• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

DHCPd with multiple ipv4 subnets outside of local interface network. (300US$)

Scheduled Pinned Locked Moved Bounties
120 Posts 29 Posters 70.4k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • W
    WetWilly
    last edited by Aug 22, 2013, 1:10 PM

    Greetings.
    We are in need of dhcpd support with multiple subnets configurable from the webgui.
    Currently running pfSense 2.0.3 stable.

    As it is today pfSense is only able to handle out dhcp-leases for the local subnet configured on the interface. E.g. 192.168.0.1/24.

    We want to use DHCP-relay (ip-helper in Cisco world) from other routers to forward dhcp-requests to pfSense, which will then handle out DHCP leases for the correct subnet. 192.168.1.0/24, 192.168.2.0/24 192.168.4.0/23 and so forth. Public nets should of course also be configurable.
    The functionality is already built in isc-dhcp server, it's the configurability in the pfSense webgui that is missing.

    What we need is the following:

    • Possibility to configure multiple different subnets on the same interface under Services –> DHCP server.

    • Each subnet shall be configurable with separate gateway, DNS, WINS, Domain name etc. (Same options as current dhcp-pool including static leases)

    • The DHCP leases shall be visible under Status –> DHCP Leases. Preferbly sorted with different frame per subnet, or any other way to easily separate the different subnets.

    • dhcpd logs for all subnets shall be visible under Status –> System logs --> DHCP.

    • It must be coded in such a way that the changes can be deployed to upstream pfSense development (2.1).

    Variables
    If it is too much work to make the code compatible with both 2.0.3 and upstream 2.1. It is better to make it compatible with 2.1 only.

    Not needed
    IPv6 support is not needed.

    If there is any taker or questions post them in the thread  or send a PM.
    I can provide you with the correct dhcpd.conf configuration for multiple subnets if needed.

    1 Reply Last reply Reply Quote 0
    • X
      xbipin
      last edited by Aug 31, 2013, 2:26 PM

      i was also looking for something like this

      1 Reply Last reply Reply Quote 0
      • W
        WetWilly
        last edited by Sep 1, 2013, 3:23 PM

        xbipin, perfect. How much are you willing to chip in to make this bounty more interesting for developers??

        Since noone has responded so far I recon people consider the bounty not being worth it with the current payout.

        We can increase the bounty to 500US$.

        1 Reply Last reply Reply Quote 0
        • X
          xbipin
          last edited by Sep 1, 2013, 4:29 PM

          the amount is fine but to my experience this would be tough to do as i had a similar requirement in the past but due to some restrictions it wasnt possible to do but lets see if some1 responds first, the amount can be worked on later

          1 Reply Last reply Reply Quote 0
          • S
            shade
            last edited by Sep 2, 2013, 8:50 PM

            I'm also interested for this for pfSense 2.1

            I will chip in with $300

            1 Reply Last reply Reply Quote 0
            • X
              xbipin
              last edited by Sep 3, 2013, 4:56 AM

              $50 from me because as of now i dont require this but it would be a good feature to have and to support development

              1 Reply Last reply Reply Quote 0
              • W
                WetWilly
                last edited by Sep 3, 2013, 3:01 PM

                Alright, so that makes the current payout 850 US$.

                xbipin, just for reference, could you try to locate the old thread? I tried to look through all your posts but it was too much of as hassle to scroll through 1172 posts.

                Shame it's not possible to update the subject of original post to reflect the higher bounty.

                1 Reply Last reply Reply Quote 0
                • X
                  xbipin
                  last edited by Sep 3, 2013, 4:35 PM

                  actually that thread was for something else but this question i had asked and i had got that reply, it would definitely be difficult to locate it but ill try searching from what i remember

                  1 Reply Last reply Reply Quote 0
                  • S
                    shade
                    last edited by Sep 9, 2013, 3:49 PM

                    I can also increase my part of the bounty to 500US$.

                    That makes the current payout 1050 US$.

                    1 Reply Last reply Reply Quote 0
                    • W
                      WetWilly
                      last edited by Sep 16, 2013, 8:21 AM

                      As 2.1 was released (Great work pfSense team) some variables in the bounty has changed for the easier.

                      Design it to be supported in 2.1 and in such a way that it can be deployed into upstream pfSense development (2.2).

