Multiple VLANs using DHCP on each interface
-
I have created multiple VLANs on the OPT1 interface separate from our LAN. There are 101 - 150 VLANs running 192.168.101.0/24 through 192.168.150.0/24. I created the VLANs, created a DHCP server instance for each, then created a default pass rule on them. The VLANs work OK except the DHCP service is not leasing addresses. I wireshark capture on the interface shows ARP resolution between the clients and pfsense, along with DHCP requests, no answers. I test it on the OPT2 interface exactly the same way with only the PC attached to the port to isolate my network from the issue. It is not a conflict as I see some logs saying that. I must be missing something, any ideas out there appreciated. I am somewhat of a newb on pfsense. The log is fulll of the following:
Last 2000 DHCP Log Entries. (Maximum 2000)
Jan 24 08:15:07 dhcpd exiting.
Jan 24 08:15:07 dhcpd process and the information we find helpful for debugging..
Jan 24 08:15:07 dhcpd before submitting a bug. These pages explain the proper
Jan 24 08:15:07 dhcpd bugs on either our web page at www.isc.org or in the README file
Jan 24 08:15:07 dhcpd than a configuration issue please read the section on submitting
Jan 24 08:15:07 dhcpd If you think you have received this message due to a bug rather
Jan 24 08:15:07 dhcpd includes a bootp server.
Jan 24 08:15:07 dhcpd are not running HP JetAdmin software, which
Jan 24 08:15:07 dhcpd bootp in /etc/inetd.conf. Also make sure you
Jan 24 08:15:07 dhcpd running and that there's no entry for dhcp or
Jan 24 08:15:07 dhcpd Please make sure there is no other dhcp server
Jan 24 08:15:07 dhcpd Can't bind to dhcp address: Address already in use
Jan 24 08:15:07 dhcpd Sending on BPF/igb1/00:08:a2:09:98:7e/192.168.1.0/24
Jan 24 08:15:07 dhcpd Listening on BPF/igb1/00:08:a2:09:98:7e/192.168.1.0/24
Jan 24 08:15:07 dhcpd Sending on BPF/igb2_vlan101/00:08:a2:09:98:7f/192.168.101.0/24
Jan 24 08:15:07 dhcpd Listening on BPF/igb2_vlan101/00:08:a2:09:98:7f/192.168.101.0/24
Jan 24 08:15:07 dhcpd Sending on BPF/igb2_vlan102/00:08:a2:09:98:7f/192.168.102.0/24
Jan 24 08:15:07 dhcpd Listening on BPF/igb2_vlan102/00:08:a2:09:98:7f/192.168.102.0/24
Jan 24 08:15:07 dhcpd Sending on BPF/igb2_vlan103/00:08:a2:09:98:7f/192.168.103.0/24
Jan 24 08:15:07 dhcpd Listening on BPF/igb2_vlan103/00:08:a2:09:98:7f/192.168.103.0/24
Jan 24 08:15:07 dhcpd Sending on BPF/igb2_vlan104/00:08:a2:09:98:7f/192.168.104.0/24
Jan 24 08:15:07 dhcpd Listening on BPF/igb2_vlan104/00:08:a2:09:98:7f/192.168.104.0/24
Jan 24 08:15:07 dhcpd Sending on BPF/igb2_vlan105/00:08:a2:09:98:7f/192.168.105.0/24
Jan 24 08:15:07 dhcpd Listening on BPF/igb2_vlan105/00:08:a2:09:98:7f/192.168.105.0/24
Jan 24 08:15:07 dhcpd Sending on BPF/igb2_vlan106/00:08:a2:09:98:7f/192.168.106.0/24
Jan 24 08:15:07 dhcpd Listening on BPF/igb2_vlan106/00:08:a2:09:98:7f/192.168.106.0/24
Jan 24 08:15:07 dhcpd Sending on BPF/igb2_vlan107/00:08:a2:09:98:7f/192.168.107.0/24
Jan 24 08:15:07 dhcpd Listening on BPF/igb2_vlan107/00:08:a2:09:98:7f/192.168.107.0/24
Jan 24 08:15:07 dhcpd Sending on BPF/igb2_vlan108/00:08:a2:09:98:7f/192.168.108.0/24
Jan 24 08:15:07 dhcpd Listening on BPF/igb2_vlan108/00:08:a2:09:98:7f/192.168.108.0/24
Jan 24 08:15:07 dhcpd Sending on BPF/igb2_vlan109/00:08:a2:09:98:7f/192.168.109.0/24
Jan 24 08:15:07 dhcpd Listening on BPF/igb2_vlan109/00:08:a2:09:98:7f/192.168.109.0/24
Jan 24 08:15:07 dhcpd Sending on BPF/igb2_vlan110/00:08:a2:09:98:7f/192.168.110.0/24
Jan 24 08:15:07 dhcpd Listening on BPF/igb2_vlan110/00:08:a2:09:98:7f/192.168.110.0/24
Jan 24 08:15:07 dhcpd Sending on BPF/igb2_vlan111/00:08:a2:09:98:7f/192.168.111.0/24
Jan 24 08:15:07 dhcpd Listening on BPF/igb2_vlan111/00:08:a2:09:98:7f/192.168.111.0/24
Jan 24 08:15:07 dhcpd Sending on BPF/igb3/00:08:a2:09:98:80/192.168.99.0/24
Jan 24 08:15:07 dhcpd Listening on BPF/igb3/00:08:a2:09:98:80/192.168.99.0/24
Jan 24 08:15:07 dhcpd Wrote 101 leases to leases file.
