Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Upgrade and New Install Fails To Obtain DHCP Address

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    8 Posts 3 Posters 847 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      datdamnmachine
      last edited by

      Setup #1:
      Internet Modem (Comcast) -> Core Switch Stack (LAN) -> Server 2012 R2 w/ Hyper-V running Pfsense 2.3.4-release-p1 -> Core Switch Stack (LAN)

      Setup #2:
      Internet Modem (Comcast) -> Core Switch Stack (LAN) -> Server 2012 R2 w/ Hyper-V running Pfsense 2.4.1 -> Core Switch Stack (LAN)

      Notes:  Modem connected to Core Switch Stack (master switch in stack only) via access port on seperate vlan via access port configuration (no vlan tagging).  Server 2012 R2 w/Hyper-V has Link Agg setup to Core Switch Stack for external access (Internet) and another Link Agg for internal access (LAN segments, no vlan tagging for primary lan, vlan tagging for secondary segments).

      So, with Setup #1, I tried upgrading Pfsense to version 2.4.0.  Internet stopped working.  Reviewed shows that DHCP was not getting an address.  I checkpointed the machines and reverted to the working checkpoint of 2.3.4 and everything started back working.  I decided to build a second virtual machine with Pfsense 2.4.1 (same specs, only difference being Generation 2 so SCSI Controller hard drives and DVD drive, networking the same but with different mac addresses, secure boot disabled.

      I experience the same issue as with the upgrade.  DHCP does not connect.  I checked the roadmaps for any bugs related to DHCP and they don't appear to be related.  I reviewed the VLAN WAN issue but it doesn't "appear" to be related to my situation.

      I took some logs:

      Pfsense 2.3.4 (Working)

      
      Note:  Read from bottom-to-top in chronological order.
      
      Oct 31 18:24:47	dhclient	6295	bound to 73.83.14.104 -- renewal in 99973 seconds.
      Oct 31 18:24:47	dhclient		Creating resolv.conf
      Oct 31 18:24:47	dhclient		/sbin/route add default 73.83.14.1
      Oct 31 18:24:47	dhclient		Adding new routes to interface: hn3
      Oct 31 18:24:47	dhclient		New Routers (hn3): 73.83.14.1
      Oct 31 18:24:47	dhclient		New Broadcast Address (hn3): 255.255.255.255
      Oct 31 18:24:47	dhclient		New Subnet Mask (hn3): 255.255.255.0
      Oct 31 18:24:47	dhclient		New IP Address (hn3): 73.83.14.104
      Oct 31 18:24:47	dhclient		ifconfig hn3 inet 73.83.14.104 netmask 255.255.255.0 broadcast 255.255.255.255
      Oct 31 18:24:47	dhclient		Starting add_new_address()
      Oct 31 18:24:47	dhclient		REBOOT
      Oct 31 18:24:47	dhclient	6295	DHCPACK from 96.120.103.1
      Oct 31 18:24:47	dhclient	6295	DHCPREQUEST on hn3 to 255.255.255.255 port 67
      Oct 31 18:24:47	dhclient		PREINIT
      
      

      Pfsense 2.4.0/2.4.1 (NOT Working, logs from 2.4.1)

      
      Note:  Read from top-to-bottom in chronological order.
      
      Oct 31 15:40:36	dhclient	64375	DHCPDISCOVER on hn3 to 255.255.255.255 port 67 interval 2
      Oct 31 15:40:38	dhclient	64375	DHCPDISCOVER on hn3 to 255.255.255.255 port 67 interval 4
      Oct 31 15:40:42	dhclient	64375	DHCPDISCOVER on hn3 to 255.255.255.255 port 67 interval 7
      Oct 31 15:40:49	dhclient	64375	DHCPDISCOVER on hn3 to 255.255.255.255 port 67 interval 20
      Oct 31 15:41:09	dhclient	64375	DHCPDISCOVER on hn3 to 255.255.255.255 port 67 interval 15
      Oct 31 15:41:24	dhclient	64375	DHCPDISCOVER on hn3 to 255.255.255.255 port 67 interval 13
      Oct 31 15:41:37	dhclient	64375	No DHCPOFFERS received.
      Oct 31 15:41:37	dhclient	64375	No working leases in persistent database - sleeping.
      Oct 31 15:41:37	dhclient		FAIL
      
      
      1 Reply Last reply Reply Quote 0
      • D
        datdamnmachine
        last edited by

        Update:  Tried with a Generation 1 VM, same issue.  For whatever reason, the DHCP client on version 2.4.x does not appear to be functional in a Hyper-V VM.

