DHCP client on red0 won't reassign IP upon reconnection

Eric,

your explanation is only for a DOCSIS router ( with own NAT ). A real DOCSIS modem just passes through the communication with the DHCP server at the ISP ( modem works as bridge). The modem has its own local IP at 192.168.100.1 ( the net 192.168.100.0/24 is used by the modem’s DHCP server in case of failures on the cable side ).

My experience is, that the actual DHCP client ( dhcpcd ) in IPFire has some problems with DHCP servers not responding correctly to his requests and thus doesn’t notice a change in the assigned public IP address.

EDIT/UPDATE: This change of IP happened again this night. No internet connection. A
dhcpcd -k red0 ( release interface red0 )
dhcpcd -n red0 ( rebind interface red0 )
solved the issue.

I have the exact same issue - even a reboot of my Cable modem reproduces the issue and until I either reboot IPFire or restart the daemon it doesn’t reacquire the IP address from my ISP.

I’ve attached the relevant messages from last night when it happened.

Also, when this happens, I can’t even reboot IPFire correctly from the console - it simply hangs on trying to release the red0 IP address that it claims it lost (line 49 of the log).dhcp.000.log.gz (869 Bytes)

Just to close this out, I believe the update to Core Update 147 has fixed this issue for me. I did a little digging and found that there was an issue in dhcpcd that could have caused this, and that was resolved in version 9.1.2 (which was part of the 147 update).

After updating to 147, I attempted to reproduce the issue by disconnecting the RF cable from my cable modem, waited for the new internal IP to be assigned, and then reconnected it. Dhcpcd was able to handle the change in link status and re-request the external IP.

Thanks again to everyone who looked into this.

Im using IPFire 2.25 (x86_64) - Core Update 158 and Im having this issue. Sub par cable modem provider has equipment that goes down or has signal loss when it rains.
this causes my router to do the exact same thing. Ive been manually rebooting the whole thing until i found this thread on how to do the dhcp renew manually.

Im hoping that maybe an old bug got reintroduced for some reason? This is really annoying though. anyone else still having this issue with cable modems?

Facing similar issues since I switched to cable. I wrote a small script and a cron check every 10 minutes. The script pings two domains and If none is reachable dhcpdc gets killed and started again.

IPs=(“bbc.com” “startpage.com”);
IPs_present=0;

for IPs in “${IPs[@]}”
do
ping -c 1 $IPs &>/dev/null && IPs_present=1
done

if [[ $IPs_present -eq 1 ]]; # Inet ok
then
exit
else # not ok
dhcpcd -k red0 # kill red
sleep 60
dhcpcd -n red0 # start red
exit
fi
fi
done
exit

I’ve got a brand new ipfire installation (Core 162) and I had a power failure followed by a cable service outage thanks to some downed lines that helped me test automatic recovery. The bad news is that my red0 interface did not re-acquire any IP via DHCP after the cable modem re-acquired link.

Sequence of events:

• power fails, so ipfire box and cable modem are off
• power restored
• cable modem turns on but can’t connect to the ISP because the line is down in the neighbourhood
• ipfire turns on at the same time, and green network works fine, but because the bridged cable modem has no link to the ISP, no DHCP responses happen, of course
• cable lines are repaired and the modem automatically comes online successfully (untouched)
• ipfire red0 remains in the same state, without an IP assigned.
• ipfire requires a reboot in order to retry a lease on red0

I run my cable modem in bridge mode and just switched to ipfire a couple of days ago after manually running a “normal” Linux system as a firewall for over 20 years. I’ve never had this problem with the isc-dhcp-server service in Debian which has handled many similar events for decades.

My symptoms seem the same as those in this thread, where the DHCP client service in ipfire just isn’t even (re-)trying to get a lease.

I haven’t customized ipfire at all other than normal things in the UI except for a tiny custom file in /etc/unbound/local.d/ to override some irrelevant DNS results.

I will see what other information I can gather.

