How to let pfSense forget a DHCP lease completely?

Volans

Hi!

I want pfSense to give a DHCP client (printer) a new IP! For that I tried the following:

Disconnected the printer, waited for the lease to be "idle" so that I can delete it in the GUI, reconnected the printer.. but it gets the same old IP lease.
Disconnected the printer, went to Diagnostics > Edit File and removed the lease entry from "/var/dhcpd/var/db/dhcpd.leases" and "/var/dhcpd/var/db/dhcpd.leases~", rebooted the pfSense and reconnected the printer.. and it gets the same old IP lease.

So.. how to let pfSense forget this device/MAC, so that it gets another IP via DHCP? I have no idea.

PS.:
I need to change the IPs of the printers because I updated pfSense to 23.01. Since then 50% of all printers behind this pfSense are not able to send data via UDP/11108 through a site-to-site IPSec (VTI) tunnel to our print server. I see incoming packtes (same protocol/port) from the print server to the printer, the printer answers on the same port to the print server.. I can capture the packet on the LAN interface but it never reaches the IPSec interface on the same pfSense (routes and firewall rules are correct, other printers from the same subnet are able to send data on UDP/11108).

I was able to fix it by setting a static lease with another IP for the printer. Then I deleted the static lease, it got back it's old IP lease (so same IP as before) and it still works. But I don't want to do that for all printers.. new DHCP IPs would be great!

SteveITS

@volans Many devices will ask for the same IP they used to have.

What if you shorten the DHCP range and add an Additional Pool, to skip that one? So:

.2 to .45
.47 to .254

The DHCP Server shouldn't approve .46 in that case. Then undo that when done.

Personally, I always set a static IP or reservation for a printer...otherwise clients seem to lose them if/when the IP changes.

Volans

@steveits

Thank you Steve for that hint! I will reset a printer to factory defaults to see if it then requests a new IP. Maybe you're right.

We don't want to maintain static DHCP leases for our printers. All printers are setup via hostname.. either the printer itself supports DNS updates (RFC 2136) or there is a "Dynamic DNS" option in the pfSense DHCP server. Thats works great and you never have to reconfigure clients in case of changes in the subnet or something like that.

Gertjan

@volans

How to let pfSense forget a DHCP lease completely?

@volans said in How to let pfSense forget a DHCP lease completely?:

removed the lease entry from "/var/dhcpd/var/db/dhcpd.leases" and "/var/dhcpd/var/db/dhcpd.leases~", rebooted

Close.

First : stop the dhcpd process.
Then : delete (edit, move) /var/dhcpd/var/db/dhcpd.leases
Start dhcpd : it will start without any 'memory' of the past.

That won't stop the printer from asking the IP it was using before.
So, on the printer : stop the dhcp client.
Wipe the storage place where the old IP is stored if this is even possible I'm joking.
You probably have to reset the print, but that isn't a real solution neither. For example : our main printer (scanner): it will take me hours to set it up again.

The solution has been found :
"static DHCP leases" for every server type device. You set it up ones, and be done with it will the device lives in your network.

Btw : if your printer has 192.168.100.10 and it wouldn't router over IPSEC, but if you change it to 192.168.100.11 it would route .... that's beyond me.

Volans

@gertjan

Oh yes. Thank you! So simple.. of course I have to stop the process which uses the file I want to edit.

I replaced the IP with a new one, started the DHCPd again and I saw the right entry in the GUI. Reconnected the printer and it got the old IP. So the printer really asks actively for his old IP.

Now I'm waiting for the Kyocera support to tell me how to control the DHCP client. There must be a way.. telnet, ssh, what ever.

Thank you for your help! For the "lost packet" problem I will contact the Netgate TAC. The new IP can not be more than a workaround.

heper

@volans just assign it a fixed ip based on its mac-address in the dhcp server settings.

Gertjan

@heper said in How to let pfSense forget a DHCP lease completely?:

@volans just assign it a fixed ip based on its mac-address in the dhcp server settings.

@volans said in How to let pfSense forget a DHCP lease completely?:

We don't want to maintain static DHCP leases for our printers

heper

@gertjan

Set fixed ip => printer gets new ip eventually & forgets old lease
Remove fixed ip => printer gets another different IP eventually