[RESOLVED]No internet on ubuntu when disable dhcp

johnpoz

And again - The dhcp server being on or off has ZERO to do with whatever issue your having.

The only changes that happen that you might not see when you enable a dhcp server on a specific interface, is some hidden rules get added to allow for dhcp to reach the server running on pfsense..

bmeeks

Okay, going back and reading your original post one more time, this is what I am hearing you say:

When you turn on or enable the DHCP server in pfSense and you enable DHCP in your Ubuntu machine, you have Internet access. But when you turn off the DHCP server in pfSense and try a static IP with no DHCP configured in Ubuntu, you have no Internet access.

If the above is correct, then this is what I think is happening. You are never actually disabling the DHCP client on the Ubuntu machine even though you might think you are. So when you turn off the DHCP server in pfSense, the DHCP client on Ubuntu can't get a proper IP address and thus you have no connectivity. With the DHCP server running on pfSense, the Ubuntu DHCP client can get the info it needs and the Internet works on the Ubuntu machine.

That's what I believe is happening. You think you are turning off DHCP on the Ubuntu machine and switching to a static IP, but I'm thinking perhaps you are not actually doing that. I know that it can be a real pain to re-plumb the network in modern Linux distros with their fancy GUIs. They really, really want to use the DHCP client.

Farisse

@johnpoz You are right, but where could i find these rules ? My firewall rules are empty (or everything is open). There is something i am missing in this configuration. It makes me sick of not understanding why sometimes it works and sometimes not with the same configuration.

@bmeeks i actually don't even know when it's working or not. I had a few minutes ago an internet connection on my machine and, a few minutes later nothing anymore.

How could i get more details about this ? Logs ?

johnpoz

@Farisse said in No internet on ubuntu when disable dhcp:

My firewall rules are empty (or everything is open)

If your firewall rules are EMPTY then everything is blocked!

Farisse

@johnpoz No sorry I mean everything is open

johnpoz

And clearly you have 13 states currently open using that rule, and have moved 63.18 MB of traffic.

How about some actual info... Lets see you ping the DMZ address from this client.. Lets see you do a dns query to what the dmz address, some other dns server?

Lets see the ifconfig output from this client. When you say it doesn't work, and then when you say it works if you turn on dhcp on pfsense.

Farisse

@johnpoz said in No internet on ubuntu when disable dhcp:

How about some actual info... Lets see you ping the DMZ address from this client.. Lets see you do a dns query to what the dmz address, some other dns server?
Lets see the ifconfig output from this client. When you say it doesn't work, and then when you say it works if you turn on dhcp on pfsense.

i am not sure about understanding the questions do you mean that i show the results of the commands you said ?

There are 2 dns servers. One one the schools network and the other in my lan network.

johnpoz

Yes lets see the output of the commands.. Not just you saying something doesn't work via what a browser? ping pfsense dmz address, if you can't then your never getting anywhere.. If you can not query dns then your never going to get anywhere via fqdn.

Lets see say a traceroute when it works, and when it doesn't work to both an IP say 8.8.8.8 and then say via a fqdn like www.google.com

Your not doing something like static arps are you in pfsense?

If you setup a static arp say for 1.2.3.4 mac xyz so that what the client gets when dhcp is on, and then you setup IP on the machine to be 1.2.3.5 then no it wouldn't work.

Farisse

@johnpoz
the video is uploading i'll add screenshots in a few minutes
https://streamable.com/j30bzs

Ping from Windows Hyper-v to DMZ network

Ping from Ubuntu to DNS/DMZ network + ifconfig

Do you need more info ?

johnpoz

And that is with dhcp or static? And where is your dns query?

Farisse

This is Static the video is when internet was functional and then after reboot ... nothing anymore

here is the dns query:

johnpoz

Well not really possible to use the internet without dns resolution..

What server are you trying to query - can not tell from that command..

Do a dig with with @ipaddress of dns server.

something like dig @192.168.1.1 www.google.com

your command is just going to ask some dns server, which don't know what that is for 192.168.1.1

Is pfsense listening on dmz interface for dns? Are you pointing dns to something else?

how about this output

networkctl status
●        State: routable
       Address: 192.168.2.12 on ens3
                fe80::11:32ff:fe22:cc7d on ens3
       Gateway: 192.168.2.253 (ADI Engineering, Inc.) on ens3
           DNS: 192.168.3.10
Search Domains: local.lan
           NTP: 192.168.3.32
                192.168.2.253

Farisse

@johnpoz Well i didn't change anything and i have an internet connection again.

maybe extra information :
I use an external DNS in pfsense

As from now i have internet this is the requested command :

johnpoz

Well from your output of nteworkctl you have NO DNS set..

Unless you setup forwarding on pfsense, those dns servers don't do anything other what pfsense itself would use for dns.

Farisse

The DNS forwarder is indeed enabled in pfsense and dns resolver to. Does it make any change if i configure the dns on a client machine ?

And why do i get internet for a few time then no more internet and after a few time back again without changing nothing ?

johnpoz

My "guess" would be when your on dhcp you cache some records..

Clearly from what you posted you have no dns set.. So NO internet is never going to work - unless you plan on just using IPs only ;)

johnpoz

@Farisse said in No internet on ubuntu when disable dhcp:

The DNS forwarder is indeed enabled in pfsense and dns resolver to

Well that is just borked! You mean you have unbound fowarding? Running both forward (dnsmasq) and resolver unbound is going to be problematic for sure.. Unless you have 1 running on different port than 53.

from your directed query to 192.168.1.1 you resolved google - so set your ubuntu to use that for its dns when you run static.

Farisse

They are on two different ports

I should normally not have any problem with that ? Except maybe my other dns server who is in my lan that i use with freeradius on my guest network ?

Farisse

@johnpoz said in No internet on ubuntu when disable dhcp:

from your directed query to 192.168.1.1 you resolved google - so set your ubuntu to use that for its dns when you run static.

What do you mean with this ? I thought i already configures my ubuntu for using a dns ?

johnpoz

Well clearly not using that now is it..

When you directed to do dns it work @192.168.1.1

When you just do dig, its saying it can not talk to dns.

when you look with networkctrl status - does it show you dns.. NO... And its not working, so clearly its NOT SET!! if it was, then it would be using it and working...

what does nslookup show you?

user@NewUC:~$ nslookup www.google.com
Server:         127.0.0.53
Address:        127.0.0.53#53

Non-authoritative answer:
Name:   www.google.com
Address: 172.217.4.196
Name:   www.google.com
Address: 2607:f8b0:4009:806::2004

Here
https://linuxize.com/post/how-to-configure-static-ip-address-on-ubuntu-18-04/