2 bridged networks / DHCP problem
-
on DHCP 1 (134.214.0.0/22) pfsense record these logs :
Apr 26 18:10:23 dhcpd: DHCPDISCOVER from 00:90:96:20:98:2d via rl0: network 134.214.0/22: no free leases
Apr 26 18:10:23 dhcpd: DHCPREQUEST for 134.214.232.32 (134.214.100.6) from 00:90:96:20:98:2d via rl0: wrong network.
Apr 26 18:10:23 dhcpd: DHCPNAK on 134.214.232.32 to 00:90:96:20:98:2d via rl0
Apr 26 18:10:24 dhcpd: DHCPDISCOVER from 00:90:96:20:98:2d via rl0: network 134.214.0/22: no free leases
Apr 26 18:10:24 dhcpd: DHCPREQUEST for 134.214.232.32 (134.214.100.6) from 00:90:96:20:98:2d via rl0: wrong network.
Apr 26 18:10:24 dhcpd: DHCPNAK on 134.214.232.32 to 00:90:96:20:98:2d via rl0I don't have access to the logs of DHCP2 (134.214.100.6), but it seems that it offer the IP 134.214.232.32 to the client.
if I restart or stop the pfsense DHCP, the client gets the IP 134.214.232.32 directely.note that DHCP 1 cannot offer a lease for an unknown client because the option deny unknown option is checked.
So any idea ?
-
OK, maybe the DHCPNACK cancels the DHCPACK from the other dhcp server.
As you're using public IPs, maybe it will be difficult, but if you can try to extend the subnet of the DHCP 1 (let's say from /22 et /16), to include the network of the second DHCP server in the same network as the first (same network, but still different ranges), in order to see if the "unknow lease" only instead of the DHCPNACK message should solve the issue…
Because DHCPNACK is sent to client, but unknow lease is only log, and no message is sent back to client.
DHCPNACK is used to say to a laptop coming from another wifi network : "hey, you're dhcp renew is not valid on this wifi lan ! you're no more on your home wifi network"
-
i think that it is something related to dhcp-authoritative option that is not enabled may be on DHCP 2 (Windows 2K3 server)
-
And I still think it might be a DHCPNACK issue :D
-
hmmm !! ok
-
is there a solution for this ?
-
using only 1 dhcp server
-
Map wireless lan on different VLAN, or try to share the same network, and dhcp distributing on 2 different ranges.
-
the problem that i have 2 differents servers for authentication, and a captive portal on each network
so is there a way to let user choose between the server, or the domain ?i.e. there is a way to have local authentication and radius or NT domaine (or LDAP) authentication on the same captive portal page ?
in this way each user can choice his domain -
No. Maybe you can try to simplyfiy your setup a bit. It seems to be rather complex.