Netgate Installer 2.8.0: Chicken-and-Egg Problem with ISPs Requiring DHCP Option 60

pongli

The Problem

The new Netgate Installer introduced with pfSense 2.8.0 creates a significant deployment issue for users whose ISPs require DHCP Option 60 (Vendor Class Identifier) to obtain an IP address. This is particularly problematic for several major European ISPs, including:

• Swisscom (Switzerland) - requires 100008,0001
• Orange (France) - requires specific vendor class identifiers
• Various other European ISPs with similar requirements

Why This Is a Real Problem

The Netgate Installer is an online installer that downloads installation packages from Netgate servers during the installation process. However, many ISPs will not assign an IP address via DHCP without the correct Option 60 value being sent in the DHCP request.

This creates a classic chicken-and-egg scenario:

1. Need Internet connection → to download pfSense installation packages
2. Need DHCP Option 60 → to get IP address from ISP
3. Cannot configure DHCP Option 60 → until pfSense is installed and accessible via web interface
4. Cannot install pfSense → without Internet connection

Current Workarounds (All Suboptimal)

1. Use mobile hotspot during installation - Additional hardware/data costs
2. Install behind another router temporarily - Requires extra equipment
3. Use older pfSense 2.7.2 offline installer - Forces users to stay on older versions initially
4. Complex network bridging setups - Time-consuming and error-prone

Impact on Users

This issue particularly affects:

• Professional deployments where reliable, predictable installation is critical
• Remote installations where bringing additional equipment is impractical
• Users in areas with poor mobile coverage where hotspot workarounds fail
• Anyone upgrading from working 2.7.x systems with an entire new installation who now face installation barriers

Suggested Solutions

Short-term:

1. Add DHCP advanced options to installer - Allow configuring Option 60, VLAN tags, etc. during WAN setup
2. Provide offline installer option - Keep the hybrid approach: online for flexibility, offline for problematic networks
3. Better error messaging - When installation fails due to connectivity, suggest common ISP-specific solutions

Long-term:

1. ISP profiles in installer - Pre-configured settings for major ISPs (similar to mobile phone APN databases)
2. Network troubleshooting wizard - Built-in diagnostics to identify common ISP requirements

Community Feedback Needed

Has anyone else encountered this issue? What workarounds have you found effective?

For Netgate: Could we get some official guidance on the roadmap for addressing ISP-specific DHCP requirements in the installer?

Technical Details

For reference, here are the settings typically needed for affected ISPs:

• Swisscom: DHCP Option 60 = 100008,0001, VLAN 10
• Orange France: Various vendor class identifiers depending on service type
• Deutsche Telekom: Specific Option 60 values for fiber services

---

Bottom line: The move to online-only installation has introduced a significant regression for users with ISPs requiring DHCP Option 60. This needs to be addressed to maintain pfSense's reputation for broad ISP compatibility.

What are your thoughts on potential solutions?

My wish would definitely be a standalone installer as it was avalable until version 2.7.2...

keyser

@pongli I very much agree as I have stranded there myself with the pfSense+ installer (also online).

Very good suggestions, and as much as I would like those options to be available in the installer, I would actually also/rather prefer an offline installer was also made available.

PS: @Netgate - while you are at it. PLEASE make DHCPv6 RAW options available in pfSense as well. Right now that is preventing IPv6 setups with some of these ISPs because they require DHCP options in DHCPv6 that you cannot configure in pfSense.