Bug with DHCP Gateway: none?

  • Last week I set up a new pfSense 2.2 and ran into a weird issue. I don't have the time right now to reproduce/debug it, so I drop it here hoping that it doesn't get lost that way.

    I sent out the firewall as a preconfigured VPN endpoint with three interfaces: WAN, LAN, and OPT1. LAN and OPT1 got two different internal IP networks and a DHCP server. Since (the actually renamed) LAN interface should be used as a management interface only and I wanted to make sure people don't run into trouble when they are connected to the current AP around there as well while setting it up, I put the value "none" into on Services -> DHCP Server -> LAN -> Gateway.

    Everything looked fine, you got an IP address and everything but the Internet access didn't work, neither on the LAN interface (as expected) nor on the OPT1. After a fun time debugging the firewall rules via the colleague's PC via TeamViewer I finally came to the conclusion that (a) the local ISP is weird which was totally unrelated though and (b) the firewall was working jolly fine but the PC somehow didn't pull a proper route default, even when connected to OPT1. So on a whim I typed the firewall's internal IP address into the OPT1's DHCP server Gateway field, asked the colleague to do a ipconfig /release and ipconfig /renew, and finally everything worked smoothly as it should.

    So either (a) his Windows behaved weird and didn't pull a default route even if connected to OPT1 (which is totally plausible since we're talking about Windows here) or (b) there wasn't a default route pushed out by the DHCP server on OPT1 due to the "none" value I configured for LAN. The latter would contradict the description of the option which says

    The default is to use the IP on this interface of the firewall as the gateway. Specify an alternate gateway here if this is not the correct gateway for your network. Type "none" for no gateway assignment.

    Maybe somebody with some time could have a look if a value "none" for the DHCP server on LAN inherits to the DHCP config for OPT1 which I'd consider a bug.

  • It's a bug, reproduced in 1 minute on a system as you describe with LAN and OPT1.
    And yes, the bug is only if you put "none" into the DHCP gateway field of some interface and then the DHCP gateway field of some later interface is left blank.
    Fixed by this code change: https://github.com/pfsense/pfsense/pull/1511

Log in to reply