Switch Doesn't accept DHCP Lease after Pfsense service gets boot late after the switch is already booted.

pjaiswal0231

I am facing a issue with pfsense when there is power failure the my dlink unmanaged switch boot first and the pfsense start after 30 sec to 1 minute but when it starts the DHCP ip lease switch doesn't accept i have to reboot the switch again then it accept the dhcp ip and send to whole network from Pfsense, but if i put the WIFI router this doesn't happen, So there is any solution for it.

johnpoz

@pjaiswal0231 why would a unmanaged switch have or need an IP? Never heard of or seen such a thing - makes no sense.

pjaiswal0231

@pjaiswal0231 the unmanaged switch doesn't need IP but what is happening the switch boots first before the pfsense can start it services so in this scenario when pfsense boots and start it DHCP server to assign IP to the network it doesn't allow the DHCP ip relay on the network so the full network goes down as pfsense is already booted and I restart the switch now it lets the DHCP server can assign IP and network works so I thought the switch has the issue but if I remove pfsense and use WiFi router for internet and WiFi router DHCP server it works fine if the switch boots first and after WiFi router boots later, so I am stuck how to resolve this issue. As the unmanaged switch is 100 Mbps port so tried to put 100 Mbps Lan card on pfsense still it is giving same issue

johnpoz

@pjaiswal0231 you understand dhcp server being down means nothing - clients don't just drop their IP when dhcp server is off.

You get a lease, default is 2 hours.. Once you get the lease until that 2 hours is up you have an IP. you don't even start trying to renew it until 50% of the lease is over.

If your lease was say 24 hours - you could go 24 hours with dhcp server being down since a client last renewed.. Mine are like 4 days min.

Why would you be doing a dhcp relay? And you can't with an unmanaged switch, and pfsense doesn't even support being the target of a relay - it could relay to some other dhcp server on your network.

Not sure what you have going on - but more than likely it has zero to do with dhcp. Until pfsense boots no your clients wouldn't be able to talk to pfsense, they would not be able to use dns (if pfsense is your dns) etc.. And you shouldn't have to reboot the switch, as soon as the port plug into the switch from pfsense comes up - everything should be connected.

You for sure should not have to reboot your switch after pfsense comes up - unless the port doesn't neg correctly on your switch. Do you get lights on the port pfsense is plugged into on the switch once pfsense boots? Do you see lights on the port on pfsense? Are they the same color? The lights should tell you what speed the port is up on, etc.

If your devices are off as well when you loose power and they boot first, they should continue to use their last IP.. But if they give them up and get a APIPA address because dhcp server is not available yet - ie a 169.254.x.x address then yeah that could take a while to clear itself, and a reboot of the switch would be interface down for the PC for example and when the interface comes back up it would try dhcp again.

I would suggest you look on your machine to see if it has a 169.254.x.x address, you can view this on windows with ipconfig /all via cmd prompt..

here I disabled my dhcp server, and did a release and then renew - see got a 169.254.x.x address - and yeah nothing going to work.

pjaiswal0231

@johnpoz wording i used in the earlier post for ip relay was not the senario the scenario I am mentioning it only happens when there is a power failure after the power come back on this happens all, on Pfsense LAN port the LAN card led in on and on the switch port also led is on but the dhcp is not able to provide ip. I have assign some static IP also on the LAN network but from the static IP system I am not able to ping pfsense and from pfsense also I am.not able to ping the LAN static IP but of pfsense I ping any internet IP or website it is pinging But after I reboot the switch every thing start working. It is a unmanaged switch thats why I am stuck, I can't check what is happening with the switch.

But this scenario on power failure doesn't happen if I remove pfsense and put WiFi router and I use the WiFi router internal dhcp to provide IP when the power come back on same thing happen switch boot first and after 30 second the WiFi router services comes up all PC take ip. So in this scenario the switch doesn't have issue

Gertjan

@pjaiswal0231

Lets start with this : an non managed switch isn't 100 % non managed, as there are two part you have to do yourself with a switch like this :

1. Hook up the power.
2. Slide in as many as network cables plugs as the switch can hold to forum a 'network'.

And now your done. There is no more and no less.
Switches replicate traffic on a port to a destination port.
It doesn't care what the packers 'are' - it doesn't care about what a packets 'do'.
So, if they are ICMP, or UDP, or TCP, or DHCP, etc, it's doesn't care ....

