Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Bootp - Disable - Again I'm afraid

    Scheduled Pinned Locked Moved DHCP and DNS
    10 Posts 3 Posters 8.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      BenKenobe
      last edited by

      I have searched several threads here and also Google pages but have found no 'conclusive' solution to prevent pFsense responding to Bootp requests, it is interfering with some hardware processes relating to embedded device code 'flashing' the changing of which is not flexible or happening.

      I need to stop pFSense serving bootp requests period, it should serve DHCP / DNS requests only.

      The only link that I found was here

      "Hidden XML options will allow setting of a different bootp server IIRC."
      http://faq.pfsense.com/index.php?action=artikel&cat=10&id=38&artlang=en&highlight=hidden%20options

      but it is a dead link as in not found

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by

        can you not just deny bootp?  Maybe dhcp server in freebsd does not support this option?

        http://linux.die.net/man/5/dhcpd.conf

        allow bootp; deny bootp; ignore bootp;

        The bootp flag is used to tell dhcpd whether or not to respond to bootp queries. Bootp queries are allowed by default.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 0
        • B
          BenKenobe
          last edited by

          dhcpd.conf gets overwritten any time the pFSense DHCP server is restarted unfortunately …

          I can find no way to get pFSense to comply with the rules ... as in ignore bootp;

          You can not add or set any options not provided by the GUI they just get overwritten so even a valid statement such as "deny dynamic bootp clients;" cannot be retained whether global or in a DHCP pool.

          I don't want to add a BOOTP/DHCP option - this isn't a case for an option - I don't want BOOTP responses active full stop on any IP pool.

          1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator
            last edited by

            You would need to modify the .inc file I believe that is used to write the .conf file?

            but what your asking for is some checkbox or ability to add options in the dhcp server gui?

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            1 Reply Last reply Reply Quote 0
            • B
              BenKenobe
              last edited by

              Some sort of check box on the GUI would be nice in the future but I'd settle for a quick and dirty solution for now …. can't find any '.inc' file ... where did they hide it?

              1 Reply Last reply Reply Quote 0
              • W
                wallabybob
                last edited by

                @BenKenobe:

                can't find any '.inc' file … where did they hide it?

                Try pfSense shell command:```

                find / -name '*.inc'

                1 Reply Last reply Reply Quote 0
                • B
                  BenKenobe
                  last edited by

                  Thanks for the assist - sorted in that I can now add what I need to the dhcpd.conf file still doesn't work though

                  I added this 'option' line >> deny dynamic bootp clients;

                  to the file >>  /etc/inc/services.inc

                  in the location below and if now creates the dhcpd.conf correctly.

                  if (is_array($dhcpifconf['dnsserver']) && $dhcpifconf['dnsserver'][0] <> "") {
                  $dhcpdconf .= " option domain-name-servers {$dhcpifconf['dnsserver'][0]}";
                  if($dhcpifconf['dnsserver'][1] <> "")
                  $dhcpdconf .= ",{$dhcpifconf['dnsserver'][1]}";
                  $dhcpdconf .= ";\n";
                  }
                  $dhcpdconf .= " deny dynamic bootp clients;\n";

                  this adds the deny dynamic bootp option to my DHCP scope correctly as per

                  subnet 192.168.1.0 netmask 255.255.255.0 {
                  pool {
                  deny dynamic bootp clients;
                  range 192.168.1.1 192.168.1.100;

                  }
                  option routers 192.168.1.254;
                  option domain-name-servers 192.168.1.254;

                  }

                  the system doesn't seem to take any notice though and still responds …

                  1 Reply Last reply Reply Quote 0
                  • B
                    BenKenobe
                    last edited by

                    Sorry to raise this again but I still don't seem to have found a solution for this issue, I have tried so many things and none work, regardless of the settings when you enable DHCP it responds to or interferes with BOOTP whether you want it to or not and no setting changes seem to affect it's behaviour - is this a bug - shouldn't the DHCP server obey settings and directives.

                    Or is there something else going on ?

                    I have devices that update using a bootp process - netsetup_linux - when the pFSense DHCP is enebled all bootp requests fail with /sbin/udhcpc.nak no such file or directory, the minute pFSense DHCP server is disabled the process works fine, packet capture has confirmed that the pFSense box is responding to the tftp file request made after the bootp handshake and IP allocation - it shouldn't be since tftp on the pFSense box is also disabled. I tried killing the DNS server and it made no difference.

                    I can run a Microsoft DHCP server with zero issues, the bootp update process works fine but the MS box the 'ignore bootp' rules, but I really don't want to run another MS box just for DHCP.

                    I'd appreciate any ideas here.

                    1 Reply Last reply Reply Quote 0
                    • W
                      wallabybob
                      last edited by

                      @BenKenobe:

                      shouldn't the DHCP server obey settings and directives.

                      Did you stop then restart the DHCP server to make it notice the change in configuration file?

                      Did you look in the DHCP log to see if the DHCP server reported anything about your change to the configuration file?

                      1 Reply Last reply Reply Quote 0
                      • B
                        BenKenobe
                        last edited by

                        Did the restart thing several times, played with tftp and bootp settings on the 'LAN' I guess I have no choice but to diagnose through packet capture but it is clear that pFSense is responding to a request that it should not so the PXE boot / TFTP load process fails, I'm just really short on free time to play with this and have had no choice but to configure a Microsoft DHCP / DNS until such time as I can get back to this - the PXE / TFTP process now works correctly so pFSense is definitely the problem.

                        As you can imagine this is brutally hard to diagnose and keep a system live whilst doing so.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.