• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

moving DHCP server from Windows Server to pfSense

Scheduled Pinned Locked Moved DHCP and DNS
6 Posts 4 Posters 902 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • A
    aagaag
    last edited by Jul 2, 2023, 1:26 PM

    I intend to move a DHCP server (with 300 mac address reservations) from a Windows Server to pfSense. I have already duplicated the reservations to the pfSense config. My question are:

    • Is it sufficient to just activate the pfSense DHCP server and then deactivate the Windows server?
    • I understand that the DHCP server sends information about the default gateway (which in this case is the pfSense itself). How do I instruct pfSense to do that?
    • Same for the DNS server for local LAN addresses. At the moment it's hosted by Windows DNS server, but I'd like to move it to pfSense as well. How do I tell pfSense DHCP server to broadcast its own DNS server?
    • What else (if anything) do I need to do?

    many thanks in advance!

    J S 2 Replies Last reply Jul 2, 2023, 1:51 PM Reply Quote 0
    • J
      johnpoz LAYER 8 Global Moderator @aagaag
      last edited by Jul 2, 2023, 1:51 PM

      @aagaag said in moving DHCP server from Windows Server to pfSense:

      How do I instruct pfSense to do that?

      that is the default config, there is nothing to do - the only time you would need to do something if you wanted to hand out something other than pfsense IP address as the gateway.

      An intelligent man is sometimes forced to be drunk to spend time with his fools
      If you get confused: Listen to the Music Play
      Please don't Chat/PM me for help, unless mod related
      SG-4860 24.11 | Lab VMs 2.7.2, 24.11

      1 Reply Last reply Reply Quote 0
      • S
        SteveITS Galactic Empire @aagaag
        last edited by Jul 2, 2023, 2:46 PM

        @aagaag With 300 reservations I’m guessing it’s a large network, and Active Directory? I’d actually reconsider. Windows Server can have multiple DNS servers that sync AD by default, and failover DHCP.

        To use pfSense as your DNS you should add a domain override that points your AD domain to the IP address(es) of your Windows DNS server(s). Otherwise you’ll have all sorts of problems.

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote 👍 helpful posts!

        J 1 Reply Last reply Jul 2, 2023, 3:09 PM Reply Quote 0
        • J
          johnpoz LAYER 8 Global Moderator @SteveITS
          last edited by Jul 2, 2023, 3:09 PM

          @SteveITS said in moving DHCP server from Windows Server to pfSense:

          and Active Directory?

          I would agree - if this is MS house running AD, I don't see why you would move your dns/dhcp away from that? But maybe they are moving away from AD and shutting it down in why wants to move the dhcp to pfsense?

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.7.2, 24.11

          S 1 Reply Last reply Jul 2, 2023, 3:24 PM Reply Quote 0
          • S
            SteveITS Galactic Empire @johnpoz
            last edited by Jul 2, 2023, 3:24 PM

            Another option would be to use pfSense high availability, two routers with failover DHCP there.
            Still needs the domain override or devices will no longer talk to AD.

            Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
            When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
            Upvote 👍 helpful posts!

            1 Reply Last reply Reply Quote 0
            • B
              bmeeks
              last edited by bmeeks Jul 2, 2023, 7:06 PM Jul 2, 2023, 7:04 PM

              Another vote here -- do not dump Active Directory DNS and DHCP unless you are actually moving totally away from Active Directory and moving your Windows boxes out of AD.

              The unbound resolver in pfSense won't like some of the required Active Directory DNS records, so you will likely not be able to dump the AD DNS server(s) unless you are moving completely away from Microsoft's AD infrastructure all together. So, if you have to keep the AD DNS box, why not just retain the DHCP, too?

              Microsoft's DHCP/DNS implemention is much better than what pfSense currently offers because the Microsoft server allows dynamic DNS updates WITHOUT having to restart the DNS server every time a DHCP lease renews and/or a client registers its hostname. You can also configure automatic DHCP failover scopes in the Microsoft environment as well.

              1 Reply Last reply Reply Quote 0
              1 out of 6
              • First post
                1/6
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                This community forum collects and processes your personal information.
                consent.not_received