DHCP Server: wrong network

Hi,

I have the problem, that the DHCP Server on my ipfire box sometimes assigns wrong IP addresses to my clients.

My network looks like this:

I am using the DuoBox Business Appliance [1] from the TX-Team. The box has 2 NICs and an internal WiFi card (which I have disabled with the ipfire setup). The first NIC is used for the green network, the second NIC for the orange network and then I am using a USB<->ethernet dongle for the blue network. I haven’t configured any VLANs in Ipfire - so all native interfaces. I am using 3 Unifi Access Points which are connected to my managed switch and separated via port based VLANs from the green net.

Most of the time, everything works flawlessly. But every now and then some clients get the wrong IP address from the DHCP Server. Sometimes that happens more than once a day, and sometimes I have no problems for several days.

Here’s a screenshot from my DHCP configuration:

For most of the clients in my network, I have a static IP reservation configured - so I only have a handful of clients which get a dynamic IP.

Here’s a small snippet from the DHCP Server log file:

08:11:11	dhcpd: 	DHCPNAK on 192.168.2.67 to 24:62:ab:d8:1f:00 via green0
08:11:11	dhcpd: 	DHCPREQUEST for 192.168.2.67 from 24:62:ab:d8:1f:00 via green0: wrong network.
08:11:11	dhcpd: 	DHCPACK on 192.168.2.67 to 24:62:ab:d8:1f:00 via blue0
08:11:11	dhcpd: 	DHCPREQUEST for 192.168.2.67 from 24:62:ab:d8:1f:00 via blue0

The strange thing is that 192.168.2.67, which is a wireless device, requesting an IP via the green network. Does anyone know what could be the reason for that?

Any tips on debugging the issue are highly appreciated!

[1] https://shop.tx-team.de/Networking-Firewall/Desktop-Firewall/DuoBox-Business::8.html?MODsid=0263b2cbf6c2d8c2ef9717c3f161d294

Just curious: why did you configure the DNS server of blue equal to the IP address of the green network?

Is this a DNS server not running on the IPFire box itself?

If not, my IPFire has the IP address 192.168.0.1 so does the DNS and NTP server on green network.
On blue network, the interface got the IP address 172.18.0.1 and so does the DNS server and the NTP server.

2 Likes

looks like the vlan config in the switch is not correct. IPFire got the same dhcp request on both nics (green and blue) so i think green and blue are somwhere in the network connected together.

2 Likes

Thanks a lot for your help!

Is this a DNS server not running on the IPFire box itself?

yeah, right, the DNS Server is not running on the ipfire box directly, but on a machine within the green net. Via the firewall rules I’ve allowed to access DNS via the blue network.

looks like the vlan config in the switch is not correct. IPFire got the same dhcp request on both nics (green and blue) so i think green and blue are somwhere in the network connected together.

I’ve just checked again the config on my Netgear switch, but I can’t find anything wrong there.

On Port 1 of the switch a Unifi AP is connected (IP Address: 192.168.2.108)
On Port 2 of the switch another Unifi AP is connected (IP Address: 192.168.2.111)
I’ve a third Unifi AP, but the third one is a Mesh Access Point - so it’s not connected physically anywhere.

Port 13 is connected with the IpFire USB <-> Ethernet Dongle.

I’ve rebooted the switch and updated the Firmware on the switch (just to be sure), but unfortunately it’s still happening.

Can anyone think of something else I could check?

(I vaguely remember, that I’ve played a bit with VLAN tagging ~1 year ago, but I dropped that again in favor of port based VLANs. At that point the GUI was missing the zone editor, so I’ve edited some config files manually. Could it be possible that there are some leftovers that are messing with my network?)

Ok, I’ve now switched from the “basic port based VLAN config” to “advanced port based VLAN config” on my Netgear managed switch and reconfiured the VLANs there again, starting from scratch. I think it’s better now, as I haven’t seen the “wrong network” message in the Ipfire logs since yesterday.

But there seems to be a different DHCP related error now. In my DHCP Server Log I get a lot of those messages:

|23:55:00|dhcpd: |Remove host declaration fix2 or remove 192.168.1.20|
|---|---|---|
|23:55:00|dhcpd: |Dynamic and static leases present for 192.168.1.20.|

The strange thing however is, that according to the webui there are no dynamic DHCP leases assigned. Also the start address for dynamic DHCP leases on the green interface is 192.168.1.150 (see screenshot in first post). Does anybody know what’s going on here?

edit: I also updated Ipfire to the latest build yesterday…not sure if this is related?

Hi @schluchti

The DHCP server log message seems to me to possibly be indicating a mismatch between what you have on the WUI screen and what is in the dhcpd.conf and possibly what is still in the leases file.

Have a look in /var/ipfire/dhcp/dhcpd.conf to see if the fixed entries match up with your entries in the WUI and also the same for the dynamic range definitions.
Have a look in /var/state/dhcp/dhcpd.leases to see if 192.168.1.20 is present in there or not.

If you don’t find any differences between what is in the WUI and what is in the dhcpd.conf and dhcpd.leases files then I have no idea what is causing the message.

The best way to make the WUI and the dhcpd.conf and leases file match up is to disable the Green and Blue entries and save the screen. Wait a few seconds and then re-enable the Green and Blue entries and save again. Depending on how production critical IPFire is for you, this may need to wait for an appropriate time slot.

If you find a mismatch between any of your fixed leases between what is on the WUI and what is in dhcpd.conf then disabling that fixed lease removes it from the conf file and re-enabling it recreates it.

Disabling and saving will effectively clear the dynamic and global options parts of the dhcpd.conf file and clear all leases from the leases file and re-enabling and saving creates the dynamic and global options parts of dhcp.conf anew from the WUI entries.

Then we can wait and see if the error message returns. Hopefully not.

I run with VLAN tagging as you describe and I have no messages like yours in my logs with either Core Update 153 or 154 so if the messages return after the above steps we will need to have a further think.

Thanks a lot for your help @bonnietwin

I’ve just checked the two files you mentioned and everything seems to be okay. The IP 192.168.1.20 is correctly set in the /var/ipfire/dhcp/dhcpd.conf file, but is missing in the dhcpd.leases file. So to me it seems that the WebUI and the files on the filesystem are in sync.

When the DHCP issue appeared, I rebooted Ipfire. Since then, everything is working fine and the logs are looking good. Not really sure what has caused this, but it seems to be gone again - at least for now.

I’ll monitor the log files in case the issue appears again. Thanks for your help!

Glad everything looks to be working properly after the reboot.

:crossed_fingers: that it stays like that.

Good luck with the tagged VLANs.