DHCP inconsistencies with SG-1100 and windows

gpfsenser

I have a long time functioning DHCP server running on pfsense and generally have had no issues with it.

Recently, I had an issue with an old HD Homerun client not able to get an address - and was unable to figure out a way to get it to work - so I came up with a workaround for it.

This had me scratching my head and paying a bit more attention to DHCP.

I just noticed that my windows clients do not get the same subnet as my mac clients.

My lan subnet is now set up as:
172.16.0.0/16 (although I am willing to try something else).

Windows Client1:
IP:172.16.1.xx
Netmask: 255.255.255.0

Windows Client2:
IP:172.16.1.xx
Netmask:255.0.0.0

Mac Client1-10:
IP:172.16.1.xx
Netmask: 255.255.0.0 (should be 240 but I assume the dhcp entry will refresh eventually - that's fine)

Linux Client1-10:
IP: 172.16.1.xx
Netmask:255.255.0.0

Where is the netmask possibly configured for dhcp? Is there a place I can override or call it out specificaly? Why are my windows clients doing their own thing? Thanks in advance.

NogBadTheBad

@gpfsenser said in DHCP inconsistencies with SG-3100 and windows:

My lan subnet is now set up as:
172.16.0.0/12 ( I had set it up as /16 but just changed it to /12 as this is RFC compliant according to pfsense docs).

You need to use the same subnet mask on all your clients, the same thats set on the LAN interface.

Why /12 do you have 1048574 hosts on your LAN ?

Just because it states the following it doesnt mean you have to set your mask to /12 if you use a 172.16 - 31.x.x address.

Private Address Space

The Internet Assigned Numbers Authority (IANA) has reserved the
following three blocks of the IP address space for private internets:

10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)

https://support.microsoft.com/en-gb/help/164015/understanding-tcp-ip-addressing-and-subnetting-basics

gpfsenser

My understanding is the subnet mask should come from the dhcp service... should not have to set it on the client.

Very odd that different clients are getting different subnet masks...

And yes - this is a huge range - way more than needed. They said that also about 64kb of ram. So I hope to never have to change it. ;-)

NogBadTheBad

The subnet mask that dhcp uses comes from the interface setting.

They always must match, there is no reason what so ever for them to differ.

Just do the maths based on the URL I posted with the first or last IP address as the gateway and tell me if the gateway address is local to each of the devices with their various subnet masks.

gpfsenser

That's what I thought as well:
I'm using this currently on the LAN interface:
options=3<RXCSUM,TXCSUM>
inet6 fe80::1:1%mvneta0.4091 prefixlen 64 scopeid 0xb
inet 172.16.1.1 netmask 0xfff00000 broadcast 172.31.255.255
groups: vlan
vlan: 4091 vlanpcp: 0 parent interface: mvneta0
media: Ethernet 1000baseT <full-duplex>
status: active
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>

No gateway info specified on client, all info is configured to come from dhcp always. For now I'll stick with /16 ...

NogBadTheBad

@gpfsenser said in DHCP inconsistencies with SG-1100 and windows:

That's what I thought as well:
I'm using this currently on the LAN interface:
options=3<RXCSUM,TXCSUM>
inet6 fe80::1:1%mvneta0.4091 prefixlen 64 scopeid 0xb
inet 172.16.1.1 netmask 0xfff00000 broadcast 172.31.255.255
groups: vlan
vlan: 4091 vlanpcp: 0 parent interface: mvneta0
media: Ethernet 1000baseT <full-duplex>
status: active
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>

No gateway info specified on client, all info is configured to come from dhcp always. For now I'll stick with /16 ...

netmask 0xfff00000 broadcast 172.31.255.255 << thats an issue

0xfff00000 isn't a /16, count the number of f's

Screenshot 2020-01-13 at 18.45.42.png

Screenshot 2020-01-13 at 18.46.20.png

I'd use /24's if I was you.

gpfsenser

Yeah it's back to 16 now:
mvneta0.4091: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
inet 172.16.1.1 netmask 0xffff0000 broadcast 172.16.255.255

Thanks I'd rather fix the original problem and not randomly select a new range unless it's the only option. Perhaps a dhcp config option instead....

stephenw10

You should be able to use any of those subnet sizes and it should pass that to clients.

Check the DHCP setting in Services > DHCP Server > LAN. It will show you there what the subnet and available range is. You can't set a different subnet size.

Do you actually see those Windows and Mac clients listed in Status > DHCP leases?
I'd say it's more likely you have a rogue dhcp server somewhere. At least 1 given you have clients showing /8 /12 /16/and /24!

Steve