Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DCHP server of VLAN doesn't work (2.0-BETA5 - build Jan 15)

    Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
    18 Posts 4 Posters 5.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      krisken
      last edited by

      I've created 2 vlans : publicwifi and privatewifi.  Until now everything went well, but i've upgraded today my pfsense 2.0 to the build of jan 15 and it's … broken :-)

      My Lan network's DHCP server works well!

      1 Reply Last reply Reply Quote 0
      • P
        Porter
        last edited by

        It's not just that build, I don't think… I'm running the Jan 10 build and the DHCP is intermittent for VLANs on that one.  It seems to work for the first couple of hours, but after that it stops responding to DHCP requests from the VLANs.

        1 Reply Last reply Reply Quote 0
        • P
          Porter
          last edited by

          Well, I take that back.  It seems to be a little more complex than that.  I get DHCP response for certain devices, but not others… maybe it has something to do with the syntax of the DHCP request?

          1 Reply Last reply Reply Quote 0
          • P
            Porter
            last edited by

            The plot thickens. DHCP behavior is rather… intermittent.  It's not necessarily different devices as I was thinking before, I've now had the same device both function to get a DHCP address, and at a different time be completely unable to acquire one, with no other system changes.  Very odd.

            1 Reply Last reply Reply Quote 0
            • C
              cmb
              last edited by

              If you can catch it at a point where it can't renew, capture the traffic, see what's happening.

              I'm running DHCP server on VLANs in multiple locations with no issues.

              1 Reply Last reply Reply Quote 0
              • K
                krisken
                last edited by

                My problem is that the DHCP server don't work anymore.  So the solution have to be found there…

                1 Reply Last reply Reply Quote 0
                • C
                  cmb
                  last edited by

                  @krisken:

                  My problem is that the DHCP server don't work anymore.  So the solution have to be found there…

                  You still need to get a packet capture of the traffic, see if the request is getting to the firewall.

                  1 Reply Last reply Reply Quote 0
                  • K
                    krisken
                    last edited by

                    Extraction of the system log

                    Jan 18 19:09:22 dhcpd: For info, please visit https://www.isc.org/software/dhcp/
                    Jan 18 19:09:22 dhcpd: /etc/dhcpd.conf line 23: expecting numeric value.
                    Jan 18 19:09:22 dhcpd: /etc/dhcpd.conf line 23: expecting numeric value.
                    Jan 18 19:09:22 dhcpd: subnet netmask
                    Jan 18 19:09:22 dhcpd: subnet netmask
                    Jan 18 19:09:22 dhcpd: ^
                    Jan 18 19:09:22 dhcpd: ^
                    Jan 18 19:09:22 dhcpd: /etc/dhcpd.conf line 32: expecting numeric value.
                    Jan 18 19:09:22 dhcpd: /etc/dhcpd.conf line 32: expecting numeric value.
                    Jan 18 19:09:22 dhcpd: subnet netmask
                    Jan 18 19:09:22 dhcpd: subnet netmask
                    Jan 18 19:09:22 dhcpd: ^
                    Jan 18 19:09:22 dhcpd: ^
                    Jan 18 19:09:22 dhcpd: Configuration file errors encountered – exiting
                    Jan 18 19:09:22 dhcpd: Configuration file errors encountered -- exiting
                    Jan 18 19:09:22 dhcpd:
                    Jan 18 19:09:22 dhcpd:
                    Jan 18 19:09:22 dhcpd: If you did not get this software from ftp.isc.org, please
                    Jan 18 19:09:22 dhcpd: If you did not get this software from ftp.isc.org, please
                    Jan 18 19:09:22 dhcpd: get the latest from ftp.isc.org and install that before
                    Jan 18 19:09:22 dhcpd: get the latest from ftp.isc.org and install that before
                    Jan 18 19:09:22 dhcpd: requesting help.
                    Jan 18 19:09:22 dhcpd: requesting help.
                    Jan 18 19:09:22 dhcpd:
                    Jan 18 19:09:22 dhcpd:
                    Jan 18 19:09:22 dhcpd: If you did get this software from ftp.isc.org and have not
                    Jan 18 19:09:22 dhcpd: If you did get this software from ftp.isc.org and have not
                    Jan 18 19:09:22 dhcpd: yet read the README, please read it before requesting help.
                    Jan 18 19:09:22 dhcpd: yet read the README, please read it before requesting help.
                    Jan 18 19:09:22 dhcpd: If you intend to request help from the dhcp-server@isc.org
                    Jan 18 19:09:22 dhcpd: If you intend to request help from the dhcp-server@isc.org
                    Jan 18 19:09:22 dhcpd: mailing list, please read the section on the README about
                    Jan 18 19:09:22 dhcpd: mailing list, please read the section on the README about
                    Jan 18 19:09:22 dhcpd: submitting bug reports and requests for help.
                    Jan 18 19:09:22 dhcpd: submitting bug reports and requests for help.
                    Jan 18 19:09:22 dhcpd:
                    Jan 18 19:09:22 dhcpd:
                    Jan 18 19:09:22 dhcpd: Please do not under any circumstances send requests for
                    Jan 18 19:09:22 dhcpd: Please do not under any circumstances send requests for
                    Jan 18 19:09:22 dhcpd: help directly to the authors of this software - please
                    Jan 18 19:09:22 dhcpd: help directly to the authors of this software - please
                    Jan 18 19:09:22 dhcpd: send them to the appropriate mailing list as described in
                    Jan 18 19:09:22 dhcpd: send them to the appropriate mailing list as described in
                    Jan 18 19:09:22 dhcpd: the README file.
                    Jan 18 19:09:22 dhcpd: the README file.
                    Jan 18 19:09:22 dhcpd:
                    Jan 18 19:09:22 dhcpd:
                    Jan 18 19:09:22 dhcpd: exiting.
                    Jan 18 19:09:22 dhcpd: exiting.
                    Jan 18 19:09:22 php: /services_dhcp.php: The command '/usr/local/sbin/dhcpd -user dhcpd -group _dhcp -chroot /var/dhcpd -cf /etc/dhcpd.conf re0 re0_vlan100 re0_vlan200' returned exit code '1', the output was 'Internet Systems Consortium DHCP Server 4.1.1-P1 Copyright 2004-2010 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ /etc/dhcpd.conf line 23: expecting numeric value. subnet netmask ^ /etc/dhcpd.conf line 32: expecting numeric value. subnet netmask ^ Configuration file errors encountered -- exiting If you did not get this software from ftp.isc.org, please get the latest from ftp.isc.org and install that before requesting help. If you did get this software from ftp.isc.org and have not yet read the README, please read it before requesting help. If you intend to request help from the dhcp-server@isc.org mailing list, please read the section on the README about submitting bug reports and requests for help. Please do not u

