DHCP client renewal breaking networking

[reetp]

Having issues with my network breaking when the dhcp client renews a lease.

I have two interfaces, one being an onboard LAN port (WAN1) and the other a USB ethernet port (WAN2).

Both get their IPs via DHCP.

The LAN/WAN1 port has a renewal of around 129600 seconds. The USB/WAN2 port is around 270 - 300 seconds.

I originally had an issue with DNS and access via the USB/WAN2 port (https://forum.opnsense.org/index.php?topic=433.0) which I believe is down to the provider on that port.

So I set the LAN/WAN 1 as the default gateway and it all seemed to worked OK. I then noticed that I periodically couldn't do DNS lookups with a 'no route to host'.

It seems that when the dhcp client runs it adds a default route to the wrong WAN port or the routing is broken altogether - I guess it must be ignoring a setting from the web panel somewhere.

May 18 15:04:01 OPNsense dhclient: Starting delete_old_states()
May 18 15:04:01 OPNsense dhclient: Comparing IPs: Old: 192.168.88.3 New: 192.168.88.3
May 18 15:04:01 OPNsense dhclient: Starting add_new_address()
May 18 15:04:01 OPNsense dhclient: ifconfig ue0 inet 192.168.88.3 netmask 255.255.255.0 broadcast 192.168.88.255
May 18 15:04:01 OPNsense dhclient: New IP Address (ue0): 192.168.88.3
May 18 15:04:01 OPNsense dhclient: New Subnet Mask (ue0): 255.255.255.0
May 18 15:04:01 OPNsense dhclient: New Broadcast Address (ue0): 192.168.88.255
May 18 15:04:01 OPNsense dhclient: New Routers (ue0): 192.168.88.1
May 18 15:04:01 OPNsense dhclient: Adding new routes to interface: ue0
May 18 15:04:01 OPNsense dhclient: /sbin/route add default 192.168.88.1
May 18 15:04:01 OPNsense dhclient: Creating resolv.conf

The default route should actually be (and remain as) 192.168.200.1

I think the problem might be in /usr/local/sbin/dhclient.ex under add_new_routes()

I've tried to fathom the problem but my command of route is not good.....

I can see that if the interface that has changed is not the existing default it fails the "if" at 224 and then it goes here:

234 else
235 $ROUTE add default $router
236 echo $ROUTE add default $router | $LOGGER
237 echo $router > /tmp/${interface}_router
238 fi
239 ADDED_ROUTE=yes
240 # 2nd and subsequent default routers error out, so explicitly
241 # stop processing the list after the first one.
242 break
243 done

I get a file called /tmp/ue0_router

Line 235 then sets the new IP as the default route.....

I can confirm that the new route gets used with traceroute.

root@OPNsense:/ # route default show
route to: default
destination: default
mask: default
gateway: 192.168.200.1
fib: 0
interface: em1
flags: <UP,GATEWAY,DONE,STATIC>
recvpipe sendpipe ssthresh rtt,msec mtu weight expire
0 0 0 0 1500 1 0

root@OPNsense:/ # traceroute www.opnsense.org
traceroute to www.opnsense.org (37.48.77.141), 64 hops max, 52 byte packets
1 192.168.200.1 (192.168.200.1) 0.301 ms 0.278 ms 0.357 ms
Blah....

Now the interface updates and we get the following:

root@OPNsense:/ # route show default
route to: default
destination: default
mask: default
gateway: 192.168.88.1
fib: 0
interface: ue0
flags: <UP,GATEWAY,DONE,STATIC>
recvpipe sendpipe ssthresh rtt,msec mtu weight expire
0 0 0 0 1500 1 0

root@OPNsense:/ # traceroute www.demon.net
traceroute to www.demon.net (162.13.61.33), 64 hops max, 52 byte packets
1 192.168.88.1 (192.168.88.1) 2.004 ms 1.844 ms 1.842 ms

root@OPNsense:/ # route show default
route: writing to routing socket: No such process
root@OPNsense:/ # ping www.demon.net
PING www.demon.net (162.13.61.33): 56 data bytes
ping: sendto: No route to host
ping: sendto: No route to host
^C
--- www.demon.net ping statistics ---
2 packets transmitted, 0 packets received, 100.0% packet loss
root@OPNsense:/ # ping 162.13.61.33
PING 162.13.61.33 (162.13.61.33): 56 data bytes
ping: sendto: No route to host
ping: sendto: No route to host
^C
--- 162.13.61.33 ping statistics ---
2 packets transmitted, 0 packets received, 100.0% packet loss
root@OPNsense:/ # ping www.opensense.org
PING www.opensense.org (64.99.80.30): 56 data bytes
ping: sendto: No route to host
ping: sendto: No route to host
^Cping: sendto: No route to host
ping: sendto: No route to host
ping: sendto: No route to host
^C
--- www.opensense.org ping statistics ---
5 packets transmitted, 0 packets received, 100.0% packet loss

