Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - Slinx

Pages1

25.7 Series / Re: [25.7.1] dnsmasq-dhcp no leases left

August 03, 2025, 11:52:05 AM

Update

I found the source of this issue.

I reached DHCP max leases in dnsmasq (default: 1000)

Code Select

opnsense:~ $ cat /var/db/dnsmasq.leases | wc -l
    1000

After further searching, I see two Meross Smart Plugs with DHCPv6 causing trouble in another network.
They obtain an address every ~30 seconds and inflate the lease file.

Code Select

opnsense:~ $ cat /var/db/dnsmasq.leases | grep 48:e1:e9:eb:bb:1c | wc -l
    484

Code Select

opnsense:~ $ cat /var/db/dnsmasq.leases | grep 48:e1:e9:eb:b6:c9 | wc -l
    509

Workaround

I don't know why this happens, but with ISC DHCP, I didn't see as many leases for these devices.
I temporarily increased the DHCP max leases to 2000 and stored the two MAC addresses as hosts with the ignore option.
So that they do not obtain any further IPv6 addresses via DHCP.

25.7 Series / [SOLVED] 25.7.1 dnsmasq-dhcp no leases left

August 02, 2025, 03:31:05 PM

Hi everyone,

A few weeks ago, I migrated ISC DHCP to dnsmasq-dhcp.
I have now successfully upgraded to 25.7.1.

However, my DHCP leases are exhibiting strange behavior.
I am provisioning new VMs in a network with sufficient free leases and am receiving the following log messages.

Do you have any idea why this is happening? The configuration looks fine to me.

WebUI dnsmasq debug log:

Code Select

2025-08-02T14:52:42 Informational dnsmasq-dhcp DHCPNAK(lagg0_vlan30) 10.0.30.29 bc:24:11:56:8c:be no leases left
2025-08-02T14:52:42 Informational dnsmasq-dhcp DHCPREQUEST(lagg0_vlan30) 10.0.30.29 bc:24:11:56:8c:be
2025-08-02T14:52:42 Informational dnsmasq-dhcp DHCPOFFER(lagg0_vlan30) 10.0.30.29 bc:24:11:56:8c:be
2025-08-02T14:52:42 Informational dnsmasq-dhcp DHCPDISCOVER(lagg0_vlan30) bc:24:11:56:8c:be
2025-08-02T14:52:07 Informational dnsmasq-dhcp DHCPNAK(lagg0_vlan30) 10.0.30.29 bc:24:11:56:8c:be no leases left
2025-08-02T14:52:07 Informational dnsmasq-dhcp DHCPREQUEST(lagg0_vlan30) 10.0.30.29 bc:24:11:56:8c:be
2025-08-02T14:52:07 Informational dnsmasq-dhcp DHCPOFFER