I didn’t see the logs for today at first because grep was skipping the rest of /var/log/messagesafter seeing some bytes that convinced it that it was a binary file. Anyway, I’ve overcome that and now I see what happened:

Jan 8 11:00:00 approximate time of power and cable service loss

Power restored, cable service not restored

Jan  8 12:12:17 fw dhcpcd[1793]: dhcpcd-9.4.1 starting
Jan  8 12:12:17 fw dhcpcd[1796]: DUID 00:04:03:00:02:00:04:00:05:00:00:06:00:07:00:08:00:09
Jan  8 12:12:18 fw dhcpcd[1796]: red0: waiting for carrier
Jan  8 12:12:21 fw dhcpcd[1796]: red0: carrier acquired
Jan  8 12:12:21 fw dhcpcd[1796]: red0: IAID 14:a0:bc:eb
Jan  8 12:12:21 fw dhcpcd[1796]: red0: adding address fe80::227c:14ff:fea0:bceb
Jan  8 12:12:21 fw dhcpcd[1796]: ipv6_addaddr1: Permission denied
Jan  8 12:12:21 fw dhcpcd[1796]: red0: soliciting an IPv6 router
Jan  8 12:12:22 fw dhcpcd[1796]: red0: rebinding lease of $REDACTED_REAL_IP
Jan  8 12:12:27 fw dhcpcd[1796]: red0: DHCP lease expired
Jan  8 12:12:27 fw dhcpcd.exe[1842]: red0 has been brought down (EXPIRE)
Jan  8 12:12:28 fw dhcpcd[1796]: red0: soliciting a DHCP lease
Jan  8 12:12:49 fw dhcpcd[1796]: red0: carrier lost
Jan  8 12:12:49 fw dhcpcd.exe[2010]: red0 has been brought down (EXPIRE)
Jan  8 12:12:52 fw dhcpcd[1796]: red0: carrier acquired
Jan  8 12:12:52 fw dhcpcd[1796]: red0: IAID 14:a0:bc:eb
Jan  8 12:12:53 fw dhcpcd[1796]: red0: soliciting an IPv6 router
Jan  8 12:12:54 fw dhcpcd[1796]: red0: soliciting a DHCP lease
Jan  8 12:13:17 fw dhcpcd[1796]: red0: carrier lost
Jan  8 12:13:17 fw dhcpcd.exe[2186]: red0 has been brought down (EXPIRE)
Jan  8 12:13:18 fw dhcpcd[1796]: timed out

I manually reboot ipfire before cable service is back, trying to diagnose why there is no Internet.

Jan  8 12:53:43 fw dhcpcd[1729]: dhcpcd-9.4.1 starting
Jan  8 12:53:43 fw dhcpcd[1732]: DUID 00:04:03:00:02:00:04:00:05:00:00:06:00:07:00:08:00:09
Jan  8 12:53:43 fw dhcpcd[1732]: red0: waiting for carrier
Jan  8 12:53:46 fw dhcpcd[1732]: red0: carrier acquired
Jan  8 12:53:46 fw dhcpcd[1732]: red0: IAID 14:a0:bc:eb
Jan  8 12:53:46 fw dhcpcd[1732]: red0: adding address fe80::227c:14ff:fea0:bceb
Jan  8 12:53:46 fw dhcpcd[1732]: ipv6_addaddr1: Permission denied
Jan  8 12:53:47 fw dhcpcd[1732]: red0: soliciting an IPv6 router
Jan  8 12:53:47 fw dhcpcd[1732]: red0: soliciting a DHCP lease
Jan  8 12:54:43 fw dhcpcd[1732]: timed out

It looks like dhcpcd just gives up after 60 seconds!

I rebooted the machine manually after I saw the cable modem had reacquired a link with the ISP.

