DHCP reservation - GW

johnpoz

@stephenw10 said in DHCP reservation - GW:

Just very unusual to see a DHCP lease without a gateway.

I would agree... But I could see it maybe for IoT devices that you don't want to have internet access. I know that "none" option was added some time ago, and pretty sure it was per user requests for it..

edit: So doing a bit of digging, that none code must of been added as far back as 2015, since here is bug report about it
https://github.com/pfsense/pfsense/pull/1511

stephenw10

Mmm, the option router is taken from the main scope so entering 'none' will pass that to a static mapping entry too. You can enter an override option to send but omitting the option just sends the main scope value. I'm not sure you can send 'none' specifically, sending something invalid might be the best you can do there.

johnpoz

@stephenw10 so if I set the main scope to none, all reservations would also be "none" unless I called out something specific for that reservation. That prob should be called out in the note on the gateway setting in the reservation section.

While that is workable I guess. Better would be able to leave main scope at handing out say pfsense IP (default).

But being able to call out none for a reservation.

To answer the question specific for what the OP asked - I would think putting anything in there should work as long as its not actually a gateway ;) But that could lead to lots of unwanted traffic to that IP. I would think you could put in 127.0.01, so the dhcp client would just try and use itself as the gateway?

Never really played around with anything like that - because I just don't have the use case to want to do such a thing ;)

stephenw10

@johnpoz said in DHCP reservation - GW:

Better would be able to leave main scope at handing out say pfsense IP (default).
But being able to call out none for a reservation.

I agree but I'm not sure that's possible in the dhcpd conf:

subnet 192.168.22.0 netmask 255.255.255.0 {
	pool {

		range 192.168.22.10 192.168.22.245;
	}

	option routers 192.168.22.1;
	option domain-name-servers 192.168.22.1;
	ping-check true;

}
host s_lan_0 {
	hardware ethernet 24:5e:be:59:64:8e;
	fixed-address 192.168.22.5;

}

Maybe just 'option routers' with no IP? Setting the main scope to 'none' just omits it entirely.

AndyRH

Pretty good guessers. There are 2 reason for me to not pass a GW. IoT (cameras) that absolutely do not need out of the VLAN (yes there are rules in place, really no rules...) and my PC with 4 spare NICs. I from time to time put my system on various VLANs to make sure things are setup the way I think they are. Having 2 GWs on Windows results in going out the wrong interface more often than not.
I found it mostly a curiosity that creating the scope you can put "none" in the GW field and not pass a GW but you cannot do the same on a reservation.

stephenw10

Hmm, this feature requests appears to be in place already: https://redmine.pfsense.org/issues/11927 but the suggested workaround there, using the dhcp option 3 directly, can be applied to a static mapping.
And in fact it looks like this exact use case has been proven:
https://forum.netgate.com/post/1000576

Steve

johnpoz

@stephenw10 thats funny actually I didn't recall that thread at all ;) But this is really just a rehash of that thread ;) and I had suggested doing what you had said about pool to none, and set reservations for those that want a gateway..

AndyRH

Tried it out on an old iPad. Still getting a GW, but it may need a more aggressive approach to get past Apple being helpful.
I like the approach and will try the same trick to not give DNS servers to the cameras.

Thank you for searching better than I did...

stephenw10

Maybe the value type there should be IP address.

johnpoz

@andyrh ok just tried this on my windows pc.

So I set it to dhcp, got a lease with gateway per dhcp scope, etc

Then set up a reservation for 192.168.9.66, and set option 3 with nothing.. and released and renewed and got the .66 address, but no gateway..

stephenw10

Ah, nice!

johnpoz

@stephenw10 yeah that seems to be a good option for sure when you don't want a client to have a gateway. I think that should work for @AndyRH

AndyRH

Something went wrong around 13:50 and DHCP became corrupted. Had to restore it. (remember kids, backups are for fun, restores are serious)

I have a new weekend project...

Lots of 89884 messages then a crash. A restart did not work so I went to the backup.

Jan 3 13:59:06 dhcpd 89884 /etc/dhcpd.conf line 579: unexpected end of file
Jan 3 13:59:06 dhcpd 89884 ^
Jan 3 13:59:06 dhcpd 89884 }
Jan 3 13:59:06 dhcpd 89884 /etc/dhcpd.conf line 577: semicolon expected.
Jan 3 13:59:06 dhcpd 89884 For info, please visit https://www.isc.org/software/dhcp/
Jan 3 13:59:06 dhcpd 89884 All rights reserved.
Jan 3 13:59:06 dhcpd 89884 Copyright 2004-2021 Internet Systems Consortium.
Jan 3 13:59:06 dhcpd 89884 Internet Systems Consortium DHCP Server 4.4.2-P1
Jan 3 13:55:37 dhclient 18922 Creating resolv.conf
Jan 3 13:55:37 dhclient 18587 RENEW
Jan 3 13:50:37 dhclient 47334 Creating resolv.conf
Jan 3 13:50:37 dhclient 47085 RENEW

stephenw10

Hmm, just by adding the option value to a static mapping?

AndyRH

@stephenw10 That is my guess. I will test it this weekend.

AndyRH

I finally got back to this. I was not able to reproduce the problem. It is now working as expected.

AndyRH

Just in case someone wonders by...
If the DHCP scope has a GW value of "none", if you do not specify a GW in a static mapping the host will not get a GW.

stephenw10

Ah, yes that would do it. The static values override whatever is in the main config. So leaving it empty there would not override 'none' set in the main config.

Steve