DHCP lease screen not loading
-
@anrt Then tell us why the GUI => NGINX => PHP has so much trouble shwoing that file.
A 30 kbytes files takes some miliseconds to show.
How big is your lease files ?I never saw these dhcpd.leases.xxxxxxxx files.
I guess these files are made when dhcpd re creates the leases files, and is faulting during so.
dhpcd is made by https://www.isc.org/dhcp/ and very solid. Still, it only works when you throw real RFC [DHCP] defied traffic on it. Other traffic, generated by the device that cost less then 1 $, could break everything. Even dhcpd. The golden law always applies : BS in = BS out.So, what about : when are these dhcpd.leases.xxxxxxxx files created ? What happend on that moment with the system ? A dhcpd segfault ? Some one was ripping the power ones again ? Something else ?
What was logged at that moment ?
A host name with binary chars ?
Etc.I'll agree with you both : some exceptional is happening. So, go hunt for it.
A sledge hammer solution : remove every device from the LANs. There will be no more issues.
Right ?
No, add one device at the time. And wait. No issues ? Add another device, etc.
When the issue pops up, you know what device to check.Can you read that file yourself (use Notepad++ and open it) ?
Are there strange, binary ? characters ?And what about your network ?
Is there a device that want a new lease every xx seconds ?
Is there a device that changes it 'name' on every lease ?
Etc.There is a device that makes your live so much easier : an UPS.
Btw : Widget and massive firewall log rules.
The widget is there exist if there are really a few log lines to show. Just for the kicks. As you said yourself, the thing updates itself every 5 seconds, using world's most ineffective language on the planet : PHP (just a bit faster as Basic).What is dropped on the WAN : you don't care / you don't log. "Many have tried, all have died".
LAN : same thing : no need to see the kids running in the wall every 5 seconds.Huge logs files are ok of course. You should deal with them using the ancient tools like vi, nano, Notepad++, tail, logwatch (used on a remote syslog server) etc.
Firewall wall rules are there to be tested, and ones proven ok, make them silent. This way, only the exceptions will pop up, and draw your attention.
Remember this : to much info kills the info.
-
@gertjan No idea why you're so aggressively going after people just asking questions, but it appears that this is something to do with 2.5, not with any of our configurations themselves.
I run <30 devices on my network, 15 of which are statically addressed. I have no firewall rules because I don't need them. My DHCP scope allows about 40 dhcp addresses, and I'm sure I've restarted it a few times, which has created those numbered files. That being said, I can't imagine any of those causing an issue because they're extremely small, and it doesn't appear they're used for anything. Also, the DHCP scope itself is working absolutely fine. The router is handing out addresses properly. The only issue is loading that screen. Also, those numbered files are from months ago and have caused no issues in the time frame.
We hunted, we brought error messages, and we asked on the forum, in the subsection designed for such questions. Do I know how to resolve this? No, it doesn't make any sense because NOTHING on my network has changed, sans the update to 2.5.
Seriously though, if you're that frustrated by us asking questions, just don't answer. I'd rather work with someone from netgate than be quasi scolded by someone for using a forum for its designated purpose. Thank you for your help to this point but it's not the dhcp file size.
-
- The network settings are unchanged for months.
- The hardware connected to the network has not changed for a similar period of time.
- There are approximately 15-30 devices connected to the network at any given time, this is not a different number that was the case some months ago.
- This system was updated to 2.5.0-RELEASE approximately two week ago. This issue began appearing over the weekend or possibly Monday.
- The DHCP log does not show a significant number of requests in a short period (the 50 most recent entries in the log took place over the course of slightly more than an hour).
- The issue persists with the primary switch disconnected and only a single system connected to the network (aside from the pfSense box)
-
The page worked perfectly just before the update, and right after the update it was broken. I didn’t change a thing, did not even leave my chair....
-
@pette_rsson said in DHCP lease screen not loading:
The page worked perfectly just before the update
When the dust settled, did you executed a clean GUI reboot ?
Time to inspect the dhcp leases files ?
Like :[2.5.0-RELEASE][admin@pfsense.local.net]/root: ls -al /var/dhcpd/var/ db total 88 drwxr-xr-x 2 dhcpd _dhcp 512 Mar 10 07:52 . drwxr-xr-x 4 dhcpd _dhcp 512 Jan 29 2015 .. -rw-r--r-- 1 dhcpd _dhcp 33690 Mar 10 08:04 dhcpd.leases -rw-r--r-- 1 dhcpd _dhcp 34410 Mar 10 07:52 dhcpd.leases~ -rw-r--r-- 1 dhcpd _dhcp 527 Mar 10 06:03 dhcpd6.leases -rw-r--r-- 1 dhcpd _dhcp 772 Mar 10 06:03 dhcpd6.leases~
The last two files are for the IPv6 DHCP leases and not concerned here.
What did you find in the file "dhcpd.leases" ? (the dhcpd.leases~ is just an unused copy).
Are there any "dhcpd.leases.xxxxxxx" where xxxxx is a number ?You can stop the DHCP server(s), wipe the dhcpd.leases and dhcpd.leases~ files, and restart the DHCP server(s). That helps ?
Check the Status > System Logs > DHCP page.
Refresh a page a couple of times. is there a lot of activity ? Any 'strange' messages ?@pette_rsson said in DHCP lease screen not loading:
did not even leave my chair....
Don't worry. It isn't about what you've done. It's more about what you (and we) don't know yet.
