Facing issues with DHCP and 2 APs
-
@johnpoz Not quite, if both APs are connected, and I try connecting let's say a normal android phone, with the random MAC option enabled it would connect fine and get an IP from DHCP, however if i turn off the random mac option and try connecting, it starts to loop weirdly like in the picture, and the device can either just not get an IP or connect after a very long time. Just setting a static IP on the device itself gives the results in the packet capture and has no connectivity to the router itself. I hope I managed to explain it well this time.
Thanks to both of you for responding.
-
@TheAmongler do you have some static arp set for this IP or mac? But your saying it doesn't do any of that if only 1 AP is connected? And it doesn't matter which one?
-
@johnpoz There is no static arp set no, and yeah it works just fine if it is only 1 AP, and from what I've tried it doesn't matter which one it is yes, I even tried unplugging both and replacing with other APs and issue still persisted. If a static IP is set on the device it will show up in the arp table, but I guess the device itself doesn't see the router or something.
-
What is the IP and network set to of pfSense ?
10.27.27.x ? and network 255.255.255.0 or /24 ?How is DHCP on LAN set up on pfSense ? Pool range ?
Who, in your image, is 10.27.27.247 ?
Are the SSID of AP1 and AP2 the same, or not ?
What is the IP setup of AP1 ?
Static like
10.27.27.Y ? and network 255.255.255.0 or /24 ? and the DNS + Gateway set to 10.27.27.x = pfSense ?Same for, AP2:
10.27.27.Z ? and network 255.255.255.0 or /24 ? and the DNS + Gateway set to 10.27.27.x = pfSense ?On both APs : DHCP has been shut down ?? These are behaving as APs and don't route, no firewall, right ?
-
@Gertjan yeah its 10.27.27.0 and 24,
The pools are a bit strange but that is just because I was excluding the APs and I guess I was just too lazy to change it on the APs themselves haha, however it is the same exact behavior as if it was one singular pool.I don't exactly remember what device 10.27.27.247 is because it has been a while since I have taken these images, however the behaviour is the exact same across most devices.
The SSIDs are supposed to be the same however I am forced to name them differently because of this issue, else sometimes some devices just can't roam between the networks and end up stuck.
The setup of the APs is as you have described yes.
Yes everything related to routing and dhcp has been turned off on the APs, and they do work just fine if the other is disconnected.
Thanks for replying
-
@TheAmongler said in Facing issues with DHCP and 2 APs:
The setup of the APs is as you have described yes.
They do have unique IP addresses, right ?
Like 10.27.27.253 and 10.27.27.254 ?
(park them at the beginning or end of the network 10.27.27.0 range, you can now simplify your pool) -
@Gertjan
They are unique yes.
(I'll probably maybe get around to it) -
Possible is : device 2c:fe:4f:0b:52:2f is deaf : it can request a DHCP, but doesn't receive (hear) the answer.
Ditch the device, and done ^^ -
@Gertjan I'd love to but then I'd have to ditch like a lot of devices lol. What I can tell is that if a device connects from one AP to the other with the same MAC it just goes loony, I've tested this with nothing on the network but the APs and the router, and even tried changing the switches but still same old, really perplexing to me honestly.
-
You use ISC DHCP or Kea ?
-
@TheAmongler said in Facing issues with DHCP and 2 APs:
but I guess the device itself doesn't see the router or something.
APs don't need any routing, they don't even need a gateway.. The only reason they would is if you were going to admin them from a different network.
What APs are you using?
None of what your saying makes any sense - an AP is just a bridge from wireless to wired.. Having multiple AP on the network doesn't matter you could have 2 or you could have 20... I have 3 on my network..
You talking about the client not getting the arp reply? So pfsense IP is 10.27.27.1 - what sort of box is it? This mac 3e:f9:d6, isn't a known maker.. Normally you would think the nic in your router would be a known mac address..
That 2c:fe4f is Xiaomi Communications Co Ltd
but I don't see who the maker of this mac address is 3e:f9:d6 - which should be pfsense nic..
example mac address of my pfsense IP is
192.168.9.253 00-08-a2-0c-e6-2400:08:a2 is ADI Engineering, Inc.
So with only 1 AP on the network.. and your client working - what does it show for the mac address of pfsense IP 10.27.27.1 ? Do an arp -a on it.. What does pfsense show for the mac address of the ciient..
Adding another AP, another bridge shouldn't matter unless their is a loop.
-
@Gertjan ISC and kea both have the same issue, but it's ISC
-
@johnpoz
Yeah im talking about the client not receiving the reply, the nic is an intel, but I don't remember which model exactly so I'll have to check later, the box itself is just some old pc that I turned into the router, I mentioned it in the old thread but maybe I should have mentioned it again here, pfsense is running under proxmox currently, however it ran directly on the machine before that and faced the same issue. As far as I know there shouldn't be any loops, the only connection between the APs is that they are wired to the same switch but that's it. I'll get you the command results as soon as I am able to.EDIT: I forgot to mention what APs but its just some normal tplink ones
Thanks for your replies
-
So this should be the output right?
I just chose the table itself cuz it looked cleaner, but I can get the console output if you also need it.
It's a little hard for me to only have 1 device on the network right now as people are on it, so I can redo this if needed a little later.The fact that this happens when any 2 APs are on the network is what confuses, as in I know it shouldn't be happening, yet it does and I really don't know or understand why.
-
I don't know if its relevant at all here, but I just noticed that one of the APs can see the other as a LAN client, while the other doesn't, dunno if that affects anything though.
-
@TheAmongler said in Facing issues with DHCP and 2 APs:
but I just noticed that one of the APs can see the other as a LAN client
Can you show what you saw ?
-
@Gertjan Yeah sure,
AP 1:
AP 2:
-
The "Client list" will get populated if the AP has its own DHCP server activated - this is not, and should not be the case.
The LAN Device List looks like a ARP list to me.
The 3e:f9:d6:76:a1:cf - 10.27.27.1 is probably the device hooked up to the wired LAN, pfSEnse.
The others are, I guess, connected or known Wifi clients on this AP.edit : you are comparing two different lists from two different APs ?
-
@Gertjan That's strange then since DHCP is turned off on both of them.
Yeah these are client lists from the 2 APs on the network right now, I wasn't sure if it was relevant but I just thought it might be interesting