks!!). My setup worked, the ONT provided the Pfsense an IP address and all good.  Internet speeds, look a bit slower but ok (from 750 to 700 on fast.com, could be any other thing).  I followed the steps from Paint to sniff and got similar information to what he noted, but in my case, I was getting 2 alternating different MAC addresses, one the same as marked on the side of the FiOs Router.  My host name was the same one, FiOS_Quantum_Gateway.  So the sniff part in my case did not provide any new information.  I read this means I probably did something wrong?

                My problem:
                I can not access my DVR or STB remotely like I used to.

                Paint:  I looked at your later posts, and now I understand you have a setup where both, the Pfsense router and Fios router are getting a WAN Ip address.  I saw the graph with your hardware setup but I got lost on the VLAN configuration.  I do not have a "smart switch".  I guess throwing another $70 at Amazon is not going to kill me.  I also saw someone posting about a brigded solution but the link does not work.

                Is there an option to setup this and avoid the VLAN Switch?  I guess I would need to open the ports on my Pfsense to allow remote DVR and other to work?  What ports are these?
                Another thing, I do notice that Pfsense also has the STB in their DCHP leases list.  HOw is that possible?  Is that part of the problem?

                Thanks

                Jorge

                @Paint:

                G1100 FiOS Quantum Router DHCP WAN Client Impersonation - Updated 5-May-2017:

                With the release of FiOS Gigabit Speeds, it seems like Verizon changed the content of the DHCP WAN packet. My MAC address inside the packet and the hostname is DIFFERENT than the physical MAC of the Ethernet WAN port in the G1100 GUI. This means all users must run a TCPDUMP on the WAN interface from the G1100 to confirm this hidden information (Hostname and true MAC address). In summary, whatever MAC address you find in the packet sniff, should be the MAC address used in the packet impersonation on your pfSense router.

                Sniffing the Packet:
                First connect your G1100 WAN port to your pfSense router. I used my WAN interface, but you can use any available interface.
                Open an SSH or CLI session and run the following TCPDUMP command - make sure to change igb0 to the name of your interface.

                tcpdump -i igb0 -vvv -s 0 '((port 67 or port 68) and (udp[8:1] = 0x1))'
                

                You will then start seeing packets that look like this:

                00:40:38.866254 IP (tos 0x0, ttl 128, id 57388, offset 0, flags [none], proto UDP (17), length 335)
                    pool-123-123-123-123.<region>.fios.verizon.net.bootpc > lo0-100.NYCMNY-VFTTP-380.verizon-gni.net.bootps: [udp sum ok] BOOTP/DHCP, Request from aa:bb:cc:dd:ee:aa (oui Unknown), length 307, xid 0xadf6f1c7, Flags [none] (0x0000)
                          Client-IP pool-123-123-123-123.<region>.fios.verizon.net
                          Client-Ethernet-Address aa:bb:cc:dd:ee:aa (oui Unknown)
                          Vendor-rfc1048 Extensions
                            Magic Cookie 0x63825363
                            DHCP-Message Option 53, length 1: Request
                            Client-ID Option 61, length 7: ether aa:bb:cc:dd:ee:aa
                            Requested-IP Option 50, length 4: pool-123-123-123-123.<region>.fios.verizon.net
                            Hostname Option 12, length 22: "securenat-aabbccddeeaa"
                            Vendor-Class Option 60, length 8: "MSFT 5.0"
                            Parameter-Request Option 55, length 12:
                              Subnet-Mask, Domain-Name, Default-Gateway, Domain-Name-Server
                              Netbios-Name-Server, Netbios-Node, Netbios-Scope, Router-Discovery
                              Static-Route, Classless-Static-Route, Classless-Static-Route-Microsoft, Vendor-Option
                            END Option 255, length 0</region></region></region>
                

                You need to extract two pieces of information from the packet sniff:

                • The MAC address (e.g. aa:bb:cc:dd:ee:aa)

                • The Hostname (e.g. securenat-aabbccddeeaa)

                Notice how the hostname contains your mac address without colons.

                Now that we have the packet, it is time to start configuring pfSense!!!

                Login to the pfSense Web GUI. Click on Interfaces -> WAN.

