I am having an issue where when I set an IP manually that is not inside of the DHCP pool DNS also has to be set manually. I have read that the static reservations cause issues via the opnsense UI so I have set the IPs for machines that need to not change via the IPv4 setting in Control Panel > Network and Internet > Network Connections.
I have noticed that for devices that pick up DHCP addresses the DNS resolves to the .1 of my LAN subnet. (i.e. 192.168.1.1).
Once I change the DNS to 8.8.8.8 the internet works as expected as does DNS. Is there any way to set this in the UI? I have looked but have found nothing useful.
Any help is greatly appreciated.
You can of course make individual static reservations by settings each client device to a static IP address, but I find that I'm loosing track that way very easily.
So I am using OPNsense to manage those static reservations and leave each device in DHCP mode. In OPNsense you have two options for DHCP servers, ISC and KEA. I'm currently using ISC v4, even though development on it has apparently stopped. For each interface you have on the bottom the feature to add static leases. I'd make sure that those leases are outside of the DHCP range. KEA works in a similar way.
Re. DNS: Do your dynamic reservations resolve properly? If so, your new "static" reservations in ISC or KEA will also work a similar way, since OPNsense would propagate itself as name server for those devices as well.
My Dynamic Reservations resolve properly but my static ones that are outside of the pool do not unless I specify DNS in the configuration.
Quote from: speener24 on August 22, 2024, 03:07:25 AM
My Dynamic Reservations resolve properly but my static ones that are outside of the pool do not unless I specify DNS in the configuration.
Then once you let OPNsense handle your static reservations as well, those devices will get the proper DNS server (e.g. 192.168.1.1) as well. One of the many reasons to configure your static reservations in a central location.
P.S.: As you are still testing this, I suggest to lower the default DHCP lease time and the maximum DNS lease time. (e.g. 600 seconds for the former and 3600 seconds for the latter). If you're using ISCv4 as DHCP server, that setting has to be maintained for each interface. (You may need to restart your DHCP service to activate those changes in lease times.)
Then connect the first device to get a static IP address, copy the MAC address from the "Leases" page and then create a static lease for that MAC address (within the subnet for that interface, but outside the dynamic DHCP pool).
Repeat that for all devices and - once each device renews its lease - it will pick up the new static IP address. Once that has happened, you can go in an change the lease times to something at bit longer (or just clear those fields to get the default values). (Once again you may need to restart your DHCP service to activate those changes in lease times.)
I think that is not the point that speener24 is trying to make.
If you look at the resulting dhcp configuration file at /var/dhcpd/etc/dhcpd.conf, you will find something like this:
subnet 192.168.100.0 netmask 255.255.255.0 {
pool {
range 192.168.100.100 192.168.100.190;
}
option routers 192.168.100.1;
option domain-name "mydomain";
option domain-search "mydomain","iot","dmz";
option domain-name-servers 192.168.100.1;
default-lease-time 28800;
max-lease-time 86400;
option ntp-servers 192.168.100.1;
}
host s_lan_0 {
hardware ethernet d6:35:77:88:22:99;
fixed-address 192.168.100.3;
option host-name "astronaut";
set hostname-override = config-option host-name;
}
host s_lan_1 {
hardware ethernet 40:17:7e:37:ff:55;
fixed-address 192.168.100.5;
option host-name "elephant";
set hostname-override = config-option host-name;
}
Although it would seem that the fixed reservations are outside of the subnet scope, I still get all the options inherited when I look at what is communicated via "tcpdump -i igc0 port 67 or port 68 -e -n -vv".
I think I remember that DHCP drops options arbitrarily when the packet size is overrun, so maybe you have too many / too long options?
I think maybe I wasn't specific enough when I wrote my initial post.
Before I ever installed opnsense I tried to do my research on the software. I had my network configured with Versa SDWAN (as I used to work with a company that utilized Versa and had access to free software and equipment).
Basically, I got laid off but still wanted to have a router at the top of my network for protection, analytics and IP schema. So I wiped the box and put my own OS on it. I still wanted all of the cool and secure stuff. I read online that the static reservations that are made inside of the DHCP pool for OPNsense CAN get overridden by the router handing out new DHCP to those addresses. I made my pool as follows:
Network: 172.24.69.1/24
Pool: 172.24.69.50 Through the .200.
I gave the 2 gaming PC's that I have .14 and .15, obviously outside of the pool, and I had to go into the Ethernet Properties to manually set the IP, DNS, and GW.
I was hoping there was an easier way to accomplish the manual setting of the IP and DNS so that for every entry I chose to make static I could mange it easier instead of having to do it via the device I could manage it at the network level. I am brand new to OPNsense so maybe I am just not familiar enough with the software but I could not find a solution to this anywhere online or on the forum.
If you leave the field " DNS servers" blank in Services > ISC DHCPv4 (you haven't said if using another dhcp server), then the clients "should" get the lan ip of the network as also the dns server in the lease.
Isn't that the case? Sounds like no but meyergru is nicely getting the question back on track.
So, check you are getting that at or to the client please.
Now I see, you have set the fixed IPs in your clients - of course you need to set all properties there in this case, there is no "get the DNS server via DHCP but set the IP to this specific value".
I would choose to create a static reservation for the PC's MAC in the DHCPv4 settings (Services: ISC DHCPv4: [LAN]), it is way down where you can add static DHCP mappings. This way, you only override the IP for this reservation, inheriting all other settings from the interface. Note that the client must be set to DHCP and it gets all settings from OpnSense in this case.
As others have said, use opnsense dhcp for static mappings instead of on the devices themselves. Also I would recommend using additional dhcp pools for devices you want outside of the main pool range.