Bootp - Disable - Again I'm afraid
-
I have searched several threads here and also Google pages but have found no 'conclusive' solution to prevent pFsense responding to Bootp requests, it is interfering with some hardware processes relating to embedded device code 'flashing' the changing of which is not flexible or happening.
I need to stop pFSense serving bootp requests period, it should serve DHCP / DNS requests only.
The only link that I found was here
"Hidden XML options will allow setting of a different bootp server IIRC."
http://faq.pfsense.com/index.php?action=artikel&cat=10&id=38&artlang=en&highlight=hidden%20optionsbut it is a dead link as in not found
-
can you not just deny bootp? Maybe dhcp server in freebsd does not support this option?
http://linux.die.net/man/5/dhcpd.conf
allow bootp; deny bootp; ignore bootp;
The bootp flag is used to tell dhcpd whether or not to respond to bootp queries. Bootp queries are allowed by default.
-
dhcpd.conf gets overwritten any time the pFSense DHCP server is restarted unfortunately …
I can find no way to get pFSense to comply with the rules ... as in ignore bootp;
You can not add or set any options not provided by the GUI they just get overwritten so even a valid statement such as "deny dynamic bootp clients;" cannot be retained whether global or in a DHCP pool.
I don't want to add a BOOTP/DHCP option - this isn't a case for an option - I don't want BOOTP responses active full stop on any IP pool.
-
You would need to modify the .inc file I believe that is used to write the .conf file?
but what your asking for is some checkbox or ability to add options in the dhcp server gui?
-
Some sort of check box on the GUI would be nice in the future but I'd settle for a quick and dirty solution for now …. can't find any '.inc' file ... where did they hide it?
-
-
Thanks for the assist - sorted in that I can now add what I need to the dhcpd.conf file still doesn't work though
I added this 'option' line >> deny dynamic bootp clients;
to the file >> /etc/inc/services.inc
in the location below and if now creates the dhcpd.conf correctly.
if (is_array($dhcpifconf['dnsserver']) && $dhcpifconf['dnsserver'][0] <> "") {
$dhcpdconf .= " option domain-name-servers {$dhcpifconf['dnsserver'][0]}";
if($dhcpifconf['dnsserver'][1] <> "")
$dhcpdconf .= ",{$dhcpifconf['dnsserver'][1]}";
$dhcpdconf .= ";\n";
}
$dhcpdconf .= " deny dynamic bootp clients;\n";this adds the deny dynamic bootp option to my DHCP scope correctly as per
subnet 192.168.1.0 netmask 255.255.255.0 {
pool {
deny dynamic bootp clients;
range 192.168.1.1 192.168.1.100;}
option routers 192.168.1.254;
option domain-name-servers 192.168.1.254;}
the system doesn't seem to take any notice though and still responds …
-
Sorry to raise this again but I still don't seem to have found a solution for this issue, I have tried so many things and none work, regardless of the settings when you enable DHCP it responds to or interferes with BOOTP whether you want it to or not and no setting changes seem to affect it's behaviour - is this a bug - shouldn't the DHCP server obey settings and directives.
Or is there something else going on ?
I have devices that update using a bootp process - netsetup_linux - when the pFSense DHCP is enebled all bootp requests fail with /sbin/udhcpc.nak no such file or directory, the minute pFSense DHCP server is disabled the process works fine, packet capture has confirmed that the pFSense box is responding to the tftp file request made after the bootp handshake and IP allocation - it shouldn't be since tftp on the pFSense box is also disabled. I tried killing the DNS server and it made no difference.
I can run a Microsoft DHCP server with zero issues, the bootp update process works fine but the MS box the 'ignore bootp' rules, but I really don't want to run another MS box just for DHCP.
I'd appreciate any ideas here.
-
shouldn't the DHCP server obey settings and directives.
Did you stop then restart the DHCP server to make it notice the change in configuration file?
Did you look in the DHCP log to see if the DHCP server reported anything about your change to the configuration file?
-
Did the restart thing several times, played with tftp and bootp settings on the 'LAN' I guess I have no choice but to diagnose through packet capture but it is clear that pFSense is responding to a request that it should not so the PXE boot / TFTP load process fails, I'm just really short on free time to play with this and have had no choice but to configure a Microsoft DHCP / DNS until such time as I can get back to this - the PXE / TFTP process now works correctly so pFSense is definitely the problem.
As you can imagine this is brutally hard to diagnose and keep a system live whilst doing so.