Plan Z : (something I would do ) :
Take a look at the /usr/local/www/status_dhcp_leases.php
It's setting up some stuff, reads the leases file, and loops over it.I would place log lines so it drops an 'I'm here' every xx lines. They way, you'll see, when you look at the DHCP Lease files with the GUI, when it stops logging thus when it reached the point where it block. At that point, start logging the variables (their values) used just above, and you'll find out why an where it blocks.
-
@gertjan Thank you for this. After I stopped the server, deleted all of the files, and restarted the server the dhcp leases screen is now pulling up without an issue.
Genuinely confusing but as long as it works I'm happy.
Thank you again for your help, it's very appreciated.
-
Deleting the files and restart the DHCP server worked for me as well.
-
Deleting the files provides a temporary fix. However, the issue returns after several hours.
After a fresh install of pfSense the issue is not present, then returns some hours later. System has been tested for memory, hard disk, and network communication issues -- none are present.
Upon a fresh install of pfSense pages load normally in the GUI. However, after several hours the pages for DHCP Leases, Update, Package Manager, and Dashboard will take up to a minute to load and occasionally fail to load with the 504 error.
-
Deleting the files is a plan Z solution.
The real problem is that there is a device in your network that totally breaks the DHCP RFC.
That device renews it's IP after a while, spits out the same nonsense, with ongoing consequences.The real mission is - Plan A - / was / says : find that device.
And repair it (change the host name, give it a static IP, whatever) - or throw it out of the window.
Issue solved. Definitely.Programs can be fool proof, but code can be bad, and still break everything.
No one can program for every exception, or possible situation. -
@gertjan said in DHCP lease screen not loading:
The real problem is that there is a device in your network that totally breaks the DHCP RFC.
That device renews it's IP after a while, spits out the same nonsense, with ongoing consequences.I just don't see how this is possible. There aren't any new devices on the network for months and this problem didn't appear until after upgrading/clean installing to 2.5.
And, even if that is the problem it doesn't explain why other GUI pages are failing to load or loading exceptionally slowly.
Like, how is this the result of some funky client on the DCHP table? Especially when the DHCP log doesn't appear to have abnormal activity.
-
@anrt
Unable to check for upgrades
is new in this thread.The updates : Enter the console, and use option 13.
Does that work ?If many pages become slow, then I tend to say that the entire PHP-FPM or even nginx (the webserver) has some issues.
Console option 8.
Usetop
and see what is on top when you open some GUI pages.
-
Option 13 (Update from console): Another instance is already running. . . Aborting!
Shell "top":
-
@anrt said in DHCP lease screen not loading:
Update from console): Another instance is already running. . . Aborting!
I've seen that before : a blocked 'pkg' process.
The forum has words about that. -
I've got the same DHCP page won't load issue. I just recently did the upgrade to 2.5.0(yesterday), and the problem appeared today. Did anyone ever figure out what was causing the issue?
-
@chance I just checked mine again and it's back to having the same problem. I don't have much more to offer, I'm just going to move DHCP off of pfsense.
I don't buy that there's some random device on my network that's having DHCP issues that somehow popped up with pfsense 2.5, given I had no issues at all previously (for years). If there's a problem, the problem is with whatever change they made in pfsense 2.5, not with one of my devices. If you check the forums the 2.5 update has been painful for a lot of people. Tons of stuff broke like VPN's, and the issues referred to in this thread. I'd just revert back if you still have that option. Wait for netgate to figure out what they did.
As you can see, my leases files aren't even to 10k. There's no way my DHCP scope or my leases are the issue.
-
@chance I got mine working for a while by completely reinstalling pfSense and not using that system for anything but DHCP and the basic firewall (no packages, no certificate creation, no DNS, no port forwarding).
That ended up not working after around five days and the page was timing out again. So, I moved to Opnsense and haven't had any issues.
I'll probably be back to pfSense a few months after the next update comes out, but this has been a terrible experience.
-
@anrt said in DHCP lease screen not loading:
@chance I got mine working for a while by completely reinstalling pfSense and not using that system for anything but DHCP and the basic firewall (no packages, no certificate creation, no DNS, no port forwarding).
That ended up not working after around five days and the page was timing out again. So, I moved to Opnsense and haven't had any issues.
I'll probably be back to pfSense a few months after the next update comes out, but this has been a terrible experience.
I spun up a VM using OPNSense as well, and it was a decent piece of software. Like you, whatever the problematic device on my network was didn't seem to effect OPNSense. If the screen was more of an issue I'd probably switch over as well.
-
Unfortunately I'm in "production" so I can't switch out to Opnsense without a huge change control and testing. My installation is also fairly complicated as it is a private ISP for a neighborhood. I guess that will teach me to upgrade... ever... even with the large amount of testing I did there are still minor things like this that will come up no matter what.
-
@chance said in DHCP lease screen not loading:
Unfortunately I'm in "production" so I can't switch out to Opnsense without a huge change control and testing. My installation is also fairly complicated as it is a private ISP for a neighborhood. I guess that will teach me to upgrade... ever... even with the large amount of testing I did there are still minor things like this that will come up no matter what.
If you look up at my post, I found that deleting the leases files got it working for a few days. I can test it on my home environment by deleting those files again and see if the screen will load. It might not be a perfect resolution but it might be a bit of a work around until netgate gets it figured out.
-
@chance Can you manage a rollback? It's a bit nuclear, but if everything was working on 2.45 then maybe sitting on that until the current development version is stable would be the best option.