DHCP reservation not working correctly sometimes

Comments

30 comments

  • Avatar
    Derek Breydin

    I think ther behaviour you are seeing is similair to what I am, the only difference is I dont have a static IP set at the device end so it will stay online just with an IP that is not expected.

    With your use case\scenario its possible that as they are vritual nic's the MAC's have changed along the way as that happened to me previously (I had it happen migrating VM's between HyperV hosts) but again you would still expect the old mac\reservation to show in the application\reservation list if that was the case (I am not saying it is the case I am just speaking from previous experience on dealing with VM's)

    I guess the data for what device has what static IP and address reservations must be hard coded in a file somewhere on the box, if it is I would be happy to look through and do a comparision using the APP and SSH to remove any devices that should no longer be there but thinking deeper into this the Firewalla APP\Box should be smart enough to ensure 1 MAC cannot hold multiple reservations if that even is what is happening here, it may not be who knows I just assume that is the case as I know I had other MAC's resvering those addresses previously before I moved them.

    1
    Comment actions Permalink
  • Avatar
    Derek Breydin

    I suspect you are right as today I noticed that my printer which I originally set up in firewalla as reserved as IP ending 192.168.25.100, I noticed that the printer had disappeared from the list so I turned it on over the weekend and it picked up a DHCP Reservation as .93 even although when checking in the app it shows reserved .100, no other devices should have taken this IP as far as I am aware.

    In my honest opinion it really need a support call logged with Firewalla to understand what is going no but I just don't have the time with work commitments at the moment, it is a problem yes but not causing me any major head aches as of yet

    1
    Comment actions Permalink
  • Avatar
    Firewalla

    @Derek, let me help you chase down the engineers this time.  Having to go through the hoops of bringing back a sleeping device is definitely a bad behavior on our software.    I Will see if we can get this fixed. 

    1
    Comment actions Permalink
  • Avatar
    Firewalla

    According to our developers, fixes to both problems will be fixed in 1.972, and soon the code will be in early access when it updates. 

    1
    Comment actions Permalink
  • Avatar
    Firewalla

    @Derek, I have created a ticket for you.  Will get a developer to follow up and see what's is happening. 

    1
    Comment actions Permalink
  • Avatar
    Derek Breydin

    Hi Dave,

    I have a dhcp pool of 25 IP's that end between 75-100. I have lots of other devices assigned outwith that pool below .75 and never have a really have a problem with those devices, it only seem to be with devices that are offline for periods of time for whatever reason, when they come back online is when the issue would be seen and I believe that is fixed if you read on below you will see what happened in my case.

    Support contacted me and it turns out the device I had an issue with had a conflict as I had the same reservation set on 2 separate interfaces but I didn't notice this as one of the devices had been offline for sometime and it had disappeared from the device list screen.

    The support from the developer who contacted me was great and I added some feedback of that I think would improve the situation and prevent others from running into the same issue and they agreed with what I put forward and will build it into the next release.

    The feedback from me was the following 2 points which they agree is sensible and do-able and should prevent any further occurrences for myself and others.

    - Devices cannot disappear from the device list screen if a reserved IP is set up
     (Only non-reserved IP\dhcp devices should disappear when the lease expires if the device is offline, if online it should renew the lease)
    - Error should be flagged with prevention of a second device having the same address reservation if it is set elsewhere on another device
    1
    Comment actions Permalink
  • Avatar
    Firewalla

    How are you setting up the network interfaces on your virtual machines? they have their own MAC addresses? or they share with the host?

    0
    Comment actions Permalink
  • Avatar
    Stacy Haven

    They have their own static MAC addresses. There is a virtual switch on the ESXI host that routes the network traffic.

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Can you check your app version? it should be 1.43 now in the app store.  Yours is 1.42 still 

    0
    Comment actions Permalink
  • Avatar
    Stacy Haven

    It is showing the app version as 1.43(23). It shows that it updated on Dec 14th. 

    0
    Comment actions Permalink
  • Avatar
    Derek Breydin

    Hi,

    Did you ever get to the bottom of this, I seem to be seeing some strange behaviour with address reservations too.

    I had a load of devices all on one network, I have been slowly moving devices into different VLAN, I moved a couple of Wifi Plug sockets I to a different VLan on a different subnet, these devices used end .50 and .51

    I recently installed a new laptop and I set it's lan to reserve .50 and wifi to reserve .51 but when the device comes on the network it doesnt pick .50 or .51 up.