                    But when i want to edit /etc/dhcpd.conf, i see that…that doesn't exists?

                    1 Reply Last reply Reply Quote 0
                    • C
                      cmb
                      last edited by

                      it's not running at all with that. go to Diagnostics>Command and run:

                      cat /var/dhcpd/etc/dhcpd.conf

                      and paste the output.

                      1 Reply Last reply Reply Quote 0
                      • K
                        krisken
                        last edited by

                        This is the output of cat /var/dhcpd/etc/dhcpd.conf

                        $ cat /var/dhcpd/etc/dhcpd.conf

                        option domain-name "office.it2go.eu";
                        option ldap-server code 95 = text;
                        option domain-search-list code 119 = text;

                        default-lease-time 7200;
                        max-lease-time 86400;
                        log-facility local7;
                        ddns-update-style none;
                        one-lease-per-client true;
                        deny duplicates;
                        ping-check true;
                        authoritative;
                        subnet 10.0.0.0 netmask 255.255.255.0 {
                        pool {
                        range 10.0.0.100 10.0.0.245;
                        }
                        option routers 10.0.0.1;
                        option domain-name-servers 10.0.0.1;
                        option ntp-servers 193.110.251.50;

                        }
                        subnet  netmask 0.0.0.0 {
                        pool {
                        range 10.2.0.100 10.2.0.254;
                        }
                        option routers ;
                        option domain-name-servers ;
                        option ntp-servers 193.110.251.50;

                        }
                        subnet  netmask 0.0.0.0 {
                        pool {
                        range 10.1.0.100 10.1.0.254;
                        }
                        option routers ;
                        option domain-name-servers ;
                        option ntp-servers 193.110.251.50;

                        }

                        1 Reply Last reply Reply Quote 0
                        • E
                          eri--
                          last edited by

                          I put a fix for this it should be in new snapshots.

                          Do you have any interface that is configured as 'none' assigned?

                          1 Reply Last reply Reply Quote 0
                          • K
                            krisken
                            last edited by

                            If you mean that i have some unused nics : yes : i only use two of my 4nic pci card.

                            1 Reply Last reply Reply Quote 0
                            • E
                              eri--
                              last edited by

                              Can you show me an output of status interfaces and config.xml <interfaces></interfaces>part?