                IPv4 Configuration Type: DHCP

                MAC controls: aa:bb:cc:dd:ee:aa (replace with your G1100 WAN Ethernet MAC address from the sniffed packet)

                MTU: 1500

                MSS:

                Speed and Duplex: 1000baseT full-duplex

                DHCP Client Configuration

                Options: Advanced Configuration is checked

                Hostname:

                securenat-aabbccddeeaa
                ```(replace with your G1100 WAN Ethernet hostname from the sniffed packet)
                
                **Protocol Timing:**
                

                Timeout: 60
                Retry: 30
                Select Timeout: 0
                Reboot: <blank>Backoff cutoff: <blank>Initial Interval: 1
                Presets: Saved Cfg</blank></blank>

                You may need to change the timeout and retry parameters based on your individual setup. I find that a retry of 15 seconds or less is too quick for FiOS.
                
                **Lease Requirements and Requests:**
                
                **Send Options:**```
                dhcp-class-identifier "MSFT 5.0", dhcp-client-identifier 01:{mac_addr_asciiL:}, domain-name "verizon.net"
                

                Request options:

                subnet-mask, domain-name, routers, domain-name-servers, netbios-name-servers, netbios-node-type, netbios-scope, router-discovery, static-routes, classless-routes,
                 option-249, vendor-encapsulated-options
                

                Require options:

                subnet-mask, routers
                

                Jorge, if you are getting slower speeds via pfsense,its most likely your router isn't capable of gigabit speeds.

                Please read this complete thread and others on the web. There is a great Dslreports post that describes many ways to connect your Verizon and personal router with pros and cons of each.

                pfSense i5-4590
                940/880 mbit Fiber Internet from FiOS
                BROCADE ICX6450 48Port L3-Managed Switch w/4x 10GB ports
                Netgear R8000 AP (DD-WRT)

                1 Reply Last reply Reply Quote 0
                • H Offline
                  Hugovsky
                  last edited by

                  Are you using traffic shaping? I had a problem that I lose connectivity when using a fairq with codel.

                  1 Reply Last reply Reply Quote 0
                  • P Offline
                    Paint
                    last edited by

                    @Hugovsky:

                    Are you using traffic shaping? I had a problem that I lose connectivity when using a fairq with codel.

                    I turned off traffic shaping as I found that my Intel i350 network card would fail at gigabit speeds. Since I subscribe to 940/880mbps from FiOS, I dont need a traffic shaper.

                    pfSense i5-4590
                    940/880 mbit Fiber Internet from FiOS
                    BROCADE ICX6450 48Port L3-Managed Switch w/4x 10GB ports
                    Netgear R8000 AP (DD-WRT)

                    1 Reply Last reply Reply Quote 0
                    • O Offline
                      onsit
                      last edited by

                      I seem to get WAN drop outs ever 5-7 days now when I am connected straight ONT to my pfsense box. Cable is good, and NICs are good I enjoyed very low latency gaming and huge download speeds on and off - so the machine can handle gigabit just fine. This seems to be a DHCP issue. I get the classic scenario where I am unable to ping the next hop over (gateway of the WAN). Maybe too many pings to check gateway health from pfsense.

                      Restarting the ONT and the Machine fixes it for 20mins, right before the next DHCP renewal packet from pfsense. (IP doesn't change).

                      So far I have tried the following:

                      (Worked 5-7 days) ONT -> Pfsense with provided parameters from (My g1100 had a mac sticker address of xx:xx:xx:xx:xx:x1, but tcp dump revleaed it actually ends with a 2). https://forum.pfsense.org/index.php?topic=114389.msg716205#msg716205

                      (Working for a day now, present) ONT -> Unmanaged switch -> (G1100 WAN and PFsense WAN).

                      Using a switch seems to have given me 2 days now of a usable wan connection, throughput seems to have suffered slightly (cheap switch, 750/700 speeds, pfsense raw got 960,920). Would I benefit in getting a managed switch here and setting VLANs on here, and then dropping the tags once it hits my pfsense box? Might isolate a bit of broadcast chatter.

                      One thing I did notice was that my G1100, even after being connected and used briefly with gigabit seems to send packets much different than what you showed - uses hostname (FIOS_Quantum_Gateway) and the packet looks more like pre gigabit DHCP packets.

                      • pfsense is freshly installed, no QoS, no serious Layer 3 logic, barebones install with the only modification being setting up the WAN to spoof the mac, and to generate the DHCP packet as per https://forum.pfsense.org/index.php?topic=114389.msg716205#msg716205

                      • No network devices are connected to the G1100, I don't even have an active Verizon TV subscription. I am literally using this to make sure my DHCP doesnt break.