Jan  8 15:08:12 fw dhcpcd[1733]: dhcpcd-9.4.1 starting
Jan  8 15:08:12 fw dhcpcd[1736]: DUID 00:04:03:00:02:00:04:00:05:00:00:06:00:07:00:08:00:09
Jan  8 15:08:12 fw dhcpcd[1736]: red0: waiting for carrier
Jan  8 15:08:15 fw dhcpcd[1736]: red0: carrier acquired
Jan  8 15:08:15 fw dhcpcd[1736]: red0: IAID 14:a0:bc:eb
Jan  8 15:08:15 fw dhcpcd[1736]: red0: adding address fe80::227c:14ff:fea0:bceb
Jan  8 15:08:15 fw dhcpcd[1736]: ipv6_addaddr1: Permission denied
Jan  8 15:08:15 fw dhcpcd[1736]: red0: soliciting an IPv6 router
Jan  8 15:08:17 fw dhcpcd[1736]: red0: soliciting a DHCP lease
Jan  8 15:08:20 fw dhcpcd[1736]: red0: offered $REDACTED_REAL_IP from $REDACTED_REAL_DCHP_SERVER $REDACTED_DOMAIN
Jan  8 15:08:20 fw dhcpcd[1736]: red0: probing address $REDACTED_REAL_IP/20
Jan  8 15:08:25 fw dhcpcd[1736]: red0: leased $REDACTED_REAL_IP for 216000 seconds
Jan  8 15:08:25 fw dhcpcd[1736]: red0: adding route to $REDACTED_NETWORK/20
Jan  8 15:08:25 fw dhcpcd[1736]: red0: adding default route via $REDACTED_GW
Jan  8 15:08:25 fw dhcpcd.exe[1782]: red0 has been (re)configured with IP=$REDACTED_REAL_IP

The man page for dhcpcd (I can only find them for non-Linux systems) says:

     dhcpcd gets the host information (IP address, routes, etc) from a DHCP
     server and configures the network interface of the machine on which it is
     running.

...

     dhcpcd then daemonises
     and waits for the lease renewal time to lapse.  It will then attempt to
     renew its lease and reconfigure if the new lease changes when the lease
     begins to expire or the DHCP server sends a message to renew early.

...

     If any interface reports a working carrier then dhcpcd will try to obtain
     a lease before forking to the background, otherwise it will fork right
     away.  This behaviour can be modified with the -b, --background and -w,
     --waitip options.

According to this, invoking dhcpcd red0 asks dhcpcd to start, try to get a lease, and then only if it does, go into the background and try to renew it before it times out.

Based on the log contents and the observed behaviour, it seems like if it doesn’t get a lease within the first 60 seconds, it does not go into the background and keep trying!

I don’t quite understand why the daemon with the job of keeping the interface with an active DHCP lease would decide to not keep trying forever by default, but that certainly sounds like it’s the problem.

The options for fixing these seem to be:

1. Add --timeout 0 so that it tries forever to get a lease. This certainly seems like what I (and most people) would want. However, it doesn’t seem like ipfire would expect this to take place in the foreground while its dhcpcd_start() function is running, so . . .

2. Add both --timeout 0 and the --background flag to immediately background and keep trying forever. I think that ipfire is built to handle this judging by the check of $ip_address in dhcpcd_start().

So, I’ll give this a try and report back when I have a chance to test it properly.

Hi @spencer

Welcome to the IPFire community.

dhcpcd is used on red to aquire dhcp info from the ISP.
It tries for 60 secs to get the dhcpnip address and then stops if it has been unsuccessful.
At that point you have to reboot ipfire to get it to try again.

Therefore before starting ipfire you need to ensure that your modem is connected to your ISP.

If you use timeout 0 then dhcpcd will stay there until your connection becomes available but that also means that the boot basically stops at that point so your system will effectively look like it has become unresponsive as there will be no messages while it waits for tge dhcp response from your ISP.

It will be interesting to see if going into tge background works or not. It wl depend on what else depends on dhcpd having made a connection.

Hi. Thanks for the response!

Therefore before starting ipfire you need to ensure that your modem is connected to your ISP.

I agree that’s how things behave right now, but can you help me understand how that behaviour is useful?

Why should a person need to manually intervene to restore the network when the same result can be achieved through an entirely automated process? What harm is there in having red0 retry until it obtains its initial address?

Also, what happens if red0 loses its lease later? Does ipfire via dhcpcd keep trying to get it back? Or does it stop and require manual intervention then?

If you use timeout 0 then dhcpcd will stay there until your connection becomes available but that also means that the boot basically stops

This is why I think that adding both --timeout 0 and --background seems like it might produce the correct result. I don’t see why “I have a lease and will keep it alive” is any different than “I don’t have a lease yet and will keep trying” in terms of the lifecycle of red0 (and the boot process).

Give it a try and see if it works. If it does and doesn’t break anything else then you can always submit a patch to the development mailing list.

