DHCPOFFER not being accepted
-
@kom That is correct. The log shows
May 17 11:01:07 dhcpd 44187 DHCPDISCOVER from 34:e1XX via em1
May 17 11:01:08 dhcpd 44187 DHCPOFFER on 192.168.4.246 to 34:e1XXvia em1
May 17 11:01:10 dhcpd 44187 DHCPDISCOVER from 34:e1XX via em1
May 17 11:01:10 dhcpd 44187 DHCPOFFER on 192.168.4.246 to 34:e1XX via em1This keeps going for a time and the device is never seen on the DHCP lease list and is not addressable.
-
@elliott32224 Seems like a problem with that device. What is it and does it have any logs?
-
@kom Thanks. It is Hubitat Hub. However, it is the third device in the past couple of days that has been affected. One of these is my HP Officejet Pro 9025. It seems like it has only occurred with wired devices. The workaround for the printer was to enable WiFi. The Hubitat Hub was placed on another network (NetGear modem) in order to work.
-
@elliott32224 Hmm. I've been using pfSense for many years and have never seen this problem. The fact that it is happening to more than one device indicates it's something between them and pfSense. Is this a lan or vlan? Is there a wifi device involved like an access point or router?
-
@kom So, you could be correct. I switched to eero for WiFi a couple of months ago. It is in bridge mode, of course. The LAN output from my pFsense (em1) goes to the eero and the eero output connects to an unmanaged switch for wired devices. Is there a different way to set this up?
-
@elliott32224 The Eero is between pfSense and your wired clients? That's unusual. How many lan ports do you have available? I personally would separate the LAN from wifi. Either put your switch on lan for your wired clients and wifi on OPT1 (if it exists), or create a vlan on your lan and put your wifi APs on that vlan. Use firewall rules to control access.
If you want to stay with a simpler config then plug your switch into pfSense lan port and then plug your wired clients and AP into the switch.
-
@kom Thank you! I went for the simpler option, but then could not get any internet access (no DHCP for devices) via the WiFi. This should have worked. I'll try again, when I have more time.
-
@elliott32224 If everything is plugged into the same dumb switch (or is it a smart switch?) and the wired clients can get an address while the wifi devices cannot then that says there is a problem with your wifi AP configuration. It should be set to DHCP as well for its management interface and it should bridge all wifi clients to your LAN.
-
@kom Thanks. It's a dumb switch. With the eero in bridge mode, there is no option for the WiFi to be a DHCP server. Also, the way I have wired the eero is the way it is recommended by eero: LAN cable from pfSense to eero; eero cable to switch.
-
@elliott32224 said in DHCPOFFER not being accepted:
With the eero in bridge mode, there is no option for the WiFi to be a DHCP server
Sorry, I meant that the Eero should get its address from pfSense via DHCP, not that the wifi clients should use the Eero for DHCP.
-
Is this part of a packet capture :
@elliott32224 said in [DHCPOFFER not being accepted](/post/983510): > May 17 11:01:07 dhcpd 44187 DHCPDISCOVER from via em1 > May 17 11:01:08 dhcpd 44187 DHCPOFFER on 192.168.4.246 to em1 > May 17 11:01:10 dhcpd 44187 DHCPDISCOVER from via em1 > May 17 11:01:10 dhcpd 44187 DHCPOFFER on 192.168.4.246 to via em1
?
If so, the device is probably answering, but the answer is never reaching pfSense because the DHCPACK from the client is send to the real - other - DHCP server.
The ACK is not a broadcast. It's an IP (accepted by the client) to IP (the DHCP server) what explains why pfSense never sees this ACK.
Did this device on em1 got an IP, and if so, what is it ? Go locate that second DHCP on your LAN and shut it down. -
@kom Thanks.
-
@gertjan Thank you. That is from the pfSense DHCP service log for the device. I use fing and I just ran their tool, DHCP Discovery:
"You have one single DHCP active in the network.
DHCP Server
pfSense:..." -
DHCP Guarding on the Eero maybe ?
-
@nogbadthebad Thanks. Could be, but there is no setting for that.
-
I just lost an HP OfficeJet 9025 on my wired network the other day. Same symptoms I see the request and offer in the logs but the officejet never gets an IP. Moved to wireless and all is good. No changes to my network recently that I know of. I thought it must have been a rouge DHCP server but Fing can’t find it.
Now I have a wired Linux box doing the same thing.
Really weird. Never experienced this before.
-
@elliott32224 said in DHCPOFFER not being accepted:
but there is no setting for that.
There is one 'setting' that will do the job : jto be sure : remove it from the network during tests to be sure.
