WAN DHCP briefly assigns IP in the same subnet as LAN

pfpv

I discovered a strange issue. I automatically power cycle my CODA-4582 cable modem once a month. I have a network controlled power bar that runs a script that disconnects power to the modem for 2 minutes at around 5am.

The modem is obviously in bridge mode. Its management IP in this mode is 192.168.100.1. My LAN has been on 192.168.0.0/24 since forever. Last time the cable modem was cycled the pfSense DHCP server crashed and restarted by watchdog. I inspected the logs and discovered that while booting (it takes about 4 minutes to boot) the modem brings up and down its Ethernet interface several times. And to my surprise at some moment it assigns an IP to my WAN from the same subnet as my LAN. It assigned 192.168.0.10 with a gateway 192.168.0.1.

Jul 21 05:27:01 	php 	10368 	notify_monitor.php: Message sent to ... OK
Jul 21 05:27:01 	check_reload_status 	483 	updating dyndns wan
Jul 21 05:27:00 	php 	79420 	servicewatchdog_cron.php: Service Watchdog detected service dhcpd stopped. Restarting dhcpd (DHCP Service)
Jul 21 05:26:59 	dhcpleases 	48039 	Could not deliver signal HUP to process 73805: No such process.
Jul 21 05:26:59 	dhcpleases 	35560 	Could not deliver signal HUP to process 73805: No such process.
Jul 21 05:26:59 	php-fpm 	753 	/rc.newwanip: rc.newwanip: on (IP address: 192.168.0.10) (interface: WAN[wan]) (real interface: igb0).
Jul 21 05:26:59 	php-fpm 	753 	/rc.newwanip: rc.newwanip: Info: starting on igb0.
Jul 21 05:26:58 	check_reload_status 	483 	Restarting IPsec tunnels
Jul 21 05:26:58 	check_reload_status 	483 	rc.newwanip starting igb0
Jul 21 05:26:18 	check_reload_status 	483 	Linkup starting igb0
Jul 21 05:26:18 	kernel 		igb0: link state changed to UP
Jul 21 05:26:14 	check_reload_status 	483 	Linkup starting igb0
Jul 21 05:26:14 	kernel 		igb0: link state changed to DOWN
Jul 21 05:26:12 	check_reload_status 	483 	Linkup starting igb0
Jul 21 05:26:12 	kernel 		igb0: link state changed to UP
Jul 21 05:26:10 	check_reload_status 	483 	Linkup starting igb0
Jul 21 05:26:10 	kernel 		igb0: link state changed to DOWN
Jul 21 05:25:11 	php-fpm 	61461 	/rc.linkup: HOTPLUG: Configuring interface wan
Jul 21 05:25:11 	php-fpm 	61461 	/rc.linkup: DEVD Ethernet attached event for wan
Jul 21 05:25:10 	kernel 		igb0: link state changed to UP
Jul 21 05:25:10 	check_reload_status 	483 	Linkup starting igb0

Then in 2 minutes it gives a real public IP.

Jul 21 05:29:06 	php-fpm 	753 	/rc.newwanip: IP Address has changed, killing states on former IP Address 192.168.0.10.

I was thinking how that could be and remembered that the management IP of this cable modem-combo in router mode is 192.168.0.1. So, it looks like when it boots it goes into router mode first and then into bridge mode, and on the way it temporarily assigns an IP from 192.168.0.0/24 that happens to be my LAN subnet.

I didn't notice that before probably because I had a dumb switch between the modem and pfSense, and pfSense didn't have link state change events on WAN.

I can't change the modem behavior. In order to avoid DHCP server crashes and other unintended behavior would I have to change my LAN subnet? It would be difficult for me as I use static DHCP mappings and use static ARP. I would have to manually go through a lot of settings.

I wonder why this caused the DHCP server crash and why this initiated a Dynamic DNS update when WAN couldn't possibly ping outside (the IP to ping is set manually outside my network). I am on dual WAN and when the cable was down pfSense failed over to DSL. But when WAN got that private IP, pfSense initiated a DynDNS update even though the gateway group IP didn't change. Namecheap DynDNS is broken again (Unknown Response) and pfSense thought it was updated but it wasn't. When it failed back to WAN DynDNS remained with the DSL IP. I had to force update hours later when I discovered that.

I am on Plus 22.05.

rcoleman-netgate

@pfpv said in WAN DHCP briefly assigns IP in the same subnet as LAN:

I am on Plus 22.05.

What hardware you running 22.05 on?

pfpv

@rcoleman-netgate
It's Intel(R) Core(TM) i5-3570 CPU @ 3.40GHz PC with two dual-port PCI-E Intel NICs. Older chipset (forgot the number) that identifies as igb.

rcoleman-netgate

@pfpv Have you done a PCAP on the WAN interface during this process to see what device out there is sending the DHCP address your WAN port is getting?