I tried the timeout 0 setting in the past but not the background option.

I will try it and if possible will submit something.

Do you happen to know if ipfire, as a whole, expects and monitors for changes in the red0 IP and handles them by updating all of its firewall rules with the new address?

No I don’t.

I think you will have to check the code to find that out unless someone else is able to say.

I think you should join the development mailing list and ask the question there.

https://wiki.ipfire.org/devel/mailing-lists

One problem may be the behaviour of the modem.
If the modem cannot reach the CMTS it should go in ‘local mode’, handing out an IP of the ‘modem net’ ( 192.168.100.0/24 ) with an very short lease time <1min.
With a running modem there should be no timeout and through the short lease time the DHCP client ( IPFire ) should update his IP very quick after return of the DOCSIS connection.

So remains the timing problem at power up of both IPFire and modem. As it is configured now, the modem must be online 1 min after online state of IPFire.

If that can be done then that would be great. I am just not sure if the current structure of IPFire2.x allows that to be done without a large rewrite but I am not sufficiently knowledgeable to be able to figure that out.

If you are able to find a solution that can be implemented into IPFire 2.x then I think your efforts and results would be greatly appreciated.

Let us know how you get on with your investigations and if successful we will help, if needed, with pointers to the appropriate parts of the wiki for how to submit a patch to get your solution reviewed by the core devs and hopefully integrated into IPFire2.x

I think I’ve solved the problem of having ipfire boot with a “dead forever” red0 interface when DHCP doesn’t serve an address within the 30-60 second timeout of dhcpcd’s initial attempt.

Steps:

1. Edit /etc/init.d/networking/functions.network to start dhcpcd in the background with no timeout.

--- /root/functions.network.orig        2022-01-08 16:26:02.956856033 -0400
+++ functions.network   2022-01-08 21:07:28.617170885 -0400
@@ -56,7 +56,7 @@
        # This function will start a dhcpcd on a speciefied device.

        local device="$1"
-       local dhcp_start=""
+       local dhcp_start="--timeout 0 --background "

        boot_mesg -n "Starting dhcpcd on the ${device} interface..."

(Be sure to include that last space inside the quotes!)

2. Set ntp’s ENABLESETONBOOT in /var/ipfire/time/settings to off (aka “Force setting the system clock on boot”) because it sits in a blocking loop waiting for red0 to come up otherwise!

I tested all of this with ipfire running in a VM with interface I can completely control.

Boot with cable unplugged:

Jan  8 20:37:34 ipfire dhcpcd[1579]: dhcpcd-9.4.1 starting
Jan  8 20:37:34 ipfire dhcpcd[1582]: DUID 00:04:24:70:f1:41:01:82:d0:4b:b5:09:ae:87:60:d0:15:54
Jan  8 20:37:35 ipfire dhcpcd[1582]: red0: waiting for carrier

System comes up fine with RED “Connecting…”.

Connect the cable after boot:

