Trying to request longer lease time on WAN (!) DHCP request

j.koopmann

Hi,

my ISP told me to request a longer DHCP lease time (I am relatively positive that this is a bullshit request but anyhow). So I figured putting

option dhcp-lease-time 86400

in the send options of the WAN interface should do the trick. However the DHCP Request looks like this:

12:05:32.616759 00:e0:97:1d:54:20 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 328)
    0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 00:ff:97:1d:54:20, length 300, xid 0x23de6b30, Flags [none] (0x0000)
	  Client-Ethernet-Address 00:ff:97:1d:54:20
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message Option 53, length 1: Request
	    Requested-IP Option 50, length 4: -hidden-
	    Client-ID Option 61, length 7: ether 00:ff:97:1d:54:20
	    Hostname Option 12, length 12: "XXX"
	    Parameter-Request Option 55, length 10:
	      Subnet-Mask, BR, Time-Zone, Classless-Static-Route
	      Default-Gateway, Domain-Name, Domain-Name-Server, Hostname
	      Option 119, MTU
	    END Option 255, length 0
	    PAD Option 0, length 0, occurs 15

And of course all I get is the standard DHCP lease time from the ISP. What am I missing?

Gertjan

@j-koopmann said in Trying to request longer lease time on WAN (!) DHCP request:

option dhcp-lease-time 86400

in the send options of the WAN interface should do the trick.

And it does.
That is, you are already aware that 'ISP phone support' doesn't know sh*t about their DHCP server settings.
And that the server DHCP can take in account the lease duration, but imho, that's rare. It's probably a MIN and MAX settings, and the request from the client should be between these values. If not, it's clipped.

My question : you changed what where and how ?

You created your own config file I presume ?

j.koopmann

The underlying problem is that sometimes during the day the WAN IP address changes for no apparent reason which leads to killed sessions etc. I raised this with support and the obvious first answer was "maybe a problem with your WAN CAT cable". Yeah right.

They then admitted that even if that cable had a problem a subsequent DHCP request should usually yield the same IP as before and the fact that it does not they wanted to look into. Now they called and answered "well the lease time is only 30 minutes so why don't you simply request a much longer one". I am aware that this is a bullshit answer but wanted to "please" their support process.

I fail to see that the 86400 are even requested in the first place.

Gertjan

@j-koopmann

I've checked the generated dhcp client config file ( in /var/etc/ )

interface "ix3" {

	supersede interface-mtu 0;
# DHCP Protocol Timing Values
timeout 60;
retry 15;
select-timeout 0;
initial-interval 1;

# DHCP Protocol Options
	send option dhcp-lease-time 2000;

	script "/usr/local/sbin/pfSense-dhclient-script";
}

This are the details of the lease obtained : (in /var/db/)

lease {
  interface "ix3";
  fixed-address 192.168.10.4;
  next-server 192.168.10.1;
  option subnet-mask 255.255.255.0;
  option routers 192.168.10.1;
  option domain-name-servers 192.168.10.1;
  option domain-name "home";
  option broadcast-address 192.168.10.255;
  option dhcp-lease-time 86400;
  option dhcp-message-type 5;
  option dhcp-server-identifier 192.168.10.1;
  option dhcp-renewal-time 43200;
  option dhcp-rebinding-time 75600;
  option option-125 0:0:d:e9:24:4:6:34:34:44:34:35:34:5:f:4c:4b:32:32:31:33:32:44:50:39:39:37:32:36:38:6:9:4c:69:76:65:62:6f:78:20:36;
  renew 5 2023/8/18 22:50:52;
  rebind 6 2023/8/19 07:50:52;
  expire 6 2023/8/19 10:50:52;
}

As you can see, even my ISP router, the DHCP server I use, gave a "86400" even if I asked for a "2000".
But : I didn't check the DHCP Request, thought.... no Wireshark available right now.

The syntax of the config file seems correct to me.
https://linux.die.net/man/5/dhclient.conf

johnpoz

@Gertjan said in Trying to request longer lease time on WAN (!) DHCP request:

gave a "86400" even if I asked for a "2000".

Yeah.. doesn't matter if you ask for 5 minutes or 2 weeks. The dhcp server is most likely just going to send you what its setup to send you.