                              1 Reply Last reply Reply Quote 0
                              • K
                                krisken
                                last edited by

                                Belgacom Interface

                                BELGACOM interface (pppoe0)
                                Status up
                                PPPoE up  
                                Uptime 04:21:16
                                MAC address 00:00:00:00:00:00
                                IP address 91.182.220.8  
                                Subnet mask 255.255.255.255
                                Gateway 91.182.220.1
                                ISP DNS servers 193.110.251.50
                                94.23.53.69
                                208.67.222.222
                                In/out packets 75380/74429 (63.27 MB/5.46 MB)
                                In/out packets (pass) 74429/60029 (62.80 MB/5.46 MB)
                                In/out packets (block) 951/0 (482 KB/0 bytes)
                                In/out errors 0/0
                                Collisions 0

                                Lan Interface

                                LAN interface (re0)
                                Status up
                                MAC address 70:71:bc:08:b8:67
                                IP address 10.0.0.1  
                                Subnet mask 255.255.255.0
                                Media 1000baseT <full-duplex>In/out packets 72755/72671 (8.22 MB/80.65 MB)
                                In/out packets (pass) 72671/89265 (8.21 MB/80.65 MB)
                                In/out packets (block) 84/0 (6 KB/0 bytes)
                                In/out errors 0/0
                                Collisions 0</full-duplex>

                                Dommel Interface

                                DOMMEL interface (pppoe1)
                                Status up
                                PPPoE up  
                                Uptime 04:21:16
                                MAC address 00:00:00:00:00:00
                                IP address 83.101.6.45  
                                Subnet mask 255.255.255.255
                                Gateway 83.101.6.1
                                In/out packets 44245/40297 (17.69 MB/3.74 MB)
                                In/out packets (pass) 40297/40424 (17.08 MB/3.74 MB)
                                In/out packets (block) 3948/0 (623 KB/0 bytes)
                                In/out errors 0/0
                                Collisions 0

                                Publicwifi Interface

                                PUBLICWIFI interface (re0_vlan100)
                                Status down

                                Privatewifi Interface

                                PRIVATEWIFI interface (re0_vlan200)
                                Status down

                                Config.xml

                                <interfaces><wan><enable><if>pppoe0</if>
                                <media><mediaopt><spoofmac><ipaddr>pppoe</ipaddr></spoofmac></mediaopt></media></enable></wan>
                                <lan><enable><if>re0</if>
                                <ipaddr>10.0.0.1</ipaddr>
                                <subnet>24</subnet>
                                <media><mediaopt></mediaopt></media></enable></lan>
                                <opt1><if>pppoe1</if>

                                <enable><spoofmac><ipaddr>pppoe</ipaddr></spoofmac></enable></opt1>
                                <opt2><if>re0_vlan100</if>
                                <enable><spoofmac><ipaddr>10.2.0.1</ipaddr>
                                <subnet>24</subnet></spoofmac></enable></opt2>
                                <opt3><if>re0_vlan200</if>
                                <enable><spoofmac><ipaddr>10.1.0.1</ipaddr>
                                <subnet>24</subnet></spoofmac></enable></opt3></interfaces>

                                1 Reply Last reply Reply Quote 0
                                • K
                                  krisken
                                  last edited by

                                  @ermal:

                                  I put a fix for this it should be in new snapshots.

                                  Do you have any interface that is configured as 'none' assigned?

                                  I got the snapshot of today (2.0-BETA5 (i386) built on Wed Jan 19 02:10:47 EST 2011) where it isn't fixed yet?

