• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

DHCP leasing + Policy Based Routing

Scheduled Pinned Locked Moved DHCP and DNS
3 Posts 2 Posters 2.2k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • C
    Curium
    last edited by Apr 1, 2012, 4:54 AM

    I have 3 WAN connections and I want to balance traffic across them.  However I do not want to use load balancing as that has caused issues in the past with users IP addresses changing on them depending on their connection.  So I have opted for source IP policy based routing.  I did this many years ago with PFsense 1.2 and it worked great.  However the DHCP server leasing has changed in 2.0 and is making it a little more difficult.

    For example, in 1.2 I had a DHCP scope on the LAN of 10.0.1.0 - 10.0.3.255 / 16 bit.  It would nicely round robin:
    10.0.3.255
    10.0.2.255
    10.0.1.255
    10.0.3.254
    10.0.2.254
    10.0.1.254
    10.0.3.253
    and so on, you get the picture.
    I would then create 3 firewall rules, if source is 10.0.1.0/24 go out WAN 1, if 10.0.2.0/24 go out WAN 2, if 10.0.3.0/24 go out WAN 3.  Worked perfect and based on a computer IP I knew what WAN they are using.
    However in PfSense 2.0, it seems to no longer round robin and just incrementally climb from bottom up like Windows server DHCP does:
    10.0.1.0
    10.0.1.1
    10.0.1.2
    However if a computer had an IP and requested that, say 10.0.2.15, it caused the DHCP server to jump to 10.0.2.16 for the next lease.
    This doesn't seem very favorable for what I am trying to accomplish.  So, I am posing this out there what others have done or recommend.  Is there a setting I can change in DHCPD to change it's behavior?
    A less favorable solution I am thinking of is creating 3 aliases, each assigned to the previous firewall rules that direct out each WAN.  And break the subnet up with /27's.  Like first /27 goes out WAN 1, the next /27 goes out WAN 2, and so on and keep repeating WAN1, WAN2, WAN3 until I have covered 10.0.1.0 - 10.0.3.255.

    1 Reply Last reply Reply Quote 0
    • C
      Curium
      last edited by Apr 10, 2012, 3:49 AM

      Nada?

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by Apr 11, 2012, 3:56 AM

        Pretty sure ISC dhcpd's method of assigning IPs has never changed, it's worked the way you describe it as working currently for at least 15 years, back when I started using it. Our config of it has never changed. Maybe you had reservations setup? Or something different at least, not sure what that could be.

        Short of assigning reservations, or changing the method you use for distributing load, don't think there's an alternative there.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
          This community forum collects and processes your personal information.
          consent.not_received