                      The current bounty of 1050US$ is still valid.

                      1 Reply Last reply Reply Quote 0
                      • M
                        marcelloc
                        last edited by Sep 17, 2013, 1:23 AM Sep 16, 2013, 9:35 PM

                        I can take a look on it.  :)

                        Basically you need a list of DCHP ranges on each interface tab?

                        It may depend on interface aliases and/or addresses?

                        Attached a first screenshot that "fix" gui to accept dhcp ranges for all configured networks on interface.

                        The service does not starts as it need fixes on code too.

                        All new functions may take some time as it will need a lot of changes.

                        range_with_existing_subnets.png
                        range_with_existing_subnets.png_thumb
                        configured_subnet.png
                        configured_subnet.png_thumb

                        Treinamentos de Elite: http://sys-squad.com

                        Help a community developer! ;D

                        1 Reply Last reply Reply Quote 0
                        • M
                          marcelloc
                          last edited by Sep 17, 2013, 2:55 AM Sep 17, 2013, 2:14 AM

                          Maybe a list of all configured subnets?

                          dhcp_subnet_list.png
                          dhcp_subnet_list.png_thumb
                          dhcp_subnet_iface_config.png
                          dhcp_subnet_iface_config.png_thumb

                          Treinamentos de Elite: http://sys-squad.com

                          Help a community developer! ;D

                          1 Reply Last reply Reply Quote 0
                          • W
                            WetWilly
                            last edited by Sep 17, 2013, 8:37 AM

                            Very interesting Marcelloc!  ;D

                            Before you spend any more time I just want to make sure we are on the same level with the specification on this bounty.
                            I would also like Shade to acknowledge before you start as he is funding the other half.

                            I will rewrite the specification, Shade please acknowledge that you still pledge to this bounty and that you are satisfied with the specification (maybe you have something to add?)

                            What we need is the following:

                            • Possibility to configure multiple different subnets on the same interface under Services –> DHCP server.

                            This seems to be done on your first screenshot. However, I dont ever want a local IP interface inside the range of the additional subnets as this will not be a local network for pfsense. It is only going to be used for DHCP. E.g. pfsense will not be default gateway for those additional subnets. It might be nice to leave it as optional for other users though.

                            • Each subnet shall be configurable with separate gateway, DNS, WINS, Domain name etc. (Same options as current dhcp-pool including static leases)

                            • The DHCP leases shall be visible under Status –> DHCP Leases. Preferbly sorted with different frame per subnet, or any other way to easily separate the different subnets.

                            • dhcpd logs for all subnets shall be visible under Status –> System logs --> DHCP.

                            • It must be coded in such a way that the changes can be deployed to upstream pfSense development (2.2).

                            This is specifically a deal breaker for me, I don't want to be stuck with 2.1 forever in order to continue to use the  functionality from this bounty. Marcello, it looks like you are very active on these forums. Would you say its possible to commit the code to upstream pfsense development once it's done?

                            Not needed
                            IPv6 support is not needed at this time.

                            If you need help with how to configure dhcpd.conf or if you have any other questons before getting started I can be of assistance.

                            1 Reply Last reply Reply Quote 0
                            • S
                              shade
                              last edited by Sep 18, 2013, 11:44 AM Sep 18, 2013, 9:11 AM

                              WetWilly: It sound like we still need the same thing..

                              Marcelloc: Translated to config I need that the following works in the GUI

                              Local Lan Interface

                              subnet 172.16.0.0 netmask 255.255.0.0 {
                                      option routers 172.16.0.5;
                                      option subnet-mask 255.255.0.0;
                                      option broadcast-address 172.16.255.255;
                                      use-host-decl-names on;
                                      deny unknown-clients;
                              }

                              Wireless

                              subnet 10.1.0.0 netmask 255.255.0.0 {
                                      range 10.1.1.1 10.1.1.254;
                                      range 10.1.2.1 10.1.2.254;
                                      range 10.1.3.1 10.1.3.254;
                                      range 10.1.4.1 10.1.4.254;
                                      range 10.1.5.1 10.1.5.254;
                                      range 10.1.6.1 10.1.6.254;
                                      option routers 10.1.0.5;
                                      option subnet-mask 255.255.0.0;
                                      option broadcast-address 10.1.255.255;
                                      use-host-decl-names on;
                                      one-lease-per-client true;
                                      default-lease-time 3600;
                                      max-lease-time 4800;
                              }

