DHCP lease screen not loading
-
@drumnbisco said in DHCP lease screen not loading:
This only happened after I upgraded.
Most probably, the upgrade just exposed an issue : pfSense itself has no DNS any more.
This situation is often experiences by users that have no LAN issues (DNS issues for LAN clients) but wonder why pfSense doesn't propose updates any more.No working DNS for pfSense itself also means that the DHCP status generation page doesn't work any more, as every DNS request fails after 'many seconds'. If you have many DHCP leases, the page construction will takes minutes, or far more : the page takes forever to get generated, the browser or web server will finally bail out.
Yet another good reason NOT to forward or NOT to change any DNS settings.
Because the ones with default DNS settings do never experience " DHCP status page' " issues.
And if you forward : ok, but be ready to do some testing every time there is an issue. Even if the issue doesn't seem to be DNS related.
Like : can I load and update the list with proposed pfSense packages ?
Is thisactual ?
check system logs.
check DNS logs.I've just checked this myself :
I 'killed' unbound by pressing :Then I visited the Status DHCP Leases page.
It wouldn't load any more - that is : it loads partially. The "wheel" kept on spinning turning for minutes .....
When I started unbound, the page loaded instantly. -
@gertjan said in DHCP lease screen not loading:
@drumnbisco said in DHCP lease screen not loading:
This only happened after I upgraded.
Most probably, the upgrade just exposed an issue : pfSense itself has no DNS any more.
This situation is often experiences by users that have no LAN issues (DNS issues for LAN clients) but wonder why pfSense doesn't propose updates any more.No working DNS for pfSense itself also means that the DHCP status generation page doesn't work any more, as every DNS request fails after 'many seconds'. If you have many DHCP leases, the page construction will takes minutes, or far more : the page takes forever to get generated, the browser or web server will finally bail out.
Yet another good reason NOT to forward or NOT to change any DNS settings.
Because the ones with default DNS settings do never experience " DHCP status page' " issues.
And if you forward : ok, but be ready to do some testing every time there is an issue. Even if the issue doesn't seem to be DNS related.
Like : can I load and update the list with proposed pfSense packages ?
Is thisactual ?
check system logs.
check DNS logs.I've just checked this myself :
I 'killed' unbound by pressing :Then I visited the Status DHCP Leases page.
It wouldn't load any more - that is : it loads partially. The "wheel" kept on spinning turning for minutes .....
When I started unbound, the page loaded instantly.I'm not really sure what most of this means, mind you I'm a network\systems administrator that has a degree in this, but this doesn't make a lot of sense.
In my situation, which I believe is much like drumnbisco's issue, there was never an issue with DNS. I was able to get the proposed upgrade button, that's how I upgraded to 2.5 in the first place. The button continued to work as that's how I got upgraded to 2.5.1 while having issues with the DHCP screen. The two weren't connected at all. My pfsense handles DHCP (still) but hands out a DNS to the PiHole, which then handles all of the requests. That configuration is what I've used at my house for over a year or 2, since I installed the PiHole.
I'm not sure this is related to the issue anyone here is seeing.
-
@plague311
Ah, didn't know about the PiHole ...I rephrase my last (above) post :
Stop the DNS - unbound on pfSense, or your PiHole, and you see that the the DHCP lease page doesn't show up any more : it won't come to completion.
Because it can't 'resolve' host names any more. And that would explain the issue.You can check easily if 'DNS' is the explication of your issue : "DHCP Lease page not loading " :
Disable line https://github.com/pfsense/pfsense/blob/f528b6a9cba18d7f299fdeed8c84f22abb16fcf1/src/etc/inc/system.inc#L742 by putting a
//
in front of the line.Or make it look like
/* $hostname = gethostbyaddr($item['ip']); */
if the issue is gone, you know that the issue is that pfSense has no access to a 'DNS'.
-
@gertjan My issue is already resolved with whatever netgate did with 2.5.1. My DHCP leases screen works without issue now. I didn't have to change anything. Just updated and it started working again.
-
@plague311
Incorrect. v2.5.1 did not resolve the problem.
The upgrade temporarily masks the problem. -
@karlfife Oh that might be. It's been slow, but worked the few times I've needed to use it. Admittedly I use pfsense on a VM at my home. It doesn't get a lot of attention since I built it. One of those set it and forget it type of things. Every few weeks I check for updates, that's about it.