        1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by

          You would have to back that statement up with actual packet captures showing the traffic failing. Perhaps your virtual environment or layer 2 is not configured properly.

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • D
            datdamnmachine
            last edited by

            @Derelict:

            You would have to back that statement up with actual packet captures showing the traffic failing. Perhaps your virtual environment or layer 2 is not configured properly.

            Well, considering that my working setup fails to obtain an IP address when upgrading to 2.4.0 but, when I revert the checkpoint back to the working 2.3.4, it is able to again, leads to believe my environment and layer 2 is working as it should.

            As a test, I will try setting up a new gen1 vm with 2.3.4 on it to confirm my theory about 2.4.x.

            1 Reply Last reply Reply Quote 0
            • D
              datdamnmachine
              last edited by

              Status update.  So, I was able to get Internet working on a new install.  I have mac address spoofing enabled on the Internet interface and I believe that was causing issues.  Even when I enabled it on the new install, it still wasn't working.  Only when I disabled it on my working 2.3.4 install, release/renewed DHCP, shut that install down, and started the new install up (it uses the same mac addresses as the current working install) was it able to get a DHCP address.  So, that part solved.

              Now, when I import my configuration into the 2.4.1 install, I seem unable to get Internet access.  I thought it might be because I have plugins installed and need to get those installed on the 2.4.1 box.  I did this and the same issue.  On the console, you will see this:

              
              Waiting for Internet connection to update pkg metada and finish package reinstallationUpdating pfSense-core repository catalogue…
              
              

              It will fail to see the repositories and will indicate it is using the default configuration and will continue on like this until it finally boots.  However, it won't have an Internet IP address.  I'm assuming either a package configuration (freeradius, openvpn-client-export, pfBlockerNG) may be or some other setting being imported that is causing problems.

              1 Reply Last reply Reply Quote 0
              • T
                tim.mcmanus
                last edited by

                If your 2.3.4 is a VM, clone it and then do an in place upgrade to 2.4.1.  Take that config file and move it to your 2.4.1 installation.

                My guess is that there is a legacy configuration that is causing the issue.

                If you don't import your config from 2.3.4 and instead manually config it, does it work?

                1 Reply Last reply Reply Quote 0
                • D
                  datdamnmachine
                  last edited by

                  So, I tried upgrading my current install since mac spoofing was disabled.  I checkpointed first, then upgraded.  It was successful to 2.4.0.  I then checkpointed the VM and upgraded again.  Successful…ish.

                  Essentially, my Internet VPN would not connect due to DNS errors.  I have custom options configured in Unbound DNS resolver for this.  It was because the upgrade put all my custom options ahead of this line:

                  
                  server:include: /var/unbound/pfb_dnsbl.*conf
                  
                  

                  Once I moved that line back to the top and saved my settings, my Internet VPN connected.  So far, so good.

                  1 Reply Last reply Reply Quote 0
                  • D
                    datdamnmachine
                    last edited by

                    Wanted to finally update this.  Remember this error:

                    
                    Waiting for Internet connection to update pkg metada and finish package reinstallationUpdating pfSense-core repository catalogue…
                    
                    

                    Essentially, it was FreeRadius.  It needed to be re-installed but, with the previous problems I was having, it was not working.  Once I resolved those (i.e. Internet and Internet VPN working), I was able to reinstall this package.  That took care of this.

                    Hopefully, this helps someone dealing with the same/similar situation.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.