                                  Logs

                                  Jan 19 20:51:00 kernel: re0_vlan2: link state changed to UP
                                  Jan 19 20:51:00 kernel: re0_vlan3: link state changed to UP
                                  Jan 19 20:51:00 php: : ROUTING: change default route to 83.101.6.1
                                  Jan 19 20:51:00 check_reload_status: reloading filter
                                  Jan 19 20:51:00 apinger: Starting Alarm Pinger, apinger(42244)
                                  Jan 19 20:51:01 php: : ROUTING: change default route to 83.101.6.1
                                  Jan 19 20:51:01 check_reload_status: reloading filter
                                  Jan 19 20:51:01 php: : The command '/sbin/ifconfig 're0_vlan100' -staticarp ' returned exit code '1', the output was 'ifconfig: interface re0_vlan100 does not exist'
                                  Jan 19 20:51:01 php: : The command '/usr/sbin/arp -d -i 're0_vlan100' -a > /dev/null 2>&1 ' returned exit code '1', the output was ''
                                  Jan 19 20:51:01 php: : The command '/sbin/ifconfig 're0_vlan200' -staticarp ' returned exit code '1', the output was 'ifconfig: interface re0_vlan200 does not exist'
                                  Jan 19 20:51:04 php: : The command '/usr/sbin/arp -d -i 're0_vlan200' -a > /dev/null 2>&1 ' returned exit code '1', the output was ''
                                  Jan 19 20:51:04 php: : Gateways status could not be determined, considering all as up/active.
                                  Jan 19 20:51:04 php: : Gateways status could not be determined, considering all as up/active.
                                  Jan 19 20:51:04 php: : Gateways status could not be determined, considering all as up/active.
                                  Jan 19 20:51:04 dhcpd: Internet Systems Consortium DHCP Server 4.1.1-P1
                                  Jan 19 20:51:04 dhcpd: Copyright 2004-2010 Internet Systems Consortium.
                                  Jan 19 20:51:04 dhcpd: All rights reserved.
                                  Jan 19 20:51:04 dhcpd: For info, please visit https://www.isc.org/software/dhcp/
                                  Jan 19 20:51:04 dnsmasq[63428]: started, version 2.55 cachesize 10000
                                  Jan 19 20:51:04 dnsmasq[63428]: compile time options: IPv6 GNU-getopt no-DBus I18N DHCP TFTP
                                  Jan 19 20:51:04 dnsmasq[63428]: reading /etc/resolv.conf
                                  Jan 19 20:51:04 check_reload_status: updating all dyndns
                                  Jan 19 20:51:04 dnsmasq[63428]: using nameserver 208.67.222.222#53
                                  Jan 19 20:51:04 dnsmasq[63428]: using nameserver 94.23.53.69#53
                                  Jan 19 20:51:04 dnsmasq[63428]: using nameserver 193.110.251.50#53
                                  Jan 19 20:51:04 dnsmasq[63428]: read /etc/hosts - 2 addresses
                                  Jan 19 20:51:05 php: : Gateways status could not be determined, considering all as up/active.
                                  Jan 19 20:51:05 php: : Gateways status could not be determined, considering all as up/active.
                                  Jan 19 20:51:05 php: : Gateways status could not be determined, considering all as up/active.
                                  Jan 19 20:51:08 php: : Resyncing OpenVPN instances for interface BELGACOM.
                                  Jan 19 20:51:08 php: : Resyncing OpenVPN instances for interface DOMMEL.
                                  Jan 19 20:51:09 php: : Creating rrd update script
                                  Jan 19 20:51:09 php: miniupnpd: Starting service on interface: lan
                                  Jan 19 20:51:09 miniupnpd[43849]: HTTP listening on port 2189
                                  Jan 19 20:51:09 miniupnpd[43849]: HTTP listening on port 2189
                                  Jan 19 20:51:09 miniupnpd[43849]: Listening for NAT-PMP traffic on port 5351
                                  Jan 19 20:51:09 miniupnpd[43849]: Listening for NAT-PMP traffic on port 5351
                                  Jan 19 20:51:16 php: : WARNING! Configuration written on bootup. This can cause stray openvpn and load balancing items in config.xml
                                  Jan 19 20:51:16 check_reload_status: syncing firewall
                                  Jan 19 20:51:16 php: : WARNING! Configuration written on bootup. This can cause stray openvpn and load balancing items in config.xml
                                  Jan 19 20:51:16 check_reload_status: syncing firewall
                                  Jan 19 20:51:17 kernel: pid 62289 (php), uid 0: exited on signal 11
                                  Jan 19 20:51:17 php: : Beginning package installation for RRD Summary.
                                  Jan 19 20:51:18 php: : WARNING! Configuration written on bootup. This can cause stray openvpn and load balancing items in config.xml
                                  Jan 19 20:51:18 check_reload_status: syncing firewall
                                  Jan 19 20:51:18 php: : WARNING! Configuration written on bootup. This can cause stray openvpn and load balancing items in config.xml
                                  Jan 19 20:51:19 check_reload_status: syncing firewall
                                  Jan 19 20:51:19 php: : Resyncing configuration for all packages.
                                  Jan 19 20:51:21 login: login on ttyv0 as root
                                  Jan 19 20:51:21 sshlockout[4978]: sshlockout/webConfigurator v3.0 starting up

                                  Status > Interfaces

                                  PUBLICWIFI interface (re0_vlan100)
                                  Status down
                                  PRIVATEWIFI interface (re0_vlan200)
                                  Status down

                                  1 Reply Last reply Reply Quote 0
                                  • P
                                    Porter
                                    last edited by

                                    Please disregard my earlier comments in this thread… my issue was unrelated, turned out to be a bad stacking cable on our switch stack.

                                    1 Reply Last reply Reply Quote 0
                                    • K
                                      krisken
                                      last edited by

                                      Still down on the Thu Jan 20 05:02:05 EST 2011 version

                                      1 Reply Last reply Reply Quote 0
                                      • C
                                        cmb
                                        last edited by

                                        @krisken:

                                        Still down on the Thu Jan 20 05:02:05 EST 2011 version

                                        Looks like that has nothing to do with the version, just that you broke your config. You have VLANs 100 and 200 assigned, but you apparently changed those to VLANs 2 and 3 without properly re-assigning or deleting the interfaces.

                                        1 Reply Last reply Reply Quote 0
                                        • First post
                                          Last post
                                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.