SG-1100 not getting WAN IP if internet is connected after solid black diamond

DomiX

Hi,

I have an issue with SG-1100 (used for OpenVPN client). pfsense does not retrieve IP address from dhcp if my wan router (Orange livebox) is connected to internet after pfsense bootup is complete (solid black diamond). Only solution is reboot/reset device on remote host.
According to dhcp logs, pfsense should use old dhcp lease but after bootup, ifconfig does not display IP address and my OpenVPN is not even after waiting several minutes.

Oct 18 17:25:26 	dhclient 	19755 	bound: renewal in 33408 seconds.
Oct 18 17:25:26 	dhclient 		Deleting old routes
Oct 18 17:25:25 	dhclient 		New Routers (mvneta0.4090): 192.168.2.XX
Oct 18 17:25:24 	dhclient 		New Routers (mvneta0.4090): 192.168.2.XX
Oct 18 17:25:24 	dhclient 		New Broadcast Address (mvneta0.4090): 192.168.2.255
Oct 18 17:25:24 	dhclient 		New Subnet Mask (mvneta0.4090): 255.255.255.0
Oct 18 17:25:24 	dhclient 		New IP Address (mvneta0.4090): 192.168.2.YY
Oct 18 17:25:24 	dhclient 		ifconfig mvneta0.4090 inet 192.168.2.YY netmask 255.255.255.0 broadcast 192.168.2.255
Oct 18 17:25:24 	dhclient 		Starting add_new_address()
Oct 18 17:25:24 	dhclient 		TIMEOUT
Oct 18 17:25:24 	dhclient 	19755 	Trying recorded lease 192.168.2.YY
Oct 18 17:25:24 	dhclient 	19755 	No DHCPOFFERS received.
Oct 18 17:25:19 	dhclient 	19755 	DHCPDISCOVER on mvneta0.4090 to 255.255.255.255 port 67 interval 5
Oct 18 17:25:06 	dhclient 	19755 	DHCPDISCOVER on mvneta0.4090 to 255.255.255.255 port 67 interval 13
Oct 18 17:24:55 	dhclient 	19755 	DHCPDISCOVER on mvneta0.4090 to 255.255.255.255 port 67 interval 11
Oct 18 17:24:46 	dhclient 	19755 	DHCPDISCOVER on mvneta0.4090 to 255.255.255.255 port 67 interval 9
Oct 18 17:24:38 	dhclient 	19755 	DHCPDISCOVER on mvneta0.4090 to 255.255.255.255 port 67 interval 8
Oct 18 17:24:29 	dhclient 	19755 	DHCPDISCOVER on mvneta0.4090 to 255.255.255.255 port 67 interval 8
Oct 18 17:24:25 	dhclient 	19755 	DHCPDISCOVER on mvneta0.4090 to 255.255.255.255 port 67 interval 4
Oct 18 17:24:23 	dhclient 	19755 	DHCPDISCOVER on mvneta0.4090 to 255.255.255.255 port 67 interval 2
Oct 18 17:24:12 	dhclient 	19755 	DHCPREQUEST on mvneta0.4090 to 255.255.255.255 port 67
Oct 18 17:24:07 	dhclient 	19755 	DHCPREQUEST on mvneta0.4090 to 255.255.255.255 port 67
Oct 18 17:24:05 	dhclient 	19755 	DHCPREQUEST on mvneta0.4090 to 255.255.255.255 port 67
Oct 18 17:24:05 	dhclient 		PREINIT
Oct 18 17:24:04 	dhclient 	11538 	exiting.
Oct 18 17:24:04 	dhclient 	11538 	connection closed
Oct 18 17:24:03 	dhclient 	10717 	bound: renewal in 33491 seconds.
Oct 18 17:24:03 	dhclient 		Deleting old routes
Oct 18 17:24:02 	dhclient 		New Routers (mvneta0.4090): 192.168.2.XX
Oct 18 17:24:01 	dhclient 		New Routers (mvneta0.4090): 192.168.2.XX
Oct 18 17:24:01 	dhclient 		New Broadcast Address (mvneta0.4090): 192.168.2.255
Oct 18 17:24:01 	dhclient 		New Subnet Mask (mvneta0.4090): 255.255.255.0
Oct 18 17:24:01 	dhclient 		New IP Address (mvneta0.4090): 192.168.2.YY
Oct 18 17:24:01 	dhclient 		ifconfig mvneta0.4090 inet 192.168.2.YY netmask 255.255.255.0 broadcast 192.168.2.255
Oct 18 17:24:01 	dhclient 		Starting add_new_address()
Oct 18 17:24:01 	dhclient 		TIMEOUT
Oct 18 17:24:01 	dhclient 	10717 	Trying recorded lease 192.168.2.YY
Oct 18 17:24:01 	dhclient 	10717 	No DHCPOFFERS received.
Oct 18 17:23:50 	dhclient 	10717 	DHCPDISCOVER on mvneta0.4090 to 255.255.255.255 port 67 interval 11
Oct 18 17:23:39 	dhclient 	10717 	DHCPDISCOVER on mvneta0.4090 to 255.255.255.255 port 67 interval 11
Oct 18 17:23:30 	dhclient 	10717 	DHCPDISCOVER on mvneta0.4090 to 255.255.255.255 port 67 interval 9
Oct 18 17:23:13 	dhclient 	10717 	DHCPDISCOVER on mvneta0.4090 to 255.255.255.255 port 67 interval 17
Oct 18 17:23:06 	dhclient 	10717 	DHCPDISCOVER on mvneta0.4090 to 255.255.255.255 port 67 interval 7
Oct 18 17:23:03 	dhclient 	10717 	DHCPDISCOVER on mvneta0.4090 to 255.255.255.255 port 67 interval 3
Oct 18 17:23:01 	dhclient 	10717 	DHCPDISCOVER on mvneta0.4090 to 255.255.255.255 port 67 interval 2
Oct 18 17:23:00 	dhclient 	10717 	DHCPDISCOVER on mvneta0.4090 to 255.255.255.255 port 67 interval 1
Oct 18 17:22:56 	dhclient 	10717 	DHCPREQUEST on mvneta0.4090 to 255.255.255.255 port 67
Oct 18 17:22:54 	dhclient 	10717 	DHCPREQUEST on mvneta0.4090 to 255.255.255.255 port 67
Oct 18 17:22:53 	dhclient 	10717 	DHCPREQUEST on mvneta0.4090 to 255.255.255.255 port 67
Oct 18 17:22:51 	dhclient 	10717 	DHCPREQUEST on mvneta0.4090 to 255.255.255.255 port 67
Oct 18 17:22:50 	dhclient 	10717 	DHCPREQUEST on mvneta0.4090 to 255.255.255.255 port 67
Oct 18 17:22:49 	dhclient 	10717 	DHCPREQUEST on mvneta0.4090 to 255.255.255.255 port 67
Oct 18 17:22:49 	dhclient 		PREINIT 