Jarhead

@pfpv That's not your LAN network.
Your cable modem uses that as it's private address space.
When you power cycle it, it doesn't have a wan address and assigns the private IP's to lan clients.
Totally normal for cable modems.

pfpv

@rcoleman-netgate
No. That WAN port is connected only to the cable modem. Only my cable modem could send the address and I described why it could do it this way.

pfpv

@jarhead said in WAN DHCP briefly assigns IP in the same subnet as LAN:

@pfpv That's not your LAN network.
Your cable modem uses that as it's private address space.
When you power cycle it, it doesn't have a wan address and assigns the private IP's to lan clients.
Totally normal for cable modems.

My LAN network happens to be on the same subnet. The modem assigns it only for 2 minutes before assigning a public IP but it seems it's enough to wreck havoc.

P.S. You confused me for a minute. The modem is in bridge mode. It is not supposed to have "LAN clients". It looks like it goes into routed mode for 2 minutes before going into bridge mode.

rcoleman-netgate

@pfpv Have you done a PCAP on the WAN interface during this process to see what device out there is sending the DHCP address your WAN port is getting?

If your cable modem is authoring the DHCP address that's why you're getting it.
if it's coming from outside your modem it's a bigger ISP issue.

Jarhead

@pfpv Yeah, you may want to change your LAN address.

BTW, you can test it just by disconnecting the coax from the modem, you'll see the private address on the WAN again.

https://www.192-168-1-1-ip.co/router/hitron/coda-4582/6655/#:~:text=Type%20192.168.,Hitron%20CODA%2D4582%20is%20cusadmin.

pfpv

@rcoleman-netgate said in WAN DHCP briefly assigns IP in the same subnet as LAN:

@pfpv Have you done a PCAP on the WAN interface during this process to see what device out there is sending the DHCP address your WAN port is getting?

If your cable modem is authoring the DHCP address that's why you're getting it.
if it's coming from outside your modem it's a bigger ISP issue.

I am pretty sure it's my cable modem. I explained the possible reason. It goes into routed mode first while booting, then it goes into bridge mode.

I guess my question is more if I have to switch my LAN to a different subnet if this modem behavior that I can't change causes problems. Is it a problem that WAN and LAN happen to be on the same subnet for 2 minutes? DHCP server on LAN crashed and DynDNS update was initiated without a reason and didn't go well. For now I placed a dumb switch between the modem and pfSense again but it's a bandaid.

Jarhead

@pfpv It's not gonna cause any problems. It's not like you can connect to anything until the modem comes up anyway.

rcoleman-netgate

@pfpv said in WAN DHCP briefly assigns IP in the same subnet as LAN:

I am pretty sure it's my cable modem. I explained the possible reason. It goes into routed mode first while booting, then it goes into bridge mode.

This is normal, though.

pfpv

@jarhead said in WAN DHCP briefly assigns IP in the same subnet as LAN:

@pfpv It's not gonna cause any problems. It's not like you can connect to anything until the modem comes up anyway.

Why did it cause the LAN DHCP server crash and DynDNS update? Keep in mind I am on dual-WAN with failover and at that time the primary WAN was on DSL. I think pfSense was confused.

Jarhead

@pfpv In that case change your LAN address.
I always use the 10/8 addresses based on the owners birthday.
So if your birthday was today, I would make your LAN address 10.7.24.0/2x.
Been doing this for years and have never overlapped or reused an address yet! I still expect it to come someday though.

serbus

Hello!

Check the DHCP Client Configuration in the Interface...Maybe...

Firefox_Screenshot_2022-07-24T22-52-00.604Z.png

John

Jarhead

@serbus Excellent point! Forgot that was there. Would save from having to change the subnet.

pfpv

@jarhead
Thanks for the tip about 10/8 addresses! Quite useful.

pfpv

@serbus said in WAN DHCP briefly assigns IP in the same subnet as LAN:

Hello!

Check the DHCP Client Configuration in the Interface...Maybe...

John

Thank you! This solves it. I should browse settings that are set and forgotten more often. It could have saved me from another earlier issue.

Would you happen to know the details about the "Alias IPv4 address" setting in the same tab? The Netgate docs say

This value used as a fixed IPv4 alias address by the DHCP client since a typical IP Alias VIP cannot be used with DHCP. This can be useful for accessing a piece of gear on a separate, statically numbered network outside of the DHCP scope. One example would be for reaching a cable modem management IP address.

I set to 192.168.100.1 which is the modem management interface when in bridge mode but going there brought me to pfSense login page. I am confused.

rcoleman-netgate

@pfpv Try setting it to 100.2

pfpv

@rcoleman-netgate said in WAN DHCP briefly assigns IP in the same subnet as LAN:

@pfpv Try setting it to 100.2

Yes, thank you. Once you wrote it, it suddenly became very logical. It works now.

I have always had a virtual IP on WAN 192.168.100.5/24 and it seemed to let me access 192.168.100.1. Only now I read in the instructions that "a typical IP Alias VIP cannot be used with DHCP".