Auto-renew DHCP after outage
-
Thanks @tomashk! Looks like you found the underlying root cause! I looked at your changes and they sound reasonable, at least the wrong byte that was returned (I don't fully understand the script). Thanks a ton for providing such fixes and posting them at the right place; that helps the maintainers a lot to integrate such fixes more easily into the main branch. Unfortunately, even though you reported this already in January 2019, it doesn't seem to be included in version 2.5 and isn't even in the open issues list, but it is still in the list "new issues". So it might take a while until we can see this in a standard update. There are several threads about this, so this will help many people and I can then finally get rid of my repair script.
-
@e4ch It is fairly easy to hack this fix in to an existing pfSense install; with the toughest/most involved part being getting dhclient rebuilt. Patching the dhclient-script such that it (correctly) returns nonzero when the default gateway in the cached lease is not pingable is trivially doable with the "system patches" package and the patch from the bug ticket.
The easiest way I have found to build the patched dhclient is to just setup a FreeBSD 11.2 VM, build the patched dhclient and copy over the binary to the pfSense host. This will persist until an update is performed. I am more than willing to share my dhclient binary if desired as well.
You might also be able to use the FreeBSD 12 stable branch dhclient verbatim as well, since such contains the exit status patch, however I haven't tested this personally.
-
I have the same DHCP issue here. ISP is Net1, Bulgaria. Thanks for the script. It helps with mitigating the problem.
-
@e4ch Thanks for the script. Just what I needed. I modified it to log to system.log, which uses the clog system, so the log won't get big...
#!/bin/sh wan="em5" currip=$(ifconfig $wan | grep "inet " | cut -d " " -f 2) if test -z "$currip"; then logger `date +%Y%m%d.%H%M%S` "pingtest - Detected empty IP on $wan! Will try again in 120 seconds." sleep 120 currip=$(ifconfig $wan | grep "inet " | cut -d " " -f 2) if test -z "$currip"; then logger `date +%Y%m%d.%H%M%S` "pingtest - 2nd try: Still empty IP on $wan! Will fix now." ifconfig $wan down sleep 10 ifconfig $wan up sleep 20 dhclient $wan logger `date +%Y%m%d.%H%M%S` "pingtest - Fixing done!" else logger `date +%Y%m%d.%H%M%S` "pingtest - 2nd try: $wan has IP $currip; ok" fi else logger `date +%Y%m%d.%H%M%S` "pingtest - $wan has IP $currip; ok" fi
-
-
@ohbobva @e4ch thanks for your scripts! This just hit my parents pfSense install - stupid cable went out (and of course they insist nothing is wrong) and pfSense did not automatically reconnect the WAN. I had my mom manually refresh the WAN interface and it came right back up. How annoying! Hopefully they can permanently fix it now that the root cause appears to be evident; in the meantime hopefully this script will take care of it the next time they flake out and swear nothing is wrong but then it magically starts working right after they complain.
-
@EricE : see https://forum.netgate.com/topic/148017/dhcp-client-issue
-
Thank You for the scripts!!
Are the scripts still needed in the latest version of PFsense or is this bug fixed?Regards
Brian
-
@Brian-Smit said in Auto-renew DHCP after outage:
Thank You for the scripts!!
Are the scripts still needed in the latest version of PFsense or is this bug fixed?I still needed them for my parents firewall.
-
Then i indeed also keep using them. I didn't have any issues anymore with Ziggo
-
So I tried your script, works well.
Pings and says in log that IP is up. However gateway monitor still says down. Have changed monitor IP to Google and still says down. I would need to renew wan lease in order to get it back up. Keep in mind that when gateway monitor is down, the script can still ping and says it’s ok.So I’m confused why on status/interface it says up but in gateway monitor it says down.
Is there a script that would automatically release and renew if either gateway monitor shows down or interface? -
Can someone tell me if the patch to dhclient is still needed for 2.4.5? I just upgraded to 2.4.5 and am wondering if I now need to include the patch mentioned at the link below, or if the patch is already included in the 2.4.5 I just installed.
https://redmine.pfsense.org/issues/9267
-
Click on your own link, find the line that says :
Patch to pfSense-dhclient-script was applied on 2.4.5 as well
That was 8 month ago.
-
Yes, I was uncertain about if this meant it was included in version 2.4.5 or if he was reporting that when he applied the patch to 2.4.5 it worked. I assume from your response it's the former.
-
@axxxxe said in Auto-renew DHCP after outage:
uncertain
The patch was initially targeted for 2.5.0, but finally back ported to 2.4.5(-p1).
I had to read the patch story twice also ;) -
Setting timeouts and other options worked well on 2.4.5 but after updating to 2.6.0 my WAN does not survive even the first change in DHCP. It goes down and stays down until I reboot the modem. This really really sucks again.
-
@tsmalmbe I tweaked and poked with the custom values and it sorta works again. That said, the ip changes very rarely (not even weekly) so it is hard do say if this works or not. Seems like something that nevertheless should be easy to fix.
-
@tsmalmbe did you ever solve the problem?
-
2.4.5 isn't used anymore.
Most of the 2.6.0 is probably upgraded to 2.7.0
Why don't you ?Can you packet capture the WAN interface, port 67 and 68.
You'll see the DHCP (pfsense as a client) requests for sure.
You'll see also the DHCP server, from your ISP router, or, if you use a bridge device, from an DHCP server located at the ISP site coming back. Do they make it to your pfSense ? If they don't : the uplink connection is bad ? ( ! ) -
I'm not sure if my problem has something to do with the OPs initial problem. But I read the whole thread and I am seeing similar issues in my setup.
Also the hardware and location match. I'm a customer of Magenta who took over UPC as some posters mentioned. I always had these connection problems followed by longer periods where everything worked. I always assumed the ISP hardware to be faulty. That's also the reason why I use Pfsense.My setup is:
ISP modem (bridge mode)
-> pfsense box (old thinkpad with built in nic for WAN and USB ethernet adapter for LAN) >
-> 2 dumb APs for WiFiMy entire network drops every couple of days. I can't connect via wifi nor via LAN. My devices and Pfsense GUI are not reachable. I can only access Pfsense shell via the PfSense box/thinkpad. I can ping to 8.8.8.8 but no device in my network is pingable (send to error).
Both WAN and LAN gateway are assigned the usual IPs. Usually only a restart of the PfSense box helped. But today I observed something strange.
I didn't want to reboot and replaced the WAN interface with a second USB Lan adapter and reassigned the interface via Pfsense shell. Suddenly the local network was reachable again and I had internet although with a slightly different public IP. Internet was very unstable. Pings resulted in packet losses until it completely died down. But the local network was pingable the whole time.
Searched the logs for hints but I'm too inexperienced. Didn't recognize anything severe though.
After tinkering around I assigned the WAN back to the original NIC. Unexpectedly internet came back with the old public ip.
I know this will happen again but I have no clue why. I eliminated any hardware problems one after another also switched cables and tried a ton of gateway, routing and other settings. Nothing helps.
This setup ran stable for months until I updated to version 2.7. that's when all this started. So I suspect Pfsense to be the problem here. 2.7.1 was worse with daily issues. 2.7.2 stays on 2-3 days. Shortly after the update even 6 days.
I have no idea what to do. Tried many steps in this Reddit post but not everything https://www.reddit.com/r/PFSENSE/comments/n4miga/pfsense_doesnt_recover_if_wan_fails_solutions/
Also flashed a fresh Pfsense without any additional packages to no avail.
After that I can only go the way with a script and reboot. Im my case I have to execute the reboot when I can't ping to my local network.
If anyone has an idea I'm all ears.
Cheers