Bug #5135
closed
DHCP interfaces are always treated as having a gateway, even if one is not assigned by the upstream DHCP server
Added by David Freedman about 9 years ago.
Updated over 3 years ago.
Plus Target Version:
21.05
Affected Architecture:
All
Description
interface_has_gateway() returns true for DHCP interfaces, it does not consider whether DHCP hands out a gateway or not, unfortunately this means that LAN interfaces which are DHCP numbered (but without a gateway) will not get automatic NAT config. This happens in filter_nat_rules_automatic_tonathosts() (filter.inc) when "if(interface_has_gateway($ocname)) {" is evaluated.
Not sure if get_interface_gateway() (gwlb.inc) should be used instead to check for the presence of a gateway since this appears to support dynamic interfaces (whereas , interface_has_gateway() seems to hardcode most stuff).
- Subject changed from interface_has_gateway returns true for dhcp to interface_has_gateway returns true for DHCP where it doesn't assign gateway
- Status changed from New to Confirmed
- Priority changed from Normal to Very Low
You're possibly the only person on earth for whom that isn't a safe assumption. Generally a bad idea to DHCP assign your gateway's IPs.
I'm afraid the world has changed! DHCP is prevalent on cloud implementations and is used to configure the guest according to the specified parameters of the environment or build. We have customers that deploy the pfSense image and both the WAN and LAN interfaces are autoconfigured as a result of our deployment system. This means their 'out-of-the-box' experience for the pfSense image is that it doesn't work, since the automatic outbound NAT isn't functional. I would appreciate if you could raise the priority given the real concerns here, I'm happy to bring other service provider experiences into this discussion.
- Status changed from Confirmed to Pull Request Review
- Target version set to CE-Next
- Status changed from Pull Request Review to Feedback
- Assignee set to Viktor Gurov
PR has been merged. Thanks!
- % Done changed from 0 to 100
- Target version changed from CE-Next to 2.6.0
- Plus Target Version set to 21.05
- Subject changed from interface_has_gateway returns true for DHCP where it doesn't assign gateway to DHCP interfaces are always treated as having a gateway, even if one is not assigned by the upstream DHCP server
Updating subject for release notes.
- Target version changed from 2.6.0 to 2.5.2
- Status changed from Feedback to Closed
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by Viktor Gurov 
Updated by 
Updated by