That its sending you 30 minute lease is kind of BS.. I get huge lease from my isp, and I sure am not asking for that by default.

  option dhcp-lease-time 410311;
  option dhcp-message-type 5;
  option dhcp-server-identifier 207.181.192.241;
  renew 0 2023/8/20 21:00:13;
  rebind 2 2023/8/22 15:44:34;
  expire 3 2023/8/23 05:59:29;

I just released and renewed trying to catch the dhcp traffic, but forget that would have to setup a span port on switch I run the wan connection through to catch it.. Before it was 7 day lease. The weird 410311 time came that was what was left on lease when I released it and then renewed.

The thing is shouldn't matter what you ask for - or get, it should renew at the 50% of your lease and there really shouldn't be a IP change. If your ISP is forcing an IP change, and only have a 30 minute lease is shitty setup if you ask me.

What I would do is what they ask, and set the lease request time... Capture the actual dhcp exchange and send them the pcap.. etc..

If you look in your /var/db/dhclient.leases.interface file you should have some details of what they are sending you and that its not renewing when it should, etc. And most likely going all the way to end of lease and then sending out new discover vs just a request.

j.koopmann

@johnpoz said in Trying to request longer lease time on WAN (!) DHCP request:

What I would do is what they ask, and set the lease request time... Capture the actual dhcp exchange and send them the pcap.. etc..

My thoughts exactly and exactly what I plan on doing. I am 100% positive that the dhcp WAN client setup has zero impact on the actual error. But to please them I would like to show it to them.

My dhclient.conf looks like this:

interface "igc0.132" {

        supersede interface-mtu 0;
# DHCP Protocol Timing Values
timeout 60;
retry 15;
select-timeout 0;
initial-interval 1;

# DHCP Protocol Options
        send option dhcp-lease-time 86400;

        script "/usr/local/sbin/pfSense-dhclient-script";
}

But in the pcap I fail to see that the 86400 are requested.

17:55:55.182175 00:e0:97:1d:54:20 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 328)
    0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from 00:ff:97:1d:54:20, length 300, xid 0xf941506, Flags [none] (0x0000)
	  Client-Ethernet-Address 00:ff:97:1d:54:20
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message Option 53, length 1: Request
	    Requested-IP Option 50, length 4: -hidden-
	    Client-ID Option 61, length 7: ether 00:ff:97:1d:54:20
	    Hostname Option 12, length 12: "pfSenseHills"
	    Parameter-Request Option 55, length 10:
	      Subnet-Mask, BR, Time-Zone, Classless-Static-Route
	      Default-Gateway, Domain-Name, Domain-Name-Server, Hostname
	      Option 119, MTU
	    END Option 255, length 0
	    PAD Option 0, length 0, occurs 15

I would expect tcpdump to show the requested/sent dhcp lease time option but it is not showing in either. That is what is troubling me since I cannot show them that I did what they requested.

johnpoz

@j-koopmann Can you post the full pcap.. You can always obfuscate details of your actual wan IP in the pcap.

It's a bit of pain to capture my actual pfsense wan dhcp.. But here for example is a local dhcp discover, offer, request and ack

So I edited client of mine dhclient.conf to send the lease time of 3600

Here is details of the capture (did a packet capture on pfsense)

And you can see the previous lease a full day (24 hours), which is what I have pfsense set too for default lease time..

And the new lease was what my client requested of 1 hour..

here is the pcap if you want to look at it in wireshark, to compare to what you are capturing.. Your going to have way better details, opening the pcap in say wireshark then how your looking at it? The option your wanting to look at is option 51

dhcp.pcap

edit: just noticed you have option in there, you shouldn't need that, so remove that from your advanced settings.

edit2: So for example here obfuscated pcap... bittwist is one tool, haven't used that in long time - but used tracewrangler for this, replaced my 192.168.2.12 IP and and pfsense IP with 1.2.3.4 and 1.2.3.254, etc..

dhcp_anon.pcapng

j.koopmann

Thanks for sharing this. The trick was to put

dhcp-lease-time 86400

in the option field instead of

option dhcp-lease-time 86400

This worked and I can see the 51 request now in my DHCP request which of course is being ignored. So next round with the ISP.

Regards
JP