DHCP / DNS Combo Unreliable Behavior

  • I am using the feature where DNS dynamically updates with DHCP releases. I have an issue where it will work for a while and then PFSense seems to just "decide" it doesn't want to respond for a machine anymore. I check the DHCP leases and a machine will be there, correct IP address and all, active, up, and otherwise perfect.

    I can ping other machines on the network by hostname just fine. However, PFSense will stop responding for that machine. I reboot the machine and sometimes PFSense picks it back up, only later to drop it again. Am I missing something? I can't figure out why this happens.

  • bump

    Still happening and only to the one VM. PFSense just dropped it. I'm staring at the DHCP leases. The VM is online, active, and has a lease. All the info is correct. MAC address etc, yet for some reason PFSense responds back to machines with unknown host when asked.

  • You are using the Resolver ?
    If your network is small or mid-sized, make all your DCHP lease 'static' in the DHCPv4 server.
    Uncheck DHCP Registration ( Register DHCP leases in the DNS Resolver )
    Check Static DHCP ( Register DHCP static mappings in the DNS Resolver )
    All devices will have the same IPv4 all time.
    Host are 'fixed' and known in your DNS whatever happens.

    ( and, I don't know if this issue still exists, but with any incoming DHCP lease the DNS Resolver was restarting if you checked "DHCP Registration" …. with many DHCP request coming it was restarting like a machine gun which gave 'issues'...)

  • Same here. Quite annoying. network hangs a lot cause of the often unbound's restarts.

  • Well, I have a baby-network, not more then 40 devices, so I entered them all in a DHCP static list.
    Problem was solved for me.

    Temporary visiting devices are not registered in the DNS, because I don't need to resolve them anyway (phones, pads, etc)

  • Hmm it’s indeed a good idea to move over to static ips for important devices and leave clients as they are.
    But wouldn’t there be a reasonable solution? Like a conf reload for unbound instead of a restart?

Log in to reply