DHCPOFFER not being accepted

Elliott32224 · May 17, 2021, 3:09 PM

This is a new problem for me, where devices that had been leased an IP address or even had a static IP address were not able to get into the network. I see from a search of the web, it has happened before to others. The log shows DHCPOFFER with an IP address, but the device never is listed on DHCP leases page and I can not access the device from the IP in the log. I am running 2.5.1-RELEASE (amd64). For me, it may have started with the upgrade to 2.5 a few months ago. Any help would be appreciated.

KOM · May 17, 2021, 3:14 PM

@elliott32224 You're saying that pfSense LAN interface is getting an DHCPREQUEST from this unknown device for which pfSense sends a DHCPOFFER, but then your device fails to connect?

Elliott32224 · May 17, 2021, 4:06 PM

@kom That is correct. The log shows
May 17 11:01:07 dhcpd 44187 DHCPDISCOVER from 34:e1XX via em1
May 17 11:01:08 dhcpd 44187 DHCPOFFER on 192.168.4.246 to 34:e1XXvia em1
May 17 11:01:10 dhcpd 44187 DHCPDISCOVER from 34:e1XX via em1
May 17 11:01:10 dhcpd 44187 DHCPOFFER on 192.168.4.246 to 34:e1XX via em1

This keeps going for a time and the device is never seen on the DHCP lease list and is not addressable.

KOM · May 17, 2021, 4:16 PM

@elliott32224 Seems like a problem with that device. What is it and does it have any logs?

Elliott32224 · May 17, 2021, 4:57 PM

@kom Thanks. It is Hubitat Hub. However, it is the third device in the past couple of days that has been affected. One of these is my HP Officejet Pro 9025. It seems like it has only occurred with wired devices. The workaround for the printer was to enable WiFi. The Hubitat Hub was placed on another network (NetGear modem) in order to work.

KOM · May 17, 2021, 5:01 PM

@elliott32224 Hmm. I've been using pfSense for many years and have never seen this problem. The fact that it is happening to more than one device indicates it's something between them and pfSense. Is this a lan or vlan? Is there a wifi device involved like an access point or router?

Elliott32224 · May 17, 2021, 5:34 PM

@kom So, you could be correct. I switched to eero for WiFi a couple of months ago. It is in bridge mode, of course. The LAN output from my pFsense (em1) goes to the eero and the eero output connects to an unmanaged switch for wired devices. Is there a different way to set this up?

KOM · May 17, 2021, 6:18 PM

@elliott32224 The Eero is between pfSense and your wired clients? That's unusual. How many lan ports do you have available? I personally would separate the LAN from wifi. Either put your switch on lan for your wired clients and wifi on OPT1 (if it exists), or create a vlan on your lan and put your wifi APs on that vlan. Use firewall rules to control access.

If you want to stay with a simpler config then plug your switch into pfSense lan port and then plug your wired clients and AP into the switch.

Elliott32224 · May 17, 2021, 8:39 PM

@kom Thank you! I went for the simpler option, but then could not get any internet access (no DHCP for devices) via the WiFi. This should have worked. I'll try again, when I have more time.

KOM · May 17, 2021, 8:51 PM

@elliott32224 If everything is plugged into the same dumb switch (or is it a smart switch?) and the wired clients can get an address while the wifi devices cannot then that says there is a problem with your wifi AP configuration. It should be set to DHCP as well for its management interface and it should bridge all wifi clients to your LAN.

Elliott32224 · May 18, 2021, 2:52 AM

@kom Thanks. It's a dumb switch. With the eero in bridge mode, there is no option for the WiFi to be a DHCP server. Also, the way I have wired the eero is the way it is recommended by eero: LAN cable from pfSense to eero; eero cable to switch.

KOM · May 18, 2021, 3:36 PM

@elliott32224 said in DHCPOFFER not being accepted:

With the eero in bridge mode, there is no option for the WiFi to be a DHCP server

Sorry, I meant that the Eero should get its address from pfSense via DHCP, not that the wifi clients should use the Eero for DHCP.

Gertjan · May 18, 2021, 2:51 PM

Is this part of a packet capture :

@elliott32224 said in [DHCPOFFER not being accepted](/post/983510):
> May 17 11:01:07	dhcpd	44187	DHCPDISCOVER from  via em1
> May 17 11:01:08	dhcpd	44187	DHCPOFFER on 192.168.4.246 to em1
> May 17 11:01:10	dhcpd	44187	DHCPDISCOVER from  via em1
> May 17 11:01:10	dhcpd	44187	DHCPOFFER on 192.168.4.246 to  via em1

?

