Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Odd dhcp issue

    Scheduled Pinned Locked Moved DHCP and DNS
    1 Posts 1 Posters 458 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      PC Medic
      last edited by

      Let me start by saying I am fairly new to pfSense, but do consider myself somewhat capable with networking in general.

      Here is the situation…

      Have what I consider a pretty basic setup consisting of ISP Modem -> pfSense 2.4.3 running on Dell Optiplex using 2 port intel NIC -> Netgear GS108T Switch (port1=pfSense , port2= R7000, port3=WD MyCloud drive, port4=Dell Desktop1, port5= Dell Desktop2) -> Netgear R7000 Router (router in AP mode and cable is connected to router LAN port) . Basically everything is wired with exception of Xbox One, DirecTV and cell phones / tablets that connect via the R7000 AP .

      packages installed in pfSense are SNORT and nMap no port forward, VLANs or anything fancy, just basic setup

      Netgear Switch has been reset to factory defaults and though has the ability not setup as managed switch at this point.

      Everything works fine with the exception of odd dhcp behavior from one of the Dell desktops (nana). What happens is it receives an IP lease as it should just like all the other devices with a default 2 hour lease time. All devices renew there IP leases every two hours as expected. Issue is that every 24 hours the one Dell desktop during the renewal will have a problem with the DHCPREQUEST and pfSense dhcpd responds that it is an "unknown lease". Looking at the logs this will go on for 20 minutes to an hour with other devices getting their renewal throughout this time. Eventually the pfSense/dhcpd will respond with a DHCPDISCOVER for this clients MAC address followed by a DHCPOFFER for a new IP address, which is incremented by 1 from the previous address. this will repeat 3 - 4 times and then there will be a DHCPREQUEST from that client for this new IP followed by a DHCPACK for the new IP  ( ie: last night went 192.168.1.219 to 192.168.1.220 )

      But wait there's more ....

      Once this completes BOTH the new and old IP's show in DHCP Leases and to make things more confusing the old IP no longer shows a MAC address and the lease START and END times have changed from a 2 hour timeframe to a 24hour timeframe.

      this was first noticed a couple weeks ago and I have run out of things to try to correct it.

      Have reset R7000 and verified dhcp is disabled and AP Mode
      Have reset DHCP Server on pfSense, Reset States, rebooted pfSense
      Have cleared ARP cache, ipconfig release and renew, reset network settings and removed/reinstalled network on client having this issue.
      Both Dells are Windows 10 systems and have compared AV/firewall and network settings on them and both seem to match best I have been able to tell.

      Have attached DHCP Log and Lease images if that helps

      Any ideas / suggestions would be GREATLY appreciated as this is driving me nuts !!!

      dhcp_unknown_lease.png
      dhcp_unknown_lease.png_thumb
      dhcp_leases.png
      dhcp_leases.png_thumb

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.