Bug #5135
closed
DHCP interfaces are always treated as having a gateway, even if one is not assigned by the upstream DHCP server
100%
Description
interface_has_gateway() returns true for DHCP interfaces, it does not consider whether DHCP hands out a gateway or not, unfortunately this means that LAN interfaces which are DHCP numbered (but without a gateway) will not get automatic NAT config. This happens in filter_nat_rules_automatic_tonathosts() (filter.inc) when "if(interface_has_gateway($ocname)) {" is evaluated.
Not sure if get_interface_gateway() (gwlb.inc) should be used instead to check for the presence of a gateway since this appears to support dynamic interfaces (whereas , interface_has_gateway() seems to hardcode most stuff).
Updated by Chris Buechler about 9 years ago
- Subject changed from interface_has_gateway returns true for dhcp to interface_has_gateway returns true for DHCP where it doesn't assign gateway
- Status changed from New to Confirmed
- Priority changed from Normal to Very Low
You're possibly the only person on earth for whom that isn't a safe assumption. Generally a bad idea to DHCP assign your gateway's IPs.
Updated by David Freedman about 9 years ago
I'm afraid the world has changed! DHCP is prevalent on cloud implementations and is used to configure the guest according to the specified parameters of the environment or build. We have customers that deploy the pfSense image and both the WAN and LAN interfaces are autoconfigured as a result of our deployment system. This means their 'out-of-the-box' experience for the pfSense image is that it doesn't work, since the automatic outbound NAT isn't functional. I would appreciate if you could raise the priority given the real concerns here, I'm happy to bring other service provider experiences into this discussion.
Updated by Viktor Gurov almost 4 years ago
Updated by Jim Pingle almost 4 years ago
- Status changed from Confirmed to Pull Request Review
- Target version set to CE-Next
Updated by Renato Botelho almost 4 years ago
- Status changed from Pull Request Review to Feedback
- Assignee set to Viktor Gurov
PR has been merged. Thanks!
Updated by Viktor Gurov almost 4 years ago
- % Done changed from 0 to 100
Applied in changeset a207660205a8c82466b63381f48a0355a32d8866.
Updated by Jim Pingle over 3 years ago
- Target version changed from CE-Next to 2.6.0
Updated by Jim Pingle over 3 years ago
- Subject changed from interface_has_gateway returns true for DHCP where it doesn't assign gateway to DHCP interfaces are always treated as having a gateway, even if one is not assigned by the upstream DHCP server
Updating subject for release notes.
Updated by Jim Pingle over 3 years ago
- Target version changed from 2.6.0 to 2.5.2