                      Interestingly enough I had the same issue on my Asus router when running merlin firmware which prompted me to go pfsense to avoid this same thing. Verizon really seems to be picky with DHCP.

                      1 Reply Last reply Reply Quote 0
                      • J Offline
                        johnm304
                        last edited by

                        I'm just getting ready to setup my first pfSense router…  a quick question.

                        I have a very simple setup... single LAN and I'm replacing a G1110 that is on its last legs.  I have FIOS gig service.

                        I do not have any FIOS STBs to worry about.

                        Should I follow the instructions in Paint's post: <https: forum.pfsense.org="" index.php?topic="114389.msg716205#msg716205">Or is there a simpler approach? There a lot of information in that post, am I'm not sure how much of it is required for Paint's specific configuration.  I was thinking that I could just release the WAN IP on my G1110 and wire in my pfSense box.

                        Thanks!
                        John</https:>

                        1 Reply Last reply Reply Quote 0
                        • R Offline
                          rtm5005
                          last edited by

                          Hello Everyone,

                          I hope this post isn't dead.  I seem to be stuck in the trap of not being able to get my DHCP lease to renew autonomously with FIOS (Northern NJ Area).  I have reviewed and tried to use the directions posted on May 17th of 2017 but the same thing happens and I need to go into the interface status to release and renew.

                          I did the packet capture on the NIC to review what my Quantum Gateway does to request an IP and I come really close to replicating it exactly but there are some differences in the options that I am just not sure about.  I am able to get the WAN IP address with my attempt at the settings but then after about 2 hours it locks up and I cannot get anywhere with it.  The release and renew will not work.  At that point I clear settings and go back to the hardware MAC (Not Quantum MAC) and pick up a new lease for two hours to continue the game.

                          If this post is still alive I would be happy to put my findings in detail to see if I can get additional support from the community but don't really want to post it into dead air.

                          Please reply if you are able and willing.

                          Thank you!

                          1 Reply Last reply Reply Quote 0
                          • P Offline
                            Paint
                            last edited by

                            Happy to help - send me a PM with the details.

                            pfSense i5-4590
                            940/880 mbit Fiber Internet from FiOS
                            BROCADE ICX6450 48Port L3-Managed Switch w/4x 10GB ports
                            Netgear R8000 AP (DD-WRT)

                            G 1 Reply Last reply Reply Quote 0
                            • G Offline
                              GuitarSkater @Paint
                              last edited by

                              @Paint

                              Sorry to revive this old thread, but ive followed the directions every way possible, I am still getting dropped every 2~ hrs

                              anyone have a 2020 solution?

                              1 Reply Last reply Reply Quote 0
                              • M Offline
                                MasterYous @sn0cr4sh
                                last edited by

                                @sn0cr4sh said in FIOS - WAN DHCP Setup for G1100 (FiOS Quantum Router) with pfSense (no bridging):

                                Duuuude, right on!  I got bit by the IPMI overlap as well. My Super Micro C2758 was using the same port for IPMI that I had configured for WAN. I never realized it and managed to get away with it for several months, but suddenly couldn't hold a WAN IP for more than an hour before getting booted off FIOS completely.

                                I kept getting these weird errors in my log that said a mac address was using the WAN IP. The mac address was the same as the WAN port, so I couldn't make any sense of it. As soon as I shut down and booted into the BIOS, sure enough, my WAN IP was assigned to the IPMI port.  I disabled IPMI on the board and have been running perfectly ever since.

                                I would have never figured that out if you hadn't posted, so thank you!

                                This forum is a godsend. I would also never have figured this out were it not for this post. I have a Netgate with a C2758 (and a broken BMC). When I plugged the dedicated IPMI port into my switch, the problems with the DHCP lease expiring every 2 hours went away.

                                Apparently even with the BMC broken, it defaults to using igb0 (first Intel ethernet port) as a share/failover port for IPMI. Because my BMC is broken (no firmware update for the BMC nor the mobo fixes it) then I can't even disable this default behavior. So my two options are to either connect this extra cable full-time, or to move the WAN interface to a different ethernet port on the box.

                                Either one seems to work, and thank you for shedding light on this incredibly hard-to-guess-at issue.

                                1 Reply Last reply Reply Quote 0
                                • P phobes referenced this topic on
                                • First post
                                  Last post
                                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.