Jan  8 20:41:05 ipfire dhcpcd[1582]: red0: carrier acquired
Jan  8 20:41:05 ipfire dhcpcd[1582]: red0: IAID 27:40:11:d7
Jan  8 20:41:05 ipfire dhcpcd[1582]: red0: adding address fe80::a00:27ff:fe40:11d7
Jan  8 20:41:05 ipfire dhcpcd[1582]: ipv6_addaddr1: Permission denied
Jan  8 20:41:05 ipfire dhcpcd[1582]: red0: soliciting an IPv6 router
Jan  8 20:41:07 ipfire dhcpcd[1582]: red0: rebinding lease of 10.0.3.88
Jan  8 20:41:07 ipfire dhcpcd[1582]: red0: probing address 10.0.3.88/24
Jan  8 20:41:11 ipfire dhcpcd.exe[2229]: red0 has been (re)configured with IP=10.0.3.88
Jan  8 20:41:12 ipfire unbound: [1449:0] info: service stopped (unbound 1.13.2).
Jan  8 20:41:12 ipfire unbound: [1449:0] info: server stats for thread 0: 22 queries, 6 answers from cache, 16 recursions, 0 prefetch, 0 rejected by ip ratelimiting
Jan  8 20:41:12 ipfire unbound: [1449:0] info: server stats for thread 0: requestlist max 0 avg 0 exceeded 0 jostled 0
Jan  8 20:41:12 ipfire unbound: [1449:0] info: average recursion processing time 0.000000 sec
Jan  8 20:41:12 ipfire unbound: [1449:0] info: histogram of recursion processing times
Jan  8 20:41:12 ipfire unbound: [1449:0] info: [25%]=2.5e-07 median[50%]=5e-07 [75%]=7.5e-07
Jan  8 20:41:12 ipfire unbound: [1449:0] info: lower(secs) upper(secs) recursions
Jan  8 20:41:12 ipfire unbound: [1449:0] info:    0.000000    0.000001 16
Jan  8 20:41:12 ipfire unbound: [1449:0] notice: Restart of unbound 1.13.2.
Jan  8 20:41:12 ipfire unbound: [1449:0] notice: init module 0: validator
Jan  8 20:41:12 ipfire unbound: [1449:0] notice: init module 1: iterator
Jan  8 20:41:12 ipfire unbound: [1449:0] info: start of service (unbound 1.13.2).
Jan  8 20:41:12 ipfire unbound: [1449:0] info: generate keytag query _ta-4a5c-4f66. NULL IN
Jan  8 20:41:13 ipfire ntpd[1691]: Listen normally on 4 red0 10.0.3.88:123
Jan  8 20:41:13 ipfire ntpd[1691]: new interface(s) found: waking up resolver

System status now reports “Connected” with the right IP.

Next, I changed the DHCP server that issued red0’s IP address while the system was running and forced a refresh. (This doesn’t really happen without the lease expiring, but it was a handy way to test that things can handle an IP change.)

Jan  8 20:56:02 ipfire dhcpcd[2625]: sending signal HUP to pid 1556
Jan  8 20:56:02 ipfire dhcpcd[1557]: received SIGHUP, rebinding
Jan  8 20:56:02 ipfire dhcpcd[1557]: red0: IAID 27:40:11:d7
Jan  8 20:56:03 ipfire dhcpcd[1557]: red0: soliciting an IPv6 router
Jan  8 20:56:04 ipfire dhcpcd[1557]: red0: rebinding lease of 10.0.3.88
Jan  8 20:56:04 ipfire dhcpcd[1557]: red0: NAK: requested address is incorrect from 10.0.3.250
Jan  8 20:56:04 ipfire dhcpcd[1557]: red0: message: requested address is incorrect
Jan  8 20:56:04 ipfire dhcpcd[1557]: red0: deleting route to 10.0.3.0/24
Jan  8 20:56:04 ipfire dhcpcd[1557]: red0: deleting default route via 10.0.3.250
Jan  8 20:56:04 ipfire dhcpcd.exe[2638]: red0 has been brought down (NAK)
Jan  8 20:56:04 ipfire dhcpcd[1557]: red0: soliciting a DHCP lease
Jan  8 20:56:04 ipfire dhcpcd[1557]: red0: offered 10.0.3.98 from 10.0.3.250
Jan  8 20:56:04 ipfire dhcpcd[1557]: red0: probing address 10.0.3.98/24
Jan  8 20:56:05 ipfire ntpd[1668]: Deleting interface #4 red0, 10.0.3.88#123, interface stats: received=0, sent=0, dropped=0, active_time=206 secs
Jan  8 20:56:08 ipfire dhcpcd[1557]: red0: leased 10.0.3.98 for 3600 seconds
Jan  8 20:56:08 ipfire dhcpcd[1557]: red0: adding route to 10.0.3.0/24
Jan  8 20:56:08 ipfire dhcpcd[1557]: red0: adding default route via 10.0.3.250
Jan  8 20:56:08 ipfire dhcpcd.exe[2803]: red0 has been (re)configured with IP=10.0.3.98
Jan  8 20:56:09 ipfire unbound: [1424:0] info: service stopped (unbound 1.13.2).
Jan  8 20:56:09 ipfire unbound: [1424:0] info: server stats for thread 0: 5 queries, 1 answers from cache, 4 recursions, 0 prefetch, 0 rejected by ip ratelimiting
Jan  8 20:56:09 ipfire unbound: [1424:0] info: server stats for thread 0: requestlist max 1 avg 0.25 exceeded 0 jostled 0
Jan  8 20:56:09 ipfire unbound: [1424:0] info: average recursion processing time 0.126770 sec
Jan  8 20:56:09 ipfire unbound: [1424:0] info: histogram of recursion processing times
Jan  8 20:56:09 ipfire unbound: [1424:0] info: [25%]=0.001536 median[50%]=0.002048 [75%]=0.131072
Jan  8 20:56:09 ipfire unbound: [1424:0] info: lower(secs) upper(secs) recursions
Jan  8 20:56:09 ipfire unbound: [1424:0] info:    0.001024    0.002048 2
Jan  8 20:56:09 ipfire unbound: [1424:0] info:    0.065536    0.131072 1
Jan  8 20:56:09 ipfire unbound: [1424:0] info:    0.262144    0.524288 1
Jan  8 20:56:09 ipfire unbound: [1424:0] notice: Restart of unbound 1.13.2.
Jan  8 20:56:09 ipfire unbound: [1424:0] notice: init module 0: validator
Jan  8 20:56:09 ipfire unbound: [1424:0] notice: init module 1: iterator
Jan  8 20:56:09 ipfire unbound: [1424:0] info: start of service (unbound 1.13.2).
Jan  8 20:56:09 ipfire unbound: [1424:0] info: generate keytag query _ta-4a5c-4f66. NULL IN
Jan  8 20:56:10 ipfire ntpd[1668]: Listen normally on 5 red0 10.0.3.98:123
Jan  8 20:56:10 ipfire ntpd[1668]: new interface(s) found: waking up resolver

