DHCP relay no longer working after 2.2.4 -> 2.2.5 (Sun Oct 04 09:39:48 CDT)



  • After updating to 2.2.5 SNAPs my DHCP relay stopped working on all VLANs.  The config was there and the service was running and a packet capture on the DHCP server itself showed requests coming in and replies going out OK.  Clients were not getting a response.  I didn't get a chance to run Wireshark on a client PC to see if anything was coming back to the client.  I did run Packet Capture on the pfSense box but stupidly on the DHCP server side and not the client side.

    I had to rather quickly learn "3Com badged as HP"-ese on the nearest L3 switch to get things running again and haven't had a chance to look closer to see where it breaks down.

    (Edit) Sorry forgot to mention - amd64 full install on VMware 5.5, with guest tools and OpenVPN export packages and nothing else.



  • Are both your clients and the DHCP server residing on VLANs?

    What output do you get running:

    ps auwwx|grep dhcrelay
    


  • @cmb:

    Are both your clients and the DHCP server residing on VLANs?

    What output do you get running:

    ps auwwx|grep dhcrelay
    

    cmb

    Thanks for responding.  I have had to deal with other issues today - a dodgy WAN connection.  On the bright side I am now heavily testing IPSEC VPN failover via dynamic DNS and then I've got OpenVPN to do.  There aren't many features left in pfSense that I don't touch!

    The DHCP server (Windows 2012R2) is on the server VLAN whilst clients, phones, etc etc each have their own VLANs.  All are routed via pfSense.  To be honest pfSense in a VM makes a damn fine switch! I am getting near wire speed routing/switching with not the fastest hardware.

    I have not revisited the dhcp relay in pfSense yet but I was able to see via Wireshark on the DHCP server that requests were arriving and responses were going back out again.  I had to get things running again so I learnt 3Com and got a L3 switch to do the job for now.

    I will hopefully be able to spin up a new VLAN tomorrow (BST/GMT+1) for testing and make pfSense relay for that one.  I can then leisurely trace the whole process and look for malformed options or whatever.

    Again, thanks for coming back and I'll post results as soon as possible.

    Cheers
    Jon



  • @cmb:

    Are both your clients and the DHCP server residing on VLANs?

    What output do you get running:

    ps auwwx|grep dhcrelay
    

    DHCP server is on VLAN 14 - 10.77.14.14
    PC is on VLAN 13 (10.77.13.0/24)

    Output from ps:

    
    root    2597   0.0  0.5  20184   9868  -  Is    5:15PM   0:00.00 /usr/local/sbin/dhcrelay -i em1_vlan13 10.77.14.14
    
    

    Wireshark on the DHCP server shows a request arriving from 10.77.13.1 (pfSense's IP on the PC's VLAN). I can see this in the offer:

    
    ...
    Your (client) IP address: 10.77.13.130 (10.77.13.130)
    ...
    Relay agent IP address: 10.77.13.1 (10.77.13.1)
    ...
    
    

    … but nothing gets back to the client.

    Cheers
    Jon



  • I fixed an unrelated bug that irked me during testing.

    And I reverted the cause of the problem here. Despite claims to the contrary from some who reported it as a problem, and dhcrelay's documentation seemingly making that correct, it is necessary for it to function.

    Should work now.


  • Banned

    @cmb:

    I fixed an unrelated bug that irked me during testing.

    Thanks… :) BTW, I think you have one = missing there.

    if ($dhcrelayif = $on) {
    


  • @cmb:

    I fixed an unrelated bug that irked me during testing.

    And I reverted the cause of the problem here. Despite claims to the contrary from some who reported it as a problem, and dhcrelay's documentation seemingly making that correct, it is necessary for it to function.

    Should work now.

    Thank you.  I'll give it a go in the near(ish) future.

    Cheers
    Jon



  • @doktornotor:

    Thanks… :) BTW, I think you have one = missing there.

    if ($dhcrelayif = $on) {
    

    Fixed that too, thanks.


  • Banned

    Thanks; will test some new snapshot this weekend.


Log in to reply