    If I log into windows on that PC and perform an IPconfig /all it looks like the DHCP Address that is leased is showing as preffered in windows, if I perform /release /renew or power the device off and back on it still doesnt pick up what I reserved in the app. I have the app set to filter devices by IP and you can easily see no other IP exists on that address.

    I am wondering if the device still exists under the old reservation but not showing in the app as it is now on a different vlan\subnet?

    0
    Comment actions Permalink
  • Avatar
    Derek Breydin

    I should add to above I am using the gold in router mode with a cable modem plugged into the WAN port.

    I have one of the LAN ports enabled which is connected to a 24 port smart managed netgear swtich, I also have a wireless access point attached to the same switch which has a couple fo SSID's set up with different VLAN's. the devices on other vlans are a varation of wired and wireless.

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Can you please check the reservation or the IP getting reserved was allocated to another device? or it been allocated to a device a while back?

    0
    Comment actions Permalink
  • Avatar
    Derek Breydin

    It was allocated to a device a while back, the ip for it was 192.168.25.50, I moved that device to another vlan/subnet a few weeks ago now, thew new ip for that device is now in the 192.168.50 range, 2-3 days ago I then added a new device, I assigned 192.168.25.50 to the new device, when the new device was added it reserved 192.168.25.88 via DHCP, in the app I changed it too 192.168.25.50, the app said the device needed a rejoin for the new ip, no matter how many reboots of the device or firewalla router, switch and access point it won't lease 192.168.25.50 it always seems to take 192.168.25.88 even after an ipconfig /release /renew, its like the old device still has the reservation even although thats now on another vlan with the new ip address reservation which is in the 192.168.50 range

    0
    Comment actions Permalink
  • Avatar
    Derek Breydin

    you can see here .50 and .51 dont exist.

     

    DHCP Leased .88

    but reserved as .51 in the app

    Same again with the Lan port

    Assigned .50

    I have 1 weeks lease time set in this network but would assume the device should still show as present on the first screen if the lease had not expired yet.

     

    0
    Comment actions Permalink
  • Avatar
    Derek Breydin

    Hi Bob,

    That sounds simple enough to do if I knew what device previously had that IP, I have various smart home devices, WiFi smart plugs ect, I dont know what one had the IP ending .50 or .50 and to make matters worse there was more than 1 device moved over, there was around 10 devices moved into a IOT VLAN and I dont know what macs were mapped to what IP's so its not going to be an easy task to do.

    To me it feels like this is a fundemental flaw in the software, surely if I move a device the MAC should move freeing up the reservation?

    Thats certainly how its worked in all the other routers I have owned, if the reservation still existed I would expect you should stil be-able to that reservation no matter if it exists in LAN 1 or VLAN 50.

    The device is aimed at consumers as well as businesses so it should be smart enouhg to handle moving a device I would have thought, it me this feels like a bug rather than user error!

    0
    Comment actions Permalink
  • Avatar
    Stacy Haven

    I am still waiting for a reply to my last response to the Firewalla team. Happening once is a fluke in my book. Twice, I still consider this an anomaly. However, given how many times I have seen it and multiple times with the same device there is something wrong with a device receiving its address.

    0
    Comment actions Permalink
  • Avatar
    Stacy Haven

    I may not have been clear in my original post, but I am not using static on the device. The device is set to DHCP and then I set the reservation in the Firewalla Gold. I definitely considered that it might be an issue with the VM mac addresses, but considering that I have had VM's running with no issues for roughly 5 years it would seem that it is something with the DHCP server. I only added the Firewalla Gold in March and it was shortly after that that I started to see issues with the reservations being ignored.

     

    0
    Comment actions Permalink
  • Avatar
    Stacy Haven

    Well voting on the issue is what gets attention. They are usually pretty good with things. This has been one of the more interesting issue I have come across. Overall it is a great product IMO. 

    0
    Comment actions Permalink
  • Avatar
    Derek Breydin

    Just thought I would come on here and update, it looks like my app has updated as I now have new views and it also seems the issue that I had previously is resolved, guessing the update may have resolve the issue, hope yours is resolved too and fully agree it is a great product and well worth the money.

