pfSense Support Subscription

Author Topic: DHCP relay no longer working after 2.2.4 -> 2.2.5 (Sun Oct 04 09:39:48 CDT)  (Read 2318 times)

0 Members and 1 Guest are viewing this topic.

Offline Jon Gerdes

  • Full Member
  • ***
  • Posts: 160
  • Karma: +11/-1
    • View Profile
    • Blueloop Ltd
After updating to 2.2.5 SNAPs my DHCP relay stopped working on all VLANs.  The config was there and the service was running and a packet capture on the DHCP server itself showed requests coming in and replies going out OK.  Clients were not getting a response.  I didn't get a chance to run Wireshark on a client PC to see if anything was coming back to the client.  I did run Packet Capture on the pfSense box but stupidly on the DHCP server side and not the client side.

I had to rather quickly learn "3Com badged as HP"-ese on the nearest L3 switch to get things running again and haven't had a chance to look closer to see where it breaks down.

(Edit) Sorry forgot to mention - amd64 full install on VMware 5.5, with guest tools and OpenVPN export packages and nothing else.
« Last Edit: October 06, 2015, 05:45:16 pm by Jon Gerdes »

Offline cmb

  • Hero Member
  • *****
  • Posts: 11230
  • Karma: +893/-7
    • View Profile
    • Chris Buechler
Are both your clients and the DHCP server residing on VLANs?

What output do you get running:
Code: [Select]
ps auwwx|grep dhcrelay

Offline Jon Gerdes

  • Full Member
  • ***
  • Posts: 160
  • Karma: +11/-1
    • View Profile
    • Blueloop Ltd
Are both your clients and the DHCP server residing on VLANs?

What output do you get running:
Code: [Select]
ps auwwx|grep dhcrelay

cmb

Thanks for responding.  I have had to deal with other issues today - a dodgy WAN connection.  On the bright side I am now heavily testing IPSEC VPN failover via dynamic DNS and then I've got OpenVPN to do.  There aren't many features left in pfSense that I don't touch!

The DHCP server (Windows 2012R2) is on the server VLAN whilst clients, phones, etc etc each have their own VLANs.  All are routed via pfSense.  To be honest pfSense in a VM makes a damn fine switch! I am getting near wire speed routing/switching with not the fastest hardware.

I have not revisited the dhcp relay in pfSense yet but I was able to see via Wireshark on the DHCP server that requests were arriving and responses were going back out again.  I had to get things running again so I learnt 3Com and got a L3 switch to do the job for now.

I will hopefully be able to spin up a new VLAN tomorrow (BST/GMT+1) for testing and make pfSense relay for that one.  I can then leisurely trace the whole process and look for malformed options or whatever.

Again, thanks for coming back and I'll post results as soon as possible.

Cheers
Jon

Offline Jon Gerdes

  • Full Member
  • ***
  • Posts: 160
  • Karma: +11/-1
    • View Profile
    • Blueloop Ltd
Are both your clients and the DHCP server residing on VLANs?

What output do you get running:
Code: [Select]
ps auwwx|grep dhcrelay

DHCP server is on VLAN 14 - 10.77.14.14
PC is on VLAN 13 (10.77.13.0/24)

Output from ps:
Code: [Select]
root    2597   0.0  0.5  20184   9868  -  Is    5:15PM   0:00.00 /usr/local/sbin/dhcrelay -i em1_vlan13 10.77.14.14

Wireshark on the DHCP server shows a request arriving from 10.77.13.1 (pfSense's IP on the PC's VLAN). I can see this in the offer:

Code: [Select]
...
Your (client) IP address: 10.77.13.130 (10.77.13.130)
...
Relay agent IP address: 10.77.13.1 (10.77.13.1)
...

... but nothing gets back to the client.

Cheers
Jon

Offline cmb

  • Hero Member
  • *****
  • Posts: 11230
  • Karma: +893/-7
    • View Profile
    • Chris Buechler
I fixed an unrelated bug that irked me during testing.

And I reverted the cause of the problem here. Despite claims to the contrary from some who reported it as a problem, and dhcrelay's documentation seemingly making that correct, it is necessary for it to function.

Should work now.

Offline doktornotor

  • Hero Member
  • *****
  • Posts: 8553
  • Karma: +956/-278
  • Not a pfSense employee, they cannot fire me...
    • View Profile
I fixed an unrelated bug that irked me during testing.

Thanks... :) BTW, I think you have one = missing there.

Code: [Select]
if ($dhcrelayif = $on) {
Do NOT PM for help!

Offline Jon Gerdes

  • Full Member
  • ***
  • Posts: 160
  • Karma: +11/-1
    • View Profile
    • Blueloop Ltd
I fixed an unrelated bug that irked me during testing.

And I reverted the cause of the problem here. Despite claims to the contrary from some who reported it as a problem, and dhcrelay's documentation seemingly making that correct, it is necessary for it to function.

Should work now.

Thank you.  I'll give it a go in the near(ish) future.

Cheers
Jon

Offline cmb

  • Hero Member
  • *****
  • Posts: 11230
  • Karma: +893/-7
    • View Profile
    • Chris Buechler
Thanks... :) BTW, I think you have one = missing there.

Code: [Select]
if ($dhcrelayif = $on) {

Fixed that too, thanks.

Offline doktornotor

  • Hero Member
  • *****
  • Posts: 8553
  • Karma: +956/-278
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Thanks; will test some new snapshot this weekend.
Do NOT PM for help!