@cwagz said in DHCPOFFER not being accepted:
I see the request and offer in the logs but the officejet never gets an IP
It sends a DHCPDISCOVER so it can communicate with pfSense.
pfSense sends DHCPOFFER : Looks like it never received that DHCPOFFER because it's sending a DHCPDISCOVER again.When you do not use the Wifi of that printer, what becomes the IP after a while ? You can print the actual network settings I presume by pressing (a combination of) buttons on the printer.
Maybe not a second DHCP but a broken signal path in the switch (interchange all the ports to find out), a cable (swap chamge them all) or, worstc ase, the NIC in the printer has a 'broken' input (so it receives nothing).
-
@gertjan The printer has always had a static IP assigned in pfSense. When my wife informed me that the printer was no longer working we went through and rebooted everything. I then noticed that the printer had a 169.X.X.X address. I checked everything and even rebooted my main switch. I tried manually configuring the printer to it's static IP address but it would not communicate. I could not get to it's webpage or ping it. I noticed the requests and offers listed over and over again in the pfSense log.
I then unplugged the network cable and the printer auto switched to WiFi and picked up a random address assigned by the pfSense DHCP. Now I could go to it's webpage and ping it. I went into pfSense and updated the printers static IP assignment to the new MAC and rebooted the printer. Now it came back up with its original static IP that it has always had and we were able to print without problem with no changes on the client computers.
Tonight I went to boot my kids computer via a linux flash drive as I normally have it mine ETH using RaveOS overnight. The computer has a static IP assigned by pfSense and was working fine all day in Windows 10. I get into Linux and no IP. I set a static IP and nothing. This time I do not see log entries in pfsense. I then booted this same computer straight back to Win 10 and it picks up its normal static IP no problem.
This machine was picking up an IP from pfsense just yesterday with the same RaveOS flash drive configuration.
I have rebooted my Netgear GS724Tv4 several times now. I can't remember the last time I rebooted it. Probably when I installed it in the rack.
I just find it really strange that someone else seemed to have the same problem.
My network consists of:
APU2 running pfSense
Netgear GS724Tv4 - pretty much default settings
3x Netgear WAC510 in access point mode managed via Insight
3 groups of 2 piholes that manage my kids internet content restrictions and YouTube accessI have had this configuration for a long time and never experienced anything like this. I assumed it was another DHCP server or an IP conflict but I am out of ideas now.
The only other thing I can think of is that my switch has gone bad or it is actually the HP 9025 causing the problem since that just seems like a crazy coincidence here.
-
@cwagz said in DHCPOFFER not being accepted:
The printer has always had a static IP assigned in pfSense.
Wait .....
The printer has TWO network interfaces.
The WIFI interface has been shut down.
The wired NIC is set to static IP settings : this means the printer is not using a "DHCP client" to obtain an IP (and network mask, and gateway, and DNS). It "Static" or "DHCP", not both.So this line :
DHCPOFFER on 192.168.4.246 to 34:e1XXvia em1
can not come from your printer, but some other device.
Is "34:e1XX" your printer ?
@cwagz said in DHCPOFFER not being accepted:
I then noticed that the printer had a 169.X.X.X address.
169.x.x.x is special.
The 169.x.x.x. is auto assigned by the DHCP client in a device when it does not obtain a valid lease with xx time.
On of the side effect of "169.x.x.x" is : "you can't communincate with it".
So, this printer with a static IP setup has no static IP setup.No need to access the GUI interface of the printer (a Ethernet connection must exist to be able to do this !) : use the buttons on the printer to print the printers settings. You can do so when the printer is connected to nothing, except the power.
What are the defaults 'after power on' network settings ?
@cwagz said in DHCPOFFER not being accepted:
or it is actually the HP 9025 causing the problem
The options are still opens ;)
-
@gertjan my printer was always set to DHCP. I had a static DHCP reservation in pfsense for it for the wired MAC. A few day ago it stopped getting an IP and was showing the 169 address. While troubleshooting I went into the printer menu and tried to statically assign the printers normal reserved address. The printer would still not work. I set the printer back to DHCP and pulled the Ethernet cable. This causes the printer to turn on its WiFi interface and request an address. This request was successful via pfsense dhcp.
I then altered the static reservation in pfsense so the wireless MAC would be assigned the correct address so my client computers would still print seamlessly. This all worked out and has been fine since. The printer is still successfully using DHCP over WiFi.
Now I have a pc that worked until today and now only gets DHCP when in windows? In Linux DhCP is not working and if I assign a static ip in Linux it still does not work. It worked yesterday.
It is like my switch is blocking the traffic. Or pfsense is somehow blocking the device. Like some kind of security setting since maybe it looks like a different device with the same MAC once I boot to Linux.
I really don’t know where to start.
I was going to update the switch firmware and factory reset it.