504 gateway time-out when trying to view dhcp leases

johanl79

Hardware: mini pc with Celeron N5100 and 4 x Intel I226 NIC, 8GB RAM
pfSense: 2.7

I installed the development version because I was getting very low bandwidth speeds with 2.6, most likely due to the I226 NICs. With 2.7 the speeds are exactly as expected. Initially I was able to view the DHCP leases fine, although it did take 30-40 seconds before the page loaded. Now I am getting the infamous 504 gateway time-out page when I try to view the leases. I've googled quite a bit but haven't been able to find a fix yet. I've increased the keepalive_timeout value to 120 seconds and rebooted but alas. The /var folder resides on the hard disk and not in memory. Has anyone been able to resolve this?

Dobby_

@johanl79

Was it a fresh install from USB pen stick (memstick)?
Not upgrading from 2.6 I mean
Are you on the latest 2.7 Devel version?
SSH or Console (13)
Are you using http or https?
Internally for the Dashboard
What lease time and page you are exactly talking here?
As an example: Services > DHCP Server > LAN

johanl79

@dobby_ It was not a fresh install, I installed 2.6 from USB memory stick (with two USB ethernet adapters connected so pfSense could connect to the internet). After the upgrade to 2.7 the Intel NICs were found and could be used as interfaces. Accessing the Status - DHCP leases page worked fine then. I have installed Suricata after but that shouldn't be causing it, right? I am using https for the pfSense dashboard.

Dobby_

@johanl79 said in 504 gateway time-out when trying to view dhcp leases:

It was not a fresh install, I installed 2.6 from USB memory stick

If so and you will be now on 2.7 anyway, if I will be in
your situation I would try out fresh install from scratch with 2.7 Developer version and you don´t run later into the PHP 7.x/8.1/8.2 or upgrade errors.

(with two USB ethernet adapters connected so pfSense could connect to the internet).

Not needed with 2.7 devel

After the upgrade to 2.7 the Intel NICs were found and could be used as interfaces.

Install from 2.7 Devel would be my way here.

Accessing the Status - DHCP leases page worked fine then. I have installed Suricata after but that shouldn't be causing it, right?

Yes I would more assume it is something with the default
gateway. Is the default gateway your WAN gateway?

I am using https for the pfSense dashboard.

And the cert is installed in the browser you are using?
All setting in the browser allowing anything there?

johanl79

@dobby_ I have not done anything with the certificate for the web GUI, but initially the DHCP leases page worked fine. I think I will go for the reinstall. Hope the restore from a backup will work :)

stephenw10

How many leases did you have?

You might just try manually removing the lease file.

johanl79

@stephenw10 I think I have about 30 leases max and a few of those are reservations. After deleting the dhcpd.leases file (I had stopped the DHCP service before doing it) I can now list the leases again in the GUI, only when there were 3 or 4 leases in it the page appeared in 3 seconds, now with 16 leases in it it already takes about 15 seconds for the page to show. I can see the problem reoccurring again, but I'll keep an eye on it. Thanks!

stephenw10

Hmm, that's waaaaay longer than I'd expect. I would try resetting the lease file if you have not:
https://docs.netgate.com/pfsense/en/latest/troubleshooting/ha-dhcp-failover.html#reset-lease-database

jimp

How large is the lease database file?

It doesn't matter how many leases there are, but how large the file is and how long it takes to parse.

If you have some odd client which is continually blasting the server with requests it may end up with an abnormally large database for only a few addresses. I'd download that database file and open it in a text editor and see what's inside. It should be easy to spot if there are numerous entries for a particular device in there. And if that is it, you can figure out what's broken on that device and fix it.

johanl79

@jimp So, the problem is back now after almost a week. I have dhcpd.leases and dhcpd.leases~ in the /var/dhcpd/var/db folder, the main leases file is 17kb. Seems a bit large for the size of my network but you can't say it's a huge file, right?

As for a device sending numerous requests, I see a few "android-dhcp-12" and "android-dhcp-13" requests but not that many and with different UIDs.

stephenw10

Hmm, no that's not large. Something funky in one of the recent lease values? Some undisplayable character?

jimp

That is pretty small.

We have to do some odd tricks to parse the lease file since the format used by ISC isn't very friendly to parsers. It's possible there is something in the lease data that is making the parser fall into an infinite loop. Probably something in one of the uid or client-hostname lines, but uid is much more likely to contain something problematic.