So it can't have issue with 'DHCP', as it doesn't know what DHCP is.

@pjaiswal0231 said in Switch Doesn't accept DHCP Lease after Pfsense service gets boot late after the switch is already booted.:

But this scenario on power failure doesn't

Can be very bad for pfSense.
pfSense doesn't run from a ROM (Read Only Memory) as the wallmart router does, it uses a real hard disk like your PC, NAS, phone etc. Power loses can mean : file system damaged. That's something you don't want to happen. if doubt, take an insurance (== UPS).

What pfSense version do you use ?
Did you change something ?
Use this DHCP pfSense server :

and you'll be fine.

AndyRH

To me it sounds like the clients are coming up faster than pfSense and think they are on a different network and are dropping their IPs.
Rebooting the switch will make the clients re-evaluate what network they are on and request an address when the network comes on-line.

As others have suggested, review the clients, my guess is you will find they have 169.254 addresses.
pfSense will never start faster then an unmanaged switch.

I do not have a solution other than what you are doing or simply waiting for the clients to check again for a DHCP server.

johnpoz

@AndyRH said in Switch Doesn't accept DHCP Lease after Pfsense service gets boot late after the switch is already booted.:

simply waiting for the clients to check again for a DHCP server.

Yeah they should - quick google

https://learn.microsoft.com/en-us/windows-server/troubleshoot/how-to-use-automatic-tcpip-addressing-without-a-dh#example-1-no-previous-ip-address-and-no-dhcp-server

And it looks like windows will check every 3 minutes after it has gone with the 169.254 address

"An error message is presented to the user and discover messages are transmitted every 3 minutes."

Or could be 5 minutes?

"The computer then broadcasts four discover messages, and after every 5 minutes it repeats the whole procedure until a DHCP server comes on line."

Depending on if it had a previous IP or if lease had expired, etc.

pjaiswal0231

@AndyRH thanks I also thought so as in west africa the price of managed switch are 3 times or 4 times higher then the other places so i have to wait till some one goes to UAE and pick one up for saving the cost

pjaiswal0231

@johnpoz what you are saying is true but in my scenario it didn't happens, the only solution is reboot the switch as it is stuck like this for 3 hours then also nothing happen so reboot is the only solution, I will try to change LAN card and check one that is the easiest and cheapest solution.

Gertjan

@pjaiswal0231

The ultimate test tool - you can start it with one click :

Enter first :
LAN, because you want to capture on your pfSEnse LAN
UDP because DHCP is 'UDP' only
Ports 67 and 68 because DHCP uses these ports.
And "Full" details as you are the admin, and you want details.

Now hit start !

And you'll see the request and answers.

If you're in a hurry, go to a LAN device, a PC, and enter the magic command :

ipconfig /renew4

The packet capture will show the DHCP exchanges in real time.

johnpoz

@pjaiswal0231 please answer some basic questions.. Does your pc get a 169.254.x.x address?

Is dhcp even running on pfsense? What dhcp server are you using on pfsense, shoot what version of pfsense are you even using?

Is the lan interface of pfsense even coming up - do you see lights on the pfsense port and switch ports? Can you console in to pfsense?

The only thing an unmanaged switch does is provide connection between your pc and pfsense.. You sure shouldn't have to reboot it just because it came up before the devices connected to it - pfsense or PC..

What switch is this - maybe its just a POS? A managed switch isn't going to make any difference here really if all your doing is single vlan stuff.. What OS is your PC even running? For all we know your still running windows ME or something?

Vs rebooting the switch - what happens if you just unplug the the port from from the switch or pfsense or pc and plug it back in?

pjaiswal0231

@johnpoz I will share you all the details and snapshot tomorrow.