How to add interfactes to DCHP server
-
Hi,
I'm either doing something dumb, or have a strange issue. My DHCP server does not give me options for a newly enabled physical interface.
I'm trying to enable an additional interface on pfSense which I have not used before. I've given it an ID (opt6) and set it to enabled. I set it as a DHCP interface, and gave it an address.
After saving, applying, (and even rebooting), I don't see this interface as an option under the DHCP server. Do I need to enroll the interface, somehow?
Or does having these OpenVPN interfaces in the list, somehow break something?
Thank you!
-
@CyberMinion Set IPv4 configuration type on OPT6 to static...you can't enable DHCP client and be a DHCP server on the same interface.
-
@SteveITS Ah yes, that's a mistake for sure. Fixed it (Saved, Applied, and failing that, rebooted). However, the interface still isn't showing in DHCP server settings. Am I still missing something?
Thank you!
-
@CyberMinion It's a /32 mask above, try a /24. /32 is the default on pfSense.
-
@SteveITS Oh. I mistakenly thought that was only a reference to the gateway, based on the description, and the default /32. Alright, that did it. With that set to a /24 subnet, the DHCP server now allows me to set config for this interface.
Thank you for your fast and helpful input! I'll go be embarrassed somewhere else, now...
-
@CyberMinion this actually comes up more than one would think to be honest. The default of /32 forces the admin to know what mask they are setting when setting up a new interface.. Been a few threads about changing it to default to /24, etc.
I could see a /24 helping remove this sort of post - but then again the person setting up a new interface on their firewall should really understand what IP they want the interface to have and what network it should be /24, /25, /28 or say a /22 etc. etc.
But don't be embarrassed ;) you for sure are not the first to run into this, nor will you be the last..
-
@johnpoz It would be "friendlier" if the mask was /24 for internal interfaces but I expect the issue is that pfSense has no idea if this is a second WAN or an internal interface unless a gateway is set, and then one could probably debate whether setting a gateway should automatically change the mask...perhaps a popup. At which point someone will be annoyed they have to change the mask again.
-
@SteveITS yeah you could prob look up the old threads - this has been discussed multiple times in the past ;)
I concur that /24 might be a friendly more common default - but when it comes down too it, the admin of the firewall should know and set this to what they want to use. What it defaults to becomes irrelevant.
You could complain that windows when setting IP that starts with 10 - defaults to 255.0.0.0 ;)
