DHCP request goes from LAN to WAN



  • Hello all,
    please give a hint to newbe, I have almost broken my head trying to resolve this puzzle…
    pfSense-1.2 with following setup:
                       --LAN---|            |
                       --vlan0--|            |
                           ...      |pfSense |--WAN(em0)---
           PC                     |            |
    192.168.60.10--vlan3--|            |

    PC with MS Windows is configured with static IP. I do not care about this PC but I do care about following problem. When PC boots it sends DHCP request
    16:28:08.869583 IP 192.168.60.10.68 > 255.255.255.255.67: BOOTP/DHCP, Request from e1:6c:d6:ae:52:90, length: 256
    At the same time tracing on WAN I see
    16:28:08.870134 IP 192.168.60.10.68 > 255.255.255.255.67: BOOTP/DHCP, Request from e1:6c:d6:ae:52:90, length: 256
    DHCP relay is turned off on all interfaces and was never turned on. No bridging.
    Can anybody give a hint please???

    Thanks.

    ---Edited---
    Forgot to mention - there is no NAT set up for packets coming from VLAN3 (I just forgot to do it).



  • Since you're working with VLAN's: Could you provide a map of how you assigned the VLAN's to the real interfaces and how you use them?



  • @GruensFroeschli:

    Since you're working with VLAN's: Could you provide a map of how you assigned the VLAN's to the real interfaces and how you use them?

    Of course! I will give you all interfaces
    LAN - bge0
    WAN - em0
    SYNC - em1
    WAN2 - em2 (failover internet link - works perfectly)
    and 4 vlans on bge1.
    Of course bge1 one does not have any IP and is used only to host VLANS.
    Usage is very simple - to allow clients from all vlans to use internet from WAN or WAN2. Users from LAN and vlan0 have right to go to any interface. No traffic allowed between other vlans.
    As you noticed actually these are two boxes with CARP interfaces and sync - works like a charm. For this test the second box was shut down as when it was not it caused a lot of problems (this is how I noticed this weird thing) - these DHCP broadcasts turned into storm on WAN interface, each box decided to relay this packets.
    Then I experimented a lot with the second box off.
    Adding NAT-rules for vlan3->NAT (I forgot to do it at first) did not change situation. As soon as broadcast dhcp-request arrives to vlan3 interface it is transmitted on WAN(em0) with source MAC of WAN interface.

    Thanks for attention.



  • Oops. Decided to experiment with clean box. Installed OF1.2 with simpliest setup LAN-WAN (only two interfaces, no vlans at all).
    Connect laptop with dhcp-client to LAN interface and booooms: on WAN interface I see DHCP broadcast with 255.255.255.255 as destination IP.
    I can provide any details. Please explain why it happens…

    Thanks.


Locked