Jan 24 08:15:07 dhcpd For info, please visit https://www.isc.org/software/dhcp/
Jan 24 08:15:07 dhcpd All rights reserved.
Jan 24 08:15:07 dhcpd Copyright 2004-2016 Internet Systems Consortium.
Jan 24 08:15:07 dhcpd Internet Systems Consortium DHCP Server 4.3.4
Jan 24 08:15:07 dhcpd PID file: /var/run/dhcpd.pid
Jan 24 08:15:07 dhcpd Database file: /var/db/dhcpd.leases
Jan 24 08:15:07 dhcpd Config file: /etc/dhcpd.conf
Jan 24 08:15:07 dhcpd For info, please visit https://www.isc.org/software/dhcp/
Jan 24 08:15:07 dhcpd All rights reserved.
Jan 24 08:15:07 dhcpd Copyright 2004-2016 Internet Systems Consortium.
Jan 24 08:15:07 dhcpd Internet Systems Consortium DHCP Server 4.3.4 -
No help on this one? DHCP works fine on the internal interface for our LAN, just not the OPT1 or OPT2 interfaces. Please help.
-
The VLANs 101 and 150 are connected to a switch or router? Make a small diagram of your infra.
-
The VLANs are 101 through 150 or 50 of them. All virtual interfaces on the OPT1 interface, connected to a switch on the inside network, trunked and passing all VLANs. When we set an address manually on clients connectivity to everywhere works. I have connected a PC directly to the interface and it will not get an address. With Wireshark running, I capture the ARP request, reply and DNS request no reply. I pasted the log from pfsense in the forum post. On the back end these are VMs using separate VLANs so they cannot connect. Thank you for helping me out. :)
-
I have to ask - is your pass rule allowing UDP? And does each subnet have their own pool of addresses?
-
I attached a snippet of the actual rule. You will see it is on VLAN101 Interface. Our setup is interfaces VLAN101, VLAN102, VLAN103…..VLAN150. All set up with this rule. Our subnetting scheme is also as the interface configuration. 192.168.101.0/24, 192.168.102.0/24, 192.168.103.0/24........192.168.150.0/24. We are setting up a virtualized pool of servers behind all this. One pool for each student consisting of a couple windows servers and clients to do some active directory training among other things. When we configure them with static addresses it all works well. DHCP is our only problem. As I pointed out earlier, we attached a laptop to the OPT2 interface. The current VLANs are all created on OPT1. From OPT2 DHCP is also not talking. Client sends a request, no answer, as observed with Wireshark. ARP works fine.
Got to be blocked somehow in these rules. Each interface only needs 1 rule passing any any, correct? Just like in the attachment. Thank you for helping out.
-
Rules are not your problem.
dhcpd Can't bind to dhcp address: Address already in use
is your problem.
Do you have another DHCP server somewhere or is your managed switch not passing DHCP?You did the obvious and enabled DHCP on each interface and defined a reasonable client range as well?
-
Only DHCP on the network with pfsense is pfsense. It is handing out addresses just fine on the LAN interface. That subnet is 192.168.1.0/24.
VLAN101 = 192.168.101.0/24
VLAN102 = 192.168.102.0/24
VLAN103 = 192.168.103.0/24
VLAN104 = 192.168.104.0/24
VLAN105 = 192.168.105.0/24
VLAN106 = 192.168.106.0/24
.
.
.
.
VLAN150 = 192.168.150.0/24Thank you, jahonix. I got the joke but a couple of my students did not. I need to work on them a bit.
-
I attached a snippet of one of the DHCP services for VLAN101.
-
Try a reboot.
-
I am at a loss for words. Glad and upset with myself at the same time. Can't believe I did not try that. It absolutely worked. DHCP is up and running on all the VLANs. Thank you