mvneta0.4090: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=3<RXCSUM,TXCSUM>
	ether f0:ad:4e:0b:44:e3
	inet6 fe80::f2ad:4eff:fe0b:44e3%mvneta0.4090 prefixlen 64 scopeid 0xa
	groups: vlan
	vlan: 4090 vlanpcp: 0 parent interface: mvneta0
	media: Ethernet 1000baseT <full-duplex>
	status: active
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>

ps auxwww|grep dhclient
root    20653   0.0  0.0  6640   468  -  Is   17:24    0:00.00 dhclient: mvneta0.4090 [priv] (dhclient)
_dhcp   24155   0.0  0.0  6640   348  -  ICs  17:25    0:00.02 dhclient: mvneta0.4090 (dhclient)

Thanks in advance

stephenw10

So this happens if the upstream router is not responding to DHCP requests until after the SG-1100 has finished booting?
Like if you lose power and both are booted simultaneously?

You may be hitting this: https://redmine.pfsense.org/issues/9267

Steve

DomiX

@stephenw10 said in SG-1100 not getting WAN IP if internet is connected after solid black diamond:

So this happens if the upstream router is not responding to DHCP requests until after the SG-1100 has finished booting?
Like if you lose power and both are booted simultaneously?

You may be hitting this: https://redmine.pfsense.org/issues/9267

Steve

@stephenw10 Thanks for your response. Yes, this happens when both are booted simultaneously. Do you think it will be resolved before in next 2.4.4 release or 2.5 release?

Thanks

Gertjan

If the delay of the incredibly slow-to-boot Livebox is bothering you, add some delay to the DHCP client (you can find it on the WAN Interface settings ) :

stephenw10

Yes increasing the timeout values there has worked for others hitting that. 900s should be far more than required.
https://forum.netgate.com/post/854067

Steve

Gertjan

@stephenw10 said in SG-1100 not getting WAN IP if internet is connected after solid black diamond:

900s

It's not that slow ....

stephenw10

Indeed, I was trying to decide if that was really seconds but it does seem to be. I would think 2-3 minutes would more than suffice. I don't know how long that box takes to boot though.

Steve

DomiX

Thanks @stephenw10 and @Gertjan for your response.

I'll try with timeout 600s. Sometimes Livebox could take a long times to boot with firmware updates

Gertjan

@DomiX : to minimize troubles in many way, protect the livebox (VDSL router) with the same UPS as you use with your SG.