DHCP staic leases are broken.



  • Is there a reason that pfsense blocks you from having static reservations in your dhcp scope? You should be able to assign static IP's AND have DHCP on the same scope. Normally you would just add to the dhcpd.conf:

    
    host host_name {
                    hardware ethernet 08:00:2b:4c:a3:82;
                    fixed-address 192.168.1.120;
            }
    
    

    But it appears that pfsense blocks you from doing this for some reason, and if you try and add a static IP in the scope pfsense says you can't.

    "The following input errors were detected:

    The IP address must not be within the DHCP range for this interface."

    This is complete non-sense, you can do this. Is there a place you can manully add to the dhcpd.conf file besides /var/db/dhcp/etc ? because that seems to be over written on reboot.



  • Check /etc/inc/services.inc around line #130

    The /var/db/dhcp/… are the chrooted version of dhcpd and are overwritten



  • @dhatz:

    Check /etc/inc/services.inc around line #130

    The /var/db/dhcp/… are the chrooted version of dhcpd and are overwritten

    Thanks, but I guess i'm just not seeing anything there to change. I am running 2.0, if that makes a difference. Also, I just found the FAQ (http://doc.pfsense.org/index.php/Why_can't_I_have_static_mappings_inside_my_DHCP_range%3F), and it really just put a bad taste in my mouth. I have never heard of such a limitation. In fact I have yet to find anything that backs up the FAQ anywhere including ISC, Redhat, BSD. So right now to me its just a silly pfsense limitation.



  • Well I have a temp fix that works for now. I edited /etc/inc/services.inc on line 113 to have dhcpd.conf renamed to dhcp.conf.auto

    Then use dhcpd.conf with my static mappings. Rebooted, seems to be working.



  • I have to agree with you about this.  I will try your fix and if it doesn't work I may try rolling back to a previous version.  I thought I was "upgrading" when I installed 2.0 final???



  • Thanks, but I guess i'm just not seeing anything there to change. I am running 2.0, if that makes a difference. Also, I just found the FAQ (http://doc.pfsense.org/index.php/Why_can't_I_have_static_mappings_inside_my_DHCP_range%3F), and it really just put a bad taste in my mouth. I have never heard of such a limitation. In fact I have yet to find anything that backs up the FAQ anywhere including ISC, Redhat, BSD. So right now to me its just a silly pfsense limitation.

    Not limitation. Best practice.

    Why don't you just simply follow the advice on the linked page?
    @http://doc.pfsense.org/index.php/Why_can't_I_have_static_mappings_inside_my_DHCP_range%3F:

    If you absolutely must make assignments inside the pool, and you are aware of the risks involved and want to do so anyway, you may remove the input validation check from the PHP file that drives the DHCP editor page. The details of this unsupported change are left out as an exercise for the reader.

    The files can be found in /usr/local/www/



  • @GruensFroeschli:

    Not limitation. Best practice.

    LOL, Best Practice?? Can you back that up with some source material?

    BTW I'm happily using my Linux DHCP server with no stupid pfsense limitation.



  • It can be also put in other way, network engineer has done very lousy job when designed network and pool areas, if dynamically assignable addresses has to be given static.

    or network admins are so lazy that they don't take mac-address of that device and make it to be static.



  • @djroketboy:

    Thanks, but I guess i'm just not seeing anything there to change. I am running 2.0, if that makes a difference. Also, I just found the FAQ (http://doc.pfsense.org/index.php/Why_can't_I_have_static_mappings_inside_my_DHCP_range%3F), and it really just put a bad taste in my mouth. I have never heard of such a limitation. In fact I have yet to find anything that backs up the FAQ anywhere including ISC, Redhat, BSD. So right now to me its just a silly pfsense limitation.

    You're wrong. Don't believe me? Easy way to prove it - setup a DHCP scope with one IP, take out the input errors line in services_dhcp_edit.php that prevents you from adding such an entry and add a static mapping for that one IP that's in your scope. Plug something into that network that isn't your statically mapped host, and look, dhcpd just assigned it your "static" mapping except to the wrong host. That's just one quick way to illustrate what will happen to such configurations.

    Why? Ask ISC, I agree it's silly, but you're barking up the wrong tree. If you enter a static mapping you want to ensure it's truly static, not just preferred, which is why that restriction exists. If your host is the first to grab that particular lease, and never gives it up, sure that will work as desired. But we do that for good reason, having it outside the pool is the only way to ensure that IP is never assigned to anything else, which is what you would expect for such functionality. Your other networks aren't doing what you think they are, they function by coincidence only.


Locked