PfSense as DHCP in AWS Private Subnet



  • I've been trying for a couple days now to get my pfSense box to act as DHCP server for my AWS subnet.

    I'm able to manually configure Ubuntu hosts to use static IP addresses with the pfSense box set as the router and DNS server, but the DHCP is always served from the VPC's integrated subnet DHCP server (x.x.x.1).

    I've tried tweaking dhclient.conf to reject DHCPOFFER packets from x.x.x.1, but when I do that it doesn't pick up the pfSense box as the DHCP server. I've manually configured pfSense static entries for the mac addresses of the EC2 instances' virtual network interfaces, and the DHCP Status page shows the hosts as online when they're powered on, and offline when they're powered off.

    This pfSense box is also hosting an OpenVPN connection, and I successfully get assigned DHCP addresses over the VPN connection in a different subnet.

    I'm curious what my options are, including for diagnosing why DHCPOFFER packets aren't being received, does anyone have any ideas short of configuring static addresses for every host I spin up? The machines will be a mixture of Ubuntu and Windows hosts. There is a forum post that is several years old over on AWS in which an AWS staff member says DHCP is required to be served by AWS. (If that was true, how would I be able to configure static addresses, yes I realize that just ignores DHCP, but what distinguishes it from having an alternate DHCP server?)

    The pfSense AMI I'm using is Netgate pfSense Certified 2.2.5-d80da0a7-a53a-4c15-bec6-a3e647fb7f74-ami-a5b3cfcf.2 (ami-d2453bb8)



  • The online/offline status is just whether those IPs appear in the system's ARP cache. You can add static mappings if you want to see that online/offline display. But you can't run your own DHCP server in AWS.


Log in to reply