Bug #8085
closed
DHCP deny client - breaks DHCP pool
Added by Ken Bass about 7 years ago.
Updated about 7 years ago.
Description
I decided that on my LAN I mainly wanted DHCP to be handed out to the static mappings and I wanted the static mappings to have very long expiration times.
I created a pool for actual dynamic mapping in the same subnet. I used this technique basically so I could provide shorter lease times to leases that were not derived from a static entry.
1) LAN - a) checked Deny unknown clients - b) checked Denied clients will be ignored rather than rejected.
2) LAN pool - did not check either of the above.
When above 1 b) was checked - DHCP no longer handed out addresses within the pool - it basically disabled the pool altogether.
Expected:
I expected the LAN to not hand out or respond to any DHCP request that was not statically listed.
I also expected the LAN pool to be consulted and for the pool to hand out an address.
as a side note: the 'default lease time' of a pool is not 7200 secs, it is whatever it set in the main interface - I did not expect the pool would use values from the interface if left blank.
- Status changed from New to Not a Bug
The GUI places the directives in the correct places, within the specified pools, so there isn't any bug here.
That said, your design is flawed. Statics are not a part of any pool, so their behavior only has vaguely to do with interface global settings and not the default range/pool or pool-specific options.
Post on the forum, mailing list, or reddit to discuss and perhaps come up with a better design that can get closer to what you want.
I don't understand how this is Not a bug - forget about what I was trying to accomplish.
On the main LAN interface - I had an IP range of a single IP and I checked those boxes listed in 1) a & b
On the LAN pool - I had an IP range of 30 IPs. When 1) b was checked NO IPs were given out whatsoever.
I guess I don't understand why the pool wouldn't not hand out IP addresses--thus the bug report.
It's not a bug in pfSense - we generate the configuration file correctly. If there is any issue it is one directly in the ISC DHCP Daemon, or one in your understanding of how the settings should interact.
I have verified that you generate the config file correctly. After trying to reproduce this again today, it appears to be working. Maybe there was a non-expired lease leftover during my testing yesterday. I cannot explain it.
Also available in: Atom
PDF
Updated by 
Updated by