OPNsense Forum
Archive => 23.1 Legacy Series => Topic started by: ibexcentral on May 27, 2023, 06:12:25 am
-
Hi
I have a Fritzbox 7530 in bridged mode with Cloudflare DNS override and OpnSense router plugged into the Fritzbox servicing my LAN.
My internet connection from LAN is getting dropped multiple times a day with Internet connection failed: Reason for error: 4 (DHCPv4 nak)
Does anyone have any idea why? log from FritzBox below, does OpnSense request DHCP on some form of time basis or something:
27.05.23 13:33:04 Internet connection established successfully. IP address: 101.179.113.22, DNS server: 61.9.211.33 and 61.9.211.1, gateway: 101.179.127.254
27.05.23 13:32:58 IPv6 prefix obtained successfully. New prefix: 2001:8003:6409:9700::/56
27.05.23 13:32:58 IPv6 internet connection established successfully. IP address: 2001:8003:f00:7202:6861:e384:a8c2:cb57
27.05.23 13:32:55 IPv6 internet connection was cleared; prefix no longer valid.
27.05.23 13:32:55 Internet connection cleared.
27.05.23 12:29:48 Internet connection failed: Reason for error: 4 (DHCPv4 nak)
27.05.23 01:48:20 Internet connection established successfully. IP address: 101.179.113.22, DNS server: 61.9.211.33 and 61.9.211.1, gateway: 101.179.127.254
27.05.23 01:48:15 Internet connection cleared.
27.05.23 01:48:15 Internet connection failed: Reason for error: 4 (DHCPv4 nak)
27.05.23 00:29:46 Internet connection failed: Reason for error: 4 (DHCPv4 nak)
26.05.23 13:59:09 IPv6 prefix was updated successfully. New prefix: 2001:8003:6415:a200::/56
26.05.23 13:59:04 IPv6 prefix obtained successfully. New prefix: 2001:8003:6415:a200::/56
26.05.23 13:59:04 IPv6 internet connection established successfully. IP address: 2001:8003:f00:7202:6cf2:9ac1:855:745
26.05.23 13:59:04 Could not obtain IPv6 prefix. Reason for error: 4000 (lease timed out)
26.05.23 13:59:04 IPv6 internet connection was cleared; prefix no longer valid.
26.05.23 13:48:15 Internet connection established successfully. IP address: 101.179.113.22, DNS server: 61.9.211.33 and 61.9.211.1, gateway: 101.179.127.254
26.05.23 13:48:12 Internet connection cleared.
26.05.23 13:48:12 Internet connection failed: Reason for error: 4 (DHCPv4 nak)
26.05.23 12:29:41 Internet connection failed: Reason for error: 4 (DHCPv4 nak)
26.05.23 01:48:11 Internet connection established successfully. IP address: 101.179.113.22, DNS server: 61.9.211.33 and 61.9.211.1, gateway: 101.179.127.254
26.05.23 01:48:10 Internet connection cleared.
26.05.23 01:48:09 Internet connection failed: Reason for error: 4 (DHCPv4 nak)
26.05.23 00:29:38 Internet connection failed: Reason for error: 4 (DHCPv4 nak)
25.05.23 13:59:04 IPv6 prefix was updated successfully. New prefix: 2001:8003:6406:9100::/56
25.05.23 13:23:52 Internet connection established successfully. IP address: 101.179.113.22, DNS server: 61.9.211.33 and 61.9.211.1, gateway: 101.179.127.254
-
does OpnSense request DHCP on some form of time basis or something
Yes, that is part of the DHCP protocol. The server sets a time limit on the leased IP address and if the client keeps running, it requests a renewal half way that time. In your case that looks around 12 hours, so a lease time of 24 hours.
Do a packet capture on the WAN interface around the time of the renewal and confirm that OPNsense sends out a DHCP renewal request over UDP and what happens with it.
https://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol
Bart...
-
Hi Bart,
Thanks for the response.
Do a packet capture on the WAN interface around the time of the renewal and confirm that OPNsense sends out a DHCP renewal request over UDP and what happens with it.
Is there something in OpnSense to capture packets or should I use Wireshark?
If this is the case what you say, is there a fix?
Only way I have found so far is to login to the Fritzbox and click reconnect and it does and get a connection and IP from Telstra ISP. But is there something in OpnSense that can be changed to automatically do something to resolve this?
Sorry for the newb questions.
-
Interfaces: Diagnostics: Packet Capture
Save it to your machine and open the file in Wireshark. Hopefully there will be something there that guides you to a fix.
Don't feel bad, everybody had to learn computing ever since the abacus ;)
-
Hi,
Thanks, the setup I have is below, is this referred to as double NAT? Image attached from Fritzbox the IP's provided downstream are from the Fritzbox and OpnSense is providing IP's to other LAN clients.
Setup:
Telstra NBN (ISP) PPPoE > Fritzbox (Public IP & DHCP 192.168.200.x) > OpnSense (WAN gets IP from Fritzbox) (LAN DHCP 192.168.100.x, DNS 1.1.1.1 etc) > Lan Clients (Get IP from OpnSense)
note Fritzbox does not support bridge mode but does support PPPoE passthrough and that is what I have setup. Do you think the DHCP issue is related to this setup in that OpnSense is requesting DHCP and when doing so Fritzbox drops the connection with Telstra?
I purchased the Fritzbox because it alluded to being able to be a modem bridge but not sure it actually is:
(Computers or router connected to the FRITZ!Box can use PPPoE passthrough to establish additional PPPoE internet connections using their own account information. In this case, the FRITZ!Box acts as a DSL modem for the devices. For example, when using your computer for home office, you can use an additional internet connection with your own account information that your employer provided to you just for home office.)
I found a genuine bridge mode modem and it appears that the public IP is passed to downstream router OpnSense https://www.draytek.com.au/products/adsl-vdsl-modem-routers/vigor167/
What do you think?
-
More settings
-
Did you untick the ' Block private networks' option on your WAN interface? Otherwise OPNsense will ignore the (private) 192.168.200.0/24 network.