Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Using dpinger to force DHCP lease renewal

    Scheduled Pinned Locked Moved General pfSense Questions
    8 Posts 3 Posters 330 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      AGawthrope
      last edited by AGawthrope

      I am experiencing an issue with my service provider whereby during the lifetime of a DHCP lease - i.e. before a renewal is initiated by dhclient - they block all IP access from my leased IP until a renewal occurs. This occurs several times per week, with DHCP renewals working ok the rest of the time. dpinger identifies this immedietly as it no longer gets ICMP Echo Reply responses from the service provider gateway.

      My question is: Would it be possible for a script - as I see no in-built capability in pfSense - to initiate a DHCP Release/Renew cycle when dpinger stops getting ICMP Echo Reply responses? Clearly some controls would be needed around this such as - the number of times and frequency at which its attempted.

      Anyone know if this may be possible or whether anyone has used dpinger to trigger scripts previously? It sounds like an issue with the service provider but getting past their 1st line support and speaking with a knowledgeable person is expected to be hell so I'm seeking work-arounds ;-)

      Thanks
      Andrew

      1 Reply Last reply Reply Quote 0
      • LarryFahnoeL
        LarryFahnoe
        last edited by

        On the surface that certainly sounds like your provider has a broken DHCP server. I wonder though, have you investigated pfSense's dhcpd.log, does it show the normal DHCPREQUEST / DHCPACK / RENEW behavior and how do the DHCPREQUEST times correlate with the times from the dpinger events?

        --Larry

        A 1 Reply Last reply Reply Quote 0
        • A
          AGawthrope @LarryFahnoe
          last edited by AGawthrope

          @LarryFahnoe. Hi. Yes in my investigation I've been using the dhclient, dpinger logs and taking packet captures which I subsequently review in Wireshark.

          The service provider DHCP ACK messages specify a lease of 1 day; At half that, dhclient attempts to renew. When this occurs it appears to successfuly extend the lease. I'm not seeing anything that looks anomalous in either REQUEST or ACK messages. A successful renewal always seems to be accomplished with just one REQUEST and one ACK message. In time, the ACK immediately follows the REQUEST. i.e. no delay.

          I haven't analysed enough data yet to identify any temporal patterns but the service provider is 'blocking' access prior to expiration of the 1-day lease validity. This morning I can, however, be certain that a 1/2 day DHCP renewal was due at 09:23 hrs and their gateway ceased responding to my IP at 09:00 hrs as evidenced by an Alarm latency entry in the dpinger log.

          If I take the pfSense WAN interface Down, then UP or force a DHCP Release/Renew I see correct behaviour in the resulting REQUEST / ACK messaging. Evidenced in the dclient log and the packet capture's.

          I'm keen that this thread remains focused on my original question, but from the limited data I've analysed so far there seems to be a corrolation between the service provider gateway 'blocking' my leased IP and the IP address of the responding DHCP server changing. i.e. the renewals work fine when the same server responds. When it doesn't and a differnet server responds the service provider appears to block my leased IP prior to it's expiration.

          I think that answers your questions Larry.

          Thanks
          Andrew

          EDIT: I'm using a Netgate 4100 with build 24.03-RELEASE

          1 Reply Last reply Reply Quote 0
          • LarryFahnoeL
            LarryFahnoe
            last edited by

            Thanks for the thoughtful reply Andrew & yes, it does answer my question.

            Your situation certainly indicates problems on your provider's side, and your query about a script to either bounce the interface or renew the lease seems a logical work-around. I do not have a script at hand to offer though.

            --Larry

            1 Reply Last reply Reply Quote 1
            • stephenw10S
              stephenw10 Netgate Administrator
              last edited by

              Mmm, a script should be possible there though I'm not aware of one specifically. You'd have to be careful to avoid getting stuck in a loop as the script fires when dping throws an alarm but dpinger is restarted when the WAN goes down/up.

              You might try setting a much shorter dhcp lease time in the client request. The ISP server may well just ignore it though.

              A 1 Reply Last reply Reply Quote 0
              • A
                AGawthrope @stephenw10
                last edited by

                @stephenw10 Thanks. Is that the option that ISC call 'dhcp-lease-time'? How might I configure pfSense/dhclient to include that option in a Request? Also, how might I specify its value. A System Tunable perhaps?

                I suspect, as you suggest, the ISP will ignore it but it's worth a try :-)

                Thanks,
                Andrew

                1 Reply Last reply Reply Quote 0
                • stephenw10S
                  stephenw10 Netgate Administrator
                  last edited by stephenw10

                  It's in the dhcp client settings on the interface if you enable the advanced configuration. You can set the lease time to request in the Send Options field.

                  If the ISP ignores that and still gives you a 1 day lease you can try simply overiding that by adding a supersede value in the Option Modifiers.

                  Screenshot from 2024-05-20 15-42-22.png

                  A 1 Reply Last reply Reply Quote 1
                  • A
                    AGawthrope @stephenw10
                    last edited by

                    @stephenw10 Great. Thank you. I'll have a play with that and see if I can up the frequency of renewals.

                    Thanks
                    Andrew

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.