                              LAB

                              subnet 192.168.100.0 netmask 255.255.255.0 {
                                      range 192.168.100.50 192.168.100.254;
                                      option domain-name-servers 172.16.0.2;
                                      option routers 192.168.100.1;
                                      option subnet-mask 255.255.255.0;
                                      option broadcast-address 192.168.100.255;
                                      use-host-decl-names on;
                              }

                              1 Reply Last reply Reply Quote 0
                              • M
                                marcelloc
                                last edited by Sep 18, 2013, 10:09 AM

                                I'm working based on these config result.

                                As soon as I get a working code, I'll post here for testing.

                                Treinamentos de Elite: http://sys-squad.com

                                Help a community developer! ;D

                                1 Reply Last reply Reply Quote 0
                                • W
                                  WetWilly
                                  last edited by Sep 18, 2013, 2:36 PM

                                  Shade, nice to hear.

                                  Marcello. Looking forward to test your update!

                                  1 Reply Last reply Reply Quote 0
                                  • M
                                    marcelloc
                                    last edited by Sep 20, 2013, 3:35 AM

                                    I think I got it  ;D

                                    Check screenshots and result config

                                    option domain-name "localdomain";
                                    option ldap-server code 95 = text;
                                    option domain-search-list code 119 = text;
                                    
                                    default-lease-time 7200;
                                    max-lease-time 86400;
                                    log-facility local7;
                                    one-lease-per-client true;
                                    deny duplicates;
                                    ping-check true;
                                    authoritative;
                                    subnet 192.168.5.0 netmask 255.255.255.0 {
                                            pool {
                                                    option domain-name-servers 8.8.8.8;
                                                    range 192.168.5.10 192.168.5.25;
                                            }
                                    
                                            option routers 192.168.5.1;
                                            option domain-name-servers 8.8.8.8;
                                    
                                    }
                                    subnet 192.168.6.0 netmask 255.255.255.0 {
                                            pool {
                                                    option domain-name-servers 8.8.8.8;
                                                    deny unknown-clients;
                                                    option routers 192.168.6.1;
                                                    range 192.168.6.35 192.168.6.140;
                                            }
                                    
                                    }subnet 192.168.7.0 netmask 255.255.255.128 {
                                            pool {
                                                    option routers 192.168.7.1;
                                                    range 192.168.7.10 192.168.7.90;
                                            }
                                    
                                    }
                                    

                                    I'll send you modified files.

                                    I've did minimum changes to current code to get easier to debugn and push to 2.2.

                                    This code does not affect basic dhcp setup, gui or config

                                    dhcp_server.png
                                    dhcp_server.png_thumb
                                    dhcp_additional_pool.png
                                    dhcp_additional_pool.png_thumb

                                    Treinamentos de Elite: http://sys-squad.com

                                    Help a community developer! ;D

                                    1 Reply Last reply Reply Quote 0
                                    • S
                                      shimabuku
                                      last edited by Sep 21, 2013, 2:21 AM

                                      I would like to also chip in $100  :)

                                      1 Reply Last reply Reply Quote 0
                                      • M
                                        marcelloc
                                        last edited by Sep 21, 2013, 2:25 AM

                                        @shimabuku:

                                        I would like to also chip in $100  :)

                                        Great!  ;D I'll send you this first version of the patch.

                                        Treinamentos de Elite: http://sys-squad.com

                                        Help a community developer! ;D

                                        1 Reply Last reply Reply Quote 0
                                        • B
                                          bennyc
                                          last edited by Sep 23, 2013, 9:33 AM

                                          This is something great & added value overall.
                                          If really hope this makes it to the next releases (as accepted feature), and i'll also add in anther $50 to support dev a bit…

                                          4x XG-7100 (2xHA), 1x SG-4860, 1x SG-2100
                                          1x PC Engines APU2C4, 1x PC Engines APU1C4

                                          1 Reply Last reply Reply Quote 0
                                          • First post
                                            Last post
                                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                                            This community forum collects and processes your personal information.
                                            consent.not_received