-
I found the error :-)
The timeout comes by /etc/inc/system.inc
line 735 $hostname = gethostbyaddr($item['ip']); -
I updated to 5.1 the other day and bam my DHCP Leases page stopped working.
I have a pihole and wanted to try some new config options to make it the logging better so I turned on Conditional Forwarding in the pihole for hostname resolution.
I also took the pihole's IP out of "System > General Setup > DNS Servers field."
Once I put the IP back in to the DNS Servers field under General Setup the DHCP page started working again instantly. Up until this point which coincides with my upgrade of pfsense I never had this issue and I always had the IP of my DNS server (pihole) in that field. EDIT: I also turned off Conditional Forwarding on the pihole before this so thought it was this but it was actually CF. Removing the DNS from General Setup did not cause it since it was set under DHCP Server settings as well.
I also had the IP of the pihole in "Services > DHCP Server > LAN" under Servers > DNS Servers. So in conclusion for my setup that existed this way for many years, removing the DNS IP from General Setup borked my DHCP page. Don't know why and I did that in an attempt to make the logging more accurate on the pihole.
EDIT: Use Conditional Forwarding is the issue actually on the pihole settings. I was tinkering and ultimately it was only this causing it. Some sort of loopback thing?
Leaving this message for future self-researchers. I am stupid to not just use pfBlockerNG but I love my little pi with LCD screen and PADD. -
Same problem here after upgrading to 2.5.0 and keeps happening after upgrading to 2.5.1
Deleting dchp.leases works for a short time, then fails to load again.Same goes when opening /diag_arp.php.
Our setup is quite standard, just openvpn-client-export package. -
@easpem Not fixed in the 2.5.2 update just pushed.
I'm surprised that this hasn't been fixed yet because it's a crippling regression. There's been a ticket open accurately describing the issue since early this year. I haven't had time to fix it myself, or I would have done so, but still I'm surprised that more of the user base isn't complaining about it, thus pushing it up the priority list for the normal developers (who could fix it in a fraction of the time it would take an outsider like me). -
@easpem said in DHCP lease screen not loading:
after upgrading to 2.5.1
You mean 2.5.2 ?
If the issue is still the same, that is, (see above) "gethostbyaddr()" times out, then it means that pfSense itself can't resolve. There is a DNS issue on pfSense.
Disable the function.
Or, undo whatever you did with DNS. I propose that you use the default settings.
Also, just to be sure : when you install pfSense using the default settings, then it uses the settings present when it came out of the box, then it works, right ? So now you're able to create the moment when it stops working.
This step is important.Btw "gethostbyaddr()" is a standard C language kernel function. It exists for every operating system. It uses the IP address as an argument, and asks the local DNS (accessible by 127.0.0.1 or localhost) to reverse resolve that IP, so it's gets a host name back.
For whatever reasoon this doesn't work any more.
So I think, as I never saw this issue myself, that there is something wrong with the 'DNS setup'. -
@karlfife The ultimate fix that I settled on was migrating to Opnsense. That was the only thing that completely resolved this issue.
-
I experienced the same issue when upgrading from 2.4.5_p1 to 2.5.1. I haven't gone from 2.5.1 to 2.5.2 yet so I can't comment on that. Granted, the system isn't super fast (it's an AMD Athlon 5150 with 8GB of RAM), but I can get very close to the line speed of 80Mbits down / 20Mbits up. There are only a few packages installed (nut, openvpn-client-export, and tftpd) so it's probably not a lack of CPU or resources.
Prior to the upgrade, the DHCP Leases page would load quickly, but after the upgrade it would almost always result in a "504 Gateway Timeout" (nginx) error page being displayed.
The upgrade appears to respect your existing settings (which might not be the same as the default installation settings in 2.5.x) so maybe that is causing the problem.
FWIW, /var/dhcpd/var/db/dhcpd.leases is about 970KBytes (this installation is at a church which is why it's so large compared to home use):
-rw-r--r-- 1 dhcpd _dhcp 973552 Jul 16 07:11 dhcpd.leasesBeing too lazy to count the number of occurrences by hand on such a large file, I did the following:
[2.5.1-RELEASE] [admin@m] grep -wc "lease" /var/dhcpd/var/db/dhcpd.leases
3804
[2.5.1-RELEASE] [admin@m] grep -wc "hostname" /var/dhcpd/var/db/dhcpd.leases
79
[2.5.1-RELEASE] [admin@m] arp -a | wc -l
58It appears that only 79 out of 3804 leases have hostname filled in.