I also get a state where the routing/network is broken completely

Latest log

May 19 16:07:45 OPNsense dhclient: Starting delete_old_states()
May 19 16:07:45 OPNsense dhclient: Comparing IPs: Old: 192.168.88.3 New: 192.168.88.3
May 19 16:07:45 OPNsense dhclient: Starting add_new_address()
May 19 16:07:45 OPNsense dhclient: ifconfig ue0 inet 192.168.88.3 netmask 255.255.255.0 broadcast 192.168.88.255
May 19 16:07:46 OPNsense dhclient: New IP Address (ue0): 192.168.88.3
May 19 16:07:46 OPNsense dhclient: New Subnet Mask (ue0): 255.255.255.0
May 19 16:07:46 OPNsense dhclient: New Broadcast Address (ue0): 192.168.88.255
May 19 16:07:46 OPNsense dhclient: New Routers (ue0): 192.168.88.1
May 19 16:07:46 OPNsense dhclient: Adding new routes to interface: ue0
May 19 16:07:46 OPNsense dhclient: Creating resolv.conf
May 19 16:07:50 OPNsense dhclient[29534]: bound to 192.168.88.3 -- renewal in 300 seconds.
May 19 16:12:45 OPNsense dhclient[4738]: DHCPREQUEST on ue0 to 192.168.88.1 port 67
May 19 16:12:46 OPNsense dhclient[4738]: DHCPREQUEST on ue0 to 192.168.88.1 port 67
May 19 16:12:48 OPNsense dhclient[4738]: DHCPREQUEST on ue0 to 192.168.88.1 port 67
May 19 16:12:51 OPNsense dhclient[4738]: DHCPREQUEST on ue0 to 192.168.88.1 port 67
May 19 16:12:59 OPNsense dhclient[4738]: DHCPREQUEST on ue0 to 192.168.88.1 port 67
May 19 16:13:19 OPNsense dhclient[4738]: DHCPREQUEST on ue0 to 192.168.88.1 port 67
May 19 16:14:05 OPNsense dhclient[4738]: DHCPREQUEST on ue0 to 192.168.88.1 port 67
May 19 16:14:36 OPNsense dhclient[4738]: DHCPREQUEST on ue0 to 192.168.88.1 port 67
May 19 16:15:11 OPNsense dhclient[4738]: DHCPREQUEST on ue0 to 192.168.88.1 port 67
May 19 16:15:19 OPNsense dhclient[4738]: DHCPREQUEST on ue0 to 192.168.88.1 port 67
May 19 16:15:32 OPNsense dhclient[4738]: DHCPREQUEST on ue0 to 192.168.88.1 port 67
May 19 16:15:54 OPNsense dhclient[4738]: DHCPREQUEST on ue0 to 192.168.88.1 port 67
May 19 16:17:02 OPNsense dhclient[4738]: DHCPREQUEST on ue0 to 255.255.255.255 port 67
May 19 16:17:02 OPNsense dhclient[4738]: DHCPACK from 192.168.88.1
May 19 16:17:02 OPNsense dhclient: RENEW

root@OPNsense:/ # ping www.demon.net
PING www.demon.net (162.13.61.33): 56 data bytes
ping: sendto: No route to host
ping: sendto: No route to host

root@OPNsense:/ # ping 162.13.61.33
PING 162.13.61.33 (162.13.61.33): 56 data bytes
ping: sendto: No route to host
ping: sendto: No route to host

root@OPNsense:/ # route show default
route: writing to routing socket: No such process

Not sure what else to do right now ! Happy to help debug this with some guidance.

[fichtner]

John, does this still happen for you?

[reetp]

Not tested latest release as I have been up to my in other stuff but will test for you

[fichtner]

Thanks, clearing out/pinging tickets to see where we're at. Feedback is enough. Take your time. :)

[fichtner]

Timeout. :(