And everything looks right. The status page says “Connected” and lists the new IP.

To be sure all was well, I did these tests with an arbitrary RED->GREEN port forward bound specifically to RED networks (vs. “any” network), and thus the iptables rules use the red0 interface, thus the rules still can be applied without an IP. (Of course, if I expect RED’s IP to change, I don’t write rules that specify it, but it was good to see that ipfire doesn’t artificially use the IP in its rules either.)

I’ll join the developer list and ask about this change there and see if folks are amenable to a change here.

Meanwhile, I’ll go make these changes on my real ipfire installation and “see what happens next time”

If the modem cannot reach the CMTS it should go in ‘local mode’, handing out an IP of the ‘modem net’ ( 192.168.100.0/24 ) with an very short lease time <1min

In all my years running my setup, I’ve only seen my bridged modem act as a DHCP server once. I would only expect that to happen in specific failure modes, and then with the fast renew times, I would expect it to self-clear. To my network, including the ipfire box, that should be no different than any other IP address really assigned by my ISP, but without actual Internet access. So, when the real DHCP service becomes available over the bridge, ipfire’s DHCP client should renew on the next cycle, get the real IP, and all should work. No manual intervention required.

Thanks to everyone for the suggestions and help! I’ll report back if this solution turns out to not work well.

On further reflection, this loop looks like it will only wait about a minute, so it’s probably fine to leave it as-is for real world cases. For my testing, it sure was handy to disable it since I rebooted many, many times

I realized that I hadn’t actually reproduced the failure scenario in my systematic testing, so I created a virtual network where I could remove the DHCP server at will.

This time, booting with all (virtual) network cables plugged in, but simply no DHCP server around to respond (just like what happend to me this afternoon):

Jan  8 22:41:06 ipfire dhcpcd[1584]: dhcpcd-9.4.1 starting
Jan  8 22:41:06 ipfire dhcpcd[1587]: DUID 00:04:24:70:f1:41:01:82:d0:4b:b5:09:ae:87:60:d0:15:54
...
Jan  8 22:41:07 ipfire dhcpcd[1587]: red0: IAID 27:40:11:d7
Jan  8 22:41:07 ipfire dhcpcd[1587]: red0: adding address fe80::a00:27ff:fe40:11d7
Jan  8 22:41:07 ipfire dhcpcd[1587]: ipv6_addaddr1: Permission denied
Jan  8 22:41:07 ipfire dhcpcd[1587]: red0: soliciting an IPv6 router
...
Jan  8 22:41:07 ipfire dhcpcd[1587]: red0: soliciting a DHCP lease

And we see dhcpcd retrying properly in the background:

22:42:09.575612 08:00:27:40:11:d7 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 345: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 08:00:27:40:11:d7, length 303
22:43:13.114342 08:00:27:40:11:d7 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 345: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 08:00:27:40:11:d7, length 303
22:44:17.252694 08:00:27:40:11:d7 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 345: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 08:00:27:40:11:d7, length 303

All this time it shows “Connecting…”, correctly.