    0
    Comment actions Permalink
  • Avatar
    Stacy Haven

    So now I have had another issue related to DHCP. I had a raspberry pi boot and get a dynamic IP. I went in and set it to use a static and set the IP . I then rebooted the device. The next time it came up it was on another dynamic IP. The device was hard wired to the network. I tried rebooting it a few times and kept getting the dynamic IP. I finally had to just set it static on the device.

    0
    Comment actions Permalink
  • Avatar
    Derek Breydin

    I thought this issue was resolved until last night, I turned my wireless printer on, it has an address reserved as 192.168.25.100.

    All my DHCP Clients should be in the range of 192.168.25.76 - 192.168.25.99.

    Turned the printer on last night, had issues printing again checked the printer and low and behold the IP had been changed, it is now on 192.168.25.84.

    So as I have had much frustration with this I logged a ticket with Firewalla, turns out this behaviour is expected here.

    What I noticed happening is that after a device has been offline 7 days (Like my printer) the device then disappears from the reservation list in the application, I also have a 7 days lease time set up for DHCP Clients. When you power the device back on after it had disappeared the reservation you set previously is not held and a DHCP address is then assigned however upon checking the device you can see you reservation is still present although it assigned a DHCP address and not the reserved address.

    So I then logged the ticket and I got the following reply:

    "Hi,

    The box will only apply reserved IP assignment for the devices that have been active in the last seven days. So if the device reappears, the IP reservation configuration may not be in place at that time. But if you reconnect the device to your network after it is detected as online, the previous configuration should work.


    Thanks"

    I have replied to above message asking if the behaviour can be changed as in my mind this isnt how address reservation should work, any routers I have owned in the past when you set a reservation it means that address is always reserved no matter if the device has been active previously or not so the next time that device comes on the network the correct address is assigned.

    Also if you are using address reservation to assign IP's that are out of the DHCP Scope and you have a lot of devices the reservation can be a way to track what device you have set what IP's, if you have say 70 devices and 20 off them are offline for a week or 2 you may then get yourself into a situation where you assign an address to a device that exists but is no longer present as it has been offline for a week.

    Also its taken me a while to track down what was happening here and I don't think a router and address reservation should be set up like this. I have also confirmed that what was said by Firewalla support above is true so if you then power the device off and on again the correct address is assigned (Guessing if another device has taken the IP then it will never be assigned which kind of defeats the purpose of reserving the address in the first place)

    0
    Comment actions Permalink
  • Avatar
    Stacy Haven

    @Firewalla, is there a chance this will fix the items above as well? Not being able to trust that a device will stay on the same address makes it difficult to have an organized network. And setting all items to static is problematic as I am sure you can imagine?

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    @stacy, will have them read this thread. 

    0
    Comment actions Permalink
  • Avatar
    Derek Breydin

    Great news, thanks!

    0
    Comment actions Permalink
  • Avatar
    Derek Breydin

    So after waiting months for 1.972 to be released it looks like this issue is still present and has not been fixed, pretty poor and I cannot believe basic functionality like this is still missing after more or less 10 months of ownership.

    When devices are offline for a period of time they disappear from the device list screen and when they come back online they tend to come back online with a dhcp address rather than an address that I have set as reserved IP which results in all sorts of havoc happening on my network from time to time.

    This is what I would class as the basics for a router, to have paid + £250 upwards and for it not to be-able to get this right is poor in my honest opinion, How do we move forward from here?

    I am actually shocked that something so simple can be so fundamentally wrong!

    It should be really simple, any device that has a reserved IP should not disappear from the device list screen and it should always get the IP you have had reserved when it comes back online no matter how long it has been offline for prior to bringing it back online! 

    0
    Comment actions Permalink
  • Avatar
    Derek Breydin

    Thanks, if you need anything from me just let me know.

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    our developer will contact you through the case

    0
    Comment actions Permalink
  • Avatar
    Dave Komaromi

    I believe the issue is when you set a reservation to an address "outside of the DHCP pool" configured for the VLAN itself.  So if you are trying to use reservation to give a node .201 for example, and the pool is from 100 - 200, it wont actually get an address and revert back to what it had before, or some other address even outside of the pool.  I replicated this, and it was really frusterating.

    0
    Comment actions Permalink
  • Avatar
    Bob O'Hara

    If the address was previously reserved for a device you have moved to a different VLAN, you must move the device back to the original LAN and change its allocation back to dynamic. This should free the address in the dhcp pool, allowing you to allocate it to another device and move the original device onto its new VLAN.

    -1
    Comment actions Permalink

Please sign in to leave a comment.