If so, the device is probably answering, but the answer is never reaching pfSense because the DHCPACK from the client is send to the real - other - DHCP server.
The ACK is not a broadcast. It's an IP (accepted by the client) to IP (the DHCP server) what explains why pfSense never sees this ACK.
Did this device on em1 got an IP, and if so, what is it ? Go locate that second DHCP on your LAN and shut it down.

Elliott32224 · May 18, 2021, 3:36 PM

@kom Thanks.

Elliott32224 · May 18, 2021, 3:41 PM

@gertjan Thank you. That is from the pfSense DHCP service log for the device. I use fing and I just ran their tool, DHCP Discovery:
"You have one single DHCP active in the network.
DHCP Server
pfSense:..."

NogBadTheBad · May 18, 2021, 4:18 PM

DHCP Guarding on the Eero maybe ?

Elliott32224 · May 18, 2021, 5:02 PM

@nogbadthebad Thanks. Could be, but there is no setting for that.

cwagz · May 19, 2021, 3:40 AM

@elliott32224

I just lost an HP OfficeJet 9025 on my wired network the other day. Same symptoms I see the request and offer in the logs but the officejet never gets an IP. Moved to wireless and all is good. No changes to my network recently that I know of. I thought it must have been a rouge DHCP server but Fing can’t find it.

Now I have a wired Linux box doing the same thing.

Really weird. Never experienced this before.

Gertjan · May 19, 2021, 5:25 AM

@elliott32224 said in DHCPOFFER not being accepted:

but there is no setting for that.

There is one 'setting' that will do the job : jto be sure : remove it from the network during tests to be sure.

@cwagz said in DHCPOFFER not being accepted:

I see the request and offer in the logs but the officejet never gets an IP

It sends a DHCPDISCOVER so it can communicate with pfSense.
pfSense sends DHCPOFFER : Looks like it never received that DHCPOFFER because it's sending a DHCPDISCOVER again.

When you do not use the Wifi of that printer, what becomes the IP after a while ? You can print the actual network settings I presume by pressing (a combination of) buttons on the printer.

Maybe not a second DHCP but a broken signal path in the switch (interchange all the ports to find out), a cable (swap chamge them all) or, worstc ase, the NIC in the printer has a 'broken' input (so it receives nothing).

cwagz · May 19, 2021, 5:48 AM

@gertjan The printer has always had a static IP assigned in pfSense. When my wife informed me that the printer was no longer working we went through and rebooted everything. I then noticed that the printer had a 169.X.X.X address. I checked everything and even rebooted my main switch. I tried manually configuring the printer to it's static IP address but it would not communicate. I could not get to it's webpage or ping it. I noticed the requests and offers listed over and over again in the pfSense log.

I then unplugged the network cable and the printer auto switched to WiFi and picked up a random address assigned by the pfSense DHCP. Now I could go to it's webpage and ping it. I went into pfSense and updated the printers static IP assignment to the new MAC and rebooted the printer. Now it came back up with its original static IP that it has always had and we were able to print without problem with no changes on the client computers.

Tonight I went to boot my kids computer via a linux flash drive as I normally have it mine ETH using RaveOS overnight. The computer has a static IP assigned by pfSense and was working fine all day in Windows 10. I get into Linux and no IP. I set a static IP and nothing. This time I do not see log entries in pfsense. I then booted this same computer straight back to Win 10 and it picks up its normal static IP no problem.

This machine was picking up an IP from pfsense just yesterday with the same RaveOS flash drive configuration.

I have rebooted my Netgear GS724Tv4 several times now. I can't remember the last time I rebooted it. Probably when I installed it in the rack.

I just find it really strange that someone else seemed to have the same problem.

My network consists of:
APU2 running pfSense
Netgear GS724Tv4 - pretty much default settings
3x Netgear WAC510 in access point mode managed via Insight
3 groups of 2 piholes that manage my kids internet content restrictions and YouTube access

I have had this configuration for a long time and never experienced anything like this. I assumed it was another DHCP server or an IP conflict but I am out of ideas now.

The only other thing I can think of is that my switch has gone bad or it is actually the HP 9025 causing the problem since that just seems like a crazy coincidence here.