DHCP reservations not working.
I have the Firewalla gold.
I am trying to get dhcp reservations for devices. But it simply does not work.
I have a device with say IP x.x.x.5, I make a reservation and say it needs to get x.x.x.10. The reservation is shown in the hosts file. But it does not get applied.
Ok, so I do a sudo systemctl restart firerouter_dhcp command. It still does not get applied, but uses the old .5 IP address.
Alright: I remove the IP address from .../run/dhcp/dnsmasq.leases ánd do a sudo systemctl restart firerouter_dhcp .
Next step: I set a static lease/reservation for the x.x.x.5 address to a DIFFERENT machine, so that that will get the .5 address and it can no longer be given to the machine that needs the .10 address. Does not work: the other machine just get's it's previous address too :(
As far as I can tell the Firewalla is granting the old IP address to the device when it requests it. Instead it should give a nack (negative acknowledgement) and provide a correct address.
I already have a support ticket open for this, and I am sure Firewalla will help me. But I just want to know if anyone else is facing this issue. I think the implementation of the dhcp reservation is incorrect and should be altered.
Yes I have. Or at least: pulled the plug and turned it back on again. The devices are things like air quality monitors, printers and lights so I cannot really reboot them. If it where servers or workstations I would simply give them a static ip on the host side :(
And ofcourse I tried all this using the Firewalla app first.
Well, I got all the IP's assigned (for now) but it has been a hassle. Firewalla support has been great though!
One of the issues with me was that a reservation was made for a device that had been offline for a while (couple of weeks). This device did not show up in the Firewalla app when I searched for it. Also: I was able to assign that IP address to a _different_ device that I was configuring! It did not throw an error or a warning. Good news is: it did not hand out the IP to the new device either, it just received a dynamic one.
After powering on the device with the old reservation I found that in the Firewalla app and could give it a different reservation. After that the old and the new devices both received their correct addresses after a power cycle. So this might be something to look at if you are having issues.
I already let Firewalla know they should fix this. It should not be possible to hand out an already reserved IP address ever. Not when the device is offline nor when it is online.
@Mark, in my experience with any router, often it is tricky setting up IP reservations. Typically you boot up on a network with devices. they have IP addresses already unless it is a brand new network. So you start in a place that may not be where you want to end up.
Each reservations comes with a limited lifetime. Often 24 hours but it can be anything that the DHCP server defined. I've seen people recommend not making them really short periods because there is overhead in requesting IP addresses.
So you you come in and start trying to set up your IP reservations and some of them may currently conflict because those addresses were handed out already. It is often a bit of a game of rebooting the devices and the DHCP server until everything is freed up. When I did mine, I thought Firewalla handled it well. It let me assign a fixed IP address but I could tell that that wasn't in place yet. It would come to life after the previous IP address had expired and the device asked for a new address whenever that was. As the DHCP server, Firewalla can't force a device to give up an IP address that it assigned. That only happens when the IP reservation expires.
Since Firewalla is good at assigning LAN names I have moved off fixed IP addresses for some devices that I used to assign fixed IPs for. I can generally trust that "device.lan" will be there so instead of calling it by IP I use that. In rules and port forwarding Firewalla makes fixed IPs less necessary. So I let more devices be DHCP than I used to.
Once everything is set up I haven't seen Firewalla give out any assigned IP addresses to a device that shouldn't have it. This is just a one time set up problem.
Hope this helps.
Please sign in to leave a comment.