Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DHCP problem with Captive Portal

    Scheduled Pinned Locked Moved Captive Portal
    7 Posts 2 Posters 2.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      veileyes
      last edited by

      Hello,

      My server running version: 2.3.2-RELEASE-P1 (amd64)

      With i7 CPU and 8 GB RAM, and running services ( DHCP, IP Forwarder, Snort, Captive Portal and ntopng) and I have 80 users connected via Wi-Fi

      everything is working fine but when users logins exceeded 50 users online, the whole lan stop responding and when I access to the dash board from WAN I got error message on DHCP logs as below

      "dhcpd: failed to send 300 byte long packet over em0 interface"
      "dhcpd: send_packet: Permission denied"

      also; there are no special firewall rules running.

      1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan
        last edited by

        Hi,

        Tell us more, like :
        Who is "em0 on your system ? (mine is : WAN) ?
        Do you have enough spare IP's left in the DHCP pool ?

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • V
          veileyes
          last edited by

          Hi Gertjan,

          em0 is my LAN interface, and there is one DHCP pool with range ( 192.168.10.20 : 192.168.10.200 )

          and maximum connected users on same time is: 70 user.

          by theway the problem solved when I reboot the system and occurred again after few hours

          1 Reply Last reply Reply Quote 0
          • GertjanG
            Gertjan
            last edited by

            pfSense could log if somethings goes wrong.
            You inspected the logs ?

            These :
            System - General
            System - DNS Resolver
            and
            DHCP

            Look also at Captive Portal Auth.

            No "help me" PM's please. Use the forum, the community will thank you.
            Edit : and where are the logs ??

            1 Reply Last reply Reply Quote 0
            • V
              veileyes
              last edited by

              Dear Gertjan,

              I appreciate
              your response, but I am already looked into all logs and the only error I got form DHCP while the problem occurred is:

              "dhcpd: failed to send 300 byte long packet over em0 interface"
              "dhcpd: send_packet: Permission denied"

              1 Reply Last reply Reply Quote 0
              • GertjanG
                Gertjan
                last edited by

                @veileyes:

                ….
                "dhcpd: failed to send 300 byte long packet over em0 interface"
                "dhcpd: send_packet: Permission denied"

                and let me guess, when this happens, no more IP get handed out - so people do not get an IP anymore, and thus : can't logging upon the captive portal.

                The thing is Google knows about this "dhcpd: failed to send byte long packet over interface" but all is related to ancient bugs that dhcpd had ones, in the past.
                It can't be the em0 = LAN firewall : the GUI only filters the incoming stream - not the UDP outgoing stream.
                I think it is a interface issue.

                What are your LAN firewall rules ?
                What did you removed from default after you installed pfSense ?
                Can you use the Captive Portal "as it should be used" : on a dedicated, NOT LAN, but OPTx interface ?
                pfSEnse runs in a VM ? (and guess what, when it is NOT running in a VM, but running in its own box, the errors disappear ;) ?)

                Look at this case : (ok, it's a 'Linux issue, not FreeBSD) and he was actually blocking with his firewall (using to strict iptables rules) : http://www.linuxquestions.org/questions/linux-networking-3/dhcpd-complains-failed-to-send-300-byte-long-packet-over-fallback-interface-4175548986/ - so this is was a "between chair and keyboard" issue.

                This is another one : https://forums.freebsd.org/threads/45149/ with a happy end (and a complex setup).

                No "help me" PM's please. Use the forum, the community will thank you.
                Edit : and where are the logs ??

                1 Reply Last reply Reply Quote 0
                • V
                  veileyes
                  last edited by

                  I belive it's not IP range issue because the DHCP range contain more that 200 IP to use and I adjusted the lease time to 1 hour.

                  • What are your LAN firewall rules ?
                    I didn't configure any firewall rules on em0 (LAN), only the default rules (Anti-Lockout Rule & Default allow LAN to any rule).

                  • What did you removed from default after you installed pfSense ?
                    Nothing!

                  • can you use the Captive Portal "as it should be used" : on a dedicated, NOT LAN, but OPTx interface ?
                    is it mandatory to add OPTx interface for Captive Portal ?

                  -pfSEnse runs in a VM ? (and guess what, when it is NOT running in a VM, but running in its own box, the errors disappear ;) ?)
                  Not VM, I installed pfSense directly on PC.

                  Finlay, after along time search in google I found that may be the problem occurred because of network memory buffer, so I am tried to increase the buffer size by adding some buffer tuning settings in "System Tunables" and "loader.conf.local"  , it helps some how as the error didn't occurred again but I got some delay on network.

                  I don't know it's solved permanently or it will occurred again but for 2 days now it's not occurred. before the tuning settings it was occurred one or two times every day

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.