Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    WAN DHCP not obtaining public IP from provider's router

    Scheduled Pinned Locked Moved General pfSense Questions
    12 Posts 5 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      amello
      last edited by

      It seems I'm going to start chasing my tail again.

      My provider uses a BGW 210-700 (from now on referred as router) and it has IP Pass through capabilities.

      I've tried in three different locations to setup a pfSense box for IP Pass through and it won't get the Public IP - it gets the class C IP from the router.

      To test got a linux box connected to the router, did the IP Pass through and the same, won't get the Public IP.

      Tried the same test with a windows box and it worked fine; got the public IP first attempt.

      At this point I'm assuming there is a difference between the dhcp client requests from freebsd/linux/windows, so will sniff the traffic to see how they request the info from the DHCP Server and compare.

      If you guys have any clue, will be appreciated.

      If I found the cause, will also post.

      Regards,
      Al

      JKnottJ 1 Reply Last reply Reply Quote 0
      • JKnottJ
        JKnott @amello
        last edited by

        @amello

        There shouldn't be any difference between Windows and Linux/Unix. DHCP is DHCP and is a very simple protocol. That you're getting RFC 1918 addresses indicates the router isn't configured for bridge mode. What addresses are you getting ith Linux & pfSense?

        PfSense running on Qotom mini PC
        i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
        UniFi AC-Lite access point

        I haven't lost my mind. It's around here...somewhere...

        A 1 Reply Last reply Reply Quote 0
        • awebsterA
          awebster
          last edited by

          I know some ISP equipment will only lease out a single IP address, to be sure power-cycle your equipment prior to connecting pfSense and see if that makes any difference.

          –A.

          1 Reply Last reply Reply Quote 0
          • A
            amello @JKnott
            last edited by

            @JKnott said in WAN DHCP not obtaining public IP from provider's router:

            @amello

            There shouldn't be any difference between Windows and Linux/Unix. DHCP is DHCP and is a very simple protocol.

            I'd agree with you, but in my case is only working on Windows.

            That you're getting RFC 1918 addresses indicates the router isn't configured for bridge mode. What addresses are you getting ith Linux & pfSense?

            I do get RFC1918 addresses on pfSense and ubuntu; Windows gets a public IPv4.

            @awebster said in WAN DHCP not obtaining public IP from provider's router:

            I know some ISP equipment will only lease out a single IP address, to be sure power-cycle your equipment prior to connecting pfSense and see if that makes any difference.

            The tests were successfully done with Windows, after the two other attempts with FreeBSD and ubuntu, so no power cycle is needed.

            Will analyze the sniffs to see what's different.

            1 Reply Last reply Reply Quote 0
            • A
              amello
              last edited by amello

              Quick update:

              WIreshark shows that, if the dhcp clients send a request for the public IP, the router ack and assign that IP; if the client sends a request with the class C IP and the client is setup in pass through, the router is not ack with the public IP.

              Only can think it is a bug on the router firmware, so if you are using BGW210-700, you might be facing that issue.

              1 Reply Last reply Reply Quote 0
              • stephenw10S
                stephenw10 Netgate Administrator
                last edited by

                Does the DHCP server appear the same in both cases? If it appears to be a public IP (or just something upstream) when it gives a public IP but something local when it gives private IPs you can just set the WAN to reject leases from the local server address.
                If pfSense is asking for a private IP that's because it one had that. You can probably remove that, though I'd have to dig to find out where!

                Steve

                A 2 Replies Last reply Reply Quote 0
                • A
                  amello @stephenw10
                  last edited by amello

                  @stephenw10

                  It is the ISP router for sure. Tested with a new one and worked fine. What I noticed was that when the client had the Public IP before and sent the request to the server to get it, the server ack with the public IP. When the client had a private IP, the ack didn't came with the public one, but with the private.
                  The new router has software version 1.10.9, and my pf has the public IP now.

                  Edit: To answer your question re: the DHCP server, yes, the only ack I see is from the router, so no conflicting DHCP servers on that LAN.

                  1 Reply Last reply Reply Quote 0
                  • A
                    amello @stephenw10
                    last edited by

                    @stephenw10 said in WAN DHCP not obtaining public IP from provider's router:

                    If pfSense is asking for a private IP that's because it one had that. You can probably remove that, though I'd have to dig to find out where!

                    If there is a way to tell pf to request an IP from the DHCP server, I could try to setup to ask for the public one. Hope once it is assigned will continue in case it changes, as now I have dynamic IPs (Cancelled my public subnet to save $).

                    JKnottJ 1 Reply Last reply Reply Quote 0
                    • JKnottJ
                      JKnott @amello
                      last edited by

                      @amello said in WAN DHCP not obtaining public IP from provider's router:

                      (Cancelled my public subnet to save $)

                      That might have something to do with what you were experiencing. I don't think you mentioned the public subnet before, but it is relevant. I don't know how your ISP works, but it might have something to do with MAC addresses etc. For example, with pfSense, when you map an IP address to a MAC, the device with that MAC will always get the assigned address and other MACs will get an address from the pool. Perhaps something similar is happening with your ISP.

                      PfSense running on Qotom mini PC
                      i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
                      UniFi AC-Lite access point

                      I haven't lost my mind. It's around here...somewhere...

                      A 1 Reply Last reply Reply Quote 0
                      • A
                        amello @JKnott
                        last edited by

                        @JKnott

                        Not the case, I've tested with four different sites. Only worked when I used a new router. Probably will have issues agein when the firmware is updated - I can't prevent from happening. The only hope is that, as pf has the ip already, the DHCP will let it be :)

                        1 Reply Last reply Reply Quote 0
                        • GertjanG
                          Gertjan
                          last edited by

                          Hi,

                          Check out this option :

                          https://forum.netgate.com/topic/147480/sg-1100-not-getting-wan-ip-if-internet-is-connected-after-solid-black-diamond

                          They permit, among others, the DHCP WAN Client to refuse RFC 1918 IP's.

                          No "help me" PM's please. Use the forum, the community will thank you.
                          Edit : and where are the logs ??

                          1 Reply Last reply Reply Quote 0
                          • stephenw10S
                            stephenw10 Netgate Administrator
                            last edited by stephenw10

                            If the local router gives you a private IP from it's own DHCP server you can just set the WAN DHCP client to refuse leases from that server.
                            But you can only do that if the DHCP server that hands you a public lease is not that same IP. Otherwise you've refused all leases 😉
                            https://docs.netgate.com/pfsense/en/latest/book/interfaces/ipv4-wan-types.html#dhcp

                            Steve

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.