I was able to get it to work (at least for now, we'll see if it's still working in a couple of weeks) by doing the following:
-
Turn off DNS Forwarder (I had enabled it when I installed pfSense 2.1 or 2.2 and entered OpenDNS' FamilyShield servers in System > General Setup > DNS Servers because this is for a firewall at a church), then save and apply those changes.
-
Turn on DNS Resolver and check the box for "DNS Forwarding Mode" in the "DNS Query Forwarding" section, then save and apply those changes.
Just to make sure, I turned DNS Resolver off and DNS Forwarder back on, then tried to reload the DHCP Leases page and it timed out again.
I'm not an expert, but does having DNS Resolver on (with DNS Forwarding Mode on) and DNS Forwarder off accomplish the same thing as having DNS Forwarder on and DNS Resolver off? Basically, I want DHCP clients to be using the results from OpenDNS' FamilyShield (208.67.220.123 and 208.67.222.123).
Also, the page does seem to load whether DNS Forwarding Mode is on or off, so I'm not sure what the proper setting should be. I assume "on" means that pfSense will forward a DNS query to the DNS servers specified in the General Setup but won't cache the results, while "off" means that pfSense itself will query the servers and then cache the results and use them for future queries (assuming that the TTL hasn't expired)?
-
-
Hello guys, My dhcp leases wasnt loading and when i waited for a long time the web page was giving me an error 504 or something like this .
I didn't dare to rm my dhcpd.leases file.
Then i tried something because I saw somewhere a suggestion that doing this mean it might not be a dhcp problem then I thought wait I will change something then try to see if it was the problem.
My configuration were local dns then fall back to remote dns since I use dns resolver( if i dont use it it is at least enable) I thought it was okay to use local dns then fall back.
So the change I made was to use remote dns ignore local dns.
then right after I saved I went back on the dhcp leases page and magical it was loading.
that was the solution for me as for you all i'm not sure but i wanted to share it at least.
Thank you,
Btw I use pfsense+ 21.02.2
-
Hi, Are you saying that you unchecked the "Enable Forwarding Mode" in DNS resolver and it resolved the issue?
We have been working with pfsense support for a number of weeks and have not gotten anywhere unfortunately
What page is the change to use remote vs local dns on?
Thanks!! -
@pfkitwargarrant I can almost guarantee this issue is related to DNS forwarding or DNS setup in general.
Once I turned off forwarding from my DNS server the issue went away. Didn't start until I upgraded to the new release but the issue is definitely DNS.
-
@bobby_hill1983 it's being quite a while, but I solved it by disabling DNS forwarding I just updated the host file on all my machines.
Under general I set t to ignore local servers and use external DNS only.
I've since tried enabling it a couple of times but I don't trust the DNS forward and DNS resolver at this point.
If you don't have a lot of machines it's no big deal to update their hosts or LM host file for Windows
Pre March 2020 I had an update kill one of my netgate machines and I had to ship it to them. Thing lit up red. Since that time I'm pretty reluctant to do updates and that last one that screwed up the DHCP, well let's say I haven't done any updates since
-
@pfkitwargarrant - I went to Services > DNS Forwarder and unchecked the "Enable DNS Forwarder" box. I then went to Services > DNS Resolver and checked the "Enable DNS Resolver" box.
@Gertjan - I meant to reply to your post from two weeks ago (see my post above about a week ago) but I think I replied to the main thread. Do the steps I listed in that post make sense? I've been using pfSense since maybe version 2.2 and each upgrade went relatively smoothly until the DHCP Leases page broke when going from 2.4.5_p1 to 2.5.1. The 2.5.x upgrade leaves the existing DNS settings alone which apparently may cause some things to break. In my case coming from 2.4.5_p1, DNS Forwarder was enabled and DNS Resolver was disabled, but reversing those settings (disabling DNS Forwarder and then enabling DNS Resolver) seems to have solved my problem.
2.5.x seems to be doing something very differently than previous versions.
It's been about a week since I made the changes and the DHCP Leases page still loads quickly.
-
@cmwang Ah that is exactly how my setup is configured at the moment, issue still persists.
-
Hi there i dont use DNS forwarder ( it is unchecked)
I use DNS resolver ( checked Enable DNS resolver) Checked DNSSEC , checked DHCP registration.In General setup I have my remote DNS servers
unchecked server Override
DNS Resolution Behavior : Use remote DNS servers, ignore local DNSThis is my setup.