I left it this way for a few minutes, then made the DHCP server available again. On the next retry, everything works:

Jan  8 22:45:21 ipfire dhcpcd[1587]: red0: offered 10.0.3.98 from 10.0.3.250
Jan  8 22:45:21 ipfire dhcpcd[1587]: red0: probing address 10.0.3.98/24
Jan  8 22:45:25 ipfire dhcpcd[1587]: red0: leased 10.0.3.98 for 3600 seconds
Jan  8 22:45:25 ipfire dhcpcd[1587]: red0: adding route to 10.0.3.0/24
Jan  8 22:45:25 ipfire dhcpcd[1587]: red0: adding default route via 10.0.3.250
Jan  8 22:45:25 ipfire dhcpcd.exe[2217]: red0 has been (re)configured with IP=10.0.3.98
Jan  8 22:45:25 ipfire unbound: [1454:0] info: service stopped (unbound 1.13.2).
...

And the tcpdump comfirms it, although I don’t know why it asked twice.

22:45:21.258739 08:00:27:40:11:d7 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 345: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 08:00:27:40:11:d7, length 303
22:45:21.258739 08:00:27:40:11:d7 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 345: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 08:00:27:40:11:d7, length 303
22:45:21.259428 REDACTED > 08:00:27:40:11:d7, ethertype IPv4 (0x0800), length 342: 10.0.3.250.67 > 10.0.3.98.68: BOOTP/DHCP, Reply, length 300
22:45:21.259553 08:00:27:40:11:d7 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 355: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 08:00:27:40:11:d7, length 313
22:45:21.259989 REDACTED > 08:00:27:40:11:d7, ethertype IPv4 (0x0800), length 342: 10.0.3.250.67 > 10.0.3.98.68: BOOTP/DHCP, Reply, length 300

All the usual reaction. Even a pakfire update ran.

This confirms that dhcpcd does retry forever when there is no initial lease at boot, and that ipfire reacts correctly when it does get a lease.

So, with my changes to start dhcpcd in the background, it seems that booting in an environment where there is no DHCP server immediately available on red0 will produce the correct recovery once the DHCP server arrives even if no other triggers occur (such as link up/down).

I’ve had a couple more problems. I think my errors on red0 and loss of DHCP lease after 3.5 days (on a 2.5 day lease) was mostly due to early morning repair work after the storm that trigger the previous issues, where the modem trying to establish an uplink again and thus I lost the lease. But, I can’t tell if dhcpcd ever tried to renew it.

I can’t tell because dhcpcd just doesn’t log enough. Even when I force it to renew a lease on the command line with dhcpcd -N red0, all I get in the logs is:

Jan 12 21:59:50 fw dhcpcd[2213]: sending signal USR1 to pid 1735
Jan 12 21:59:50 fw dhcpcd[1736]: received SIGUSR1, renewing
Jan 12 21:59:50 fw dhcpcd[1736]: red0: soliciting an IPv6 router

That’s less than helpful for diagnosing dhcpcd's internal state and what the remaining lease time is.

Dumping the current lease information doesn’t seem to work at all:

# dhcpcd --dumplease red0
Bad system call

Yikes.

So, I’m not really impressed with dhcpcd over the Debian’s isc-dhcp-client which has worked perfectly for longer than I can remember.

Plus, today, while investigating that, I couldn’t resolve some DNS names through the ipfire box, including community.ipfire.org! I could use any of the big public DNS server no problem and my ISP’s servers, and it was fine. But the resolving process (even when run on ipfire) got no response from unbound and I couldn’t easily tell what unbound was doing even with strace and tcpdump going.

So, I am sad to report that I’m back on my old setup without ipfire.

Only for information:
rebinding is done by dhcpcd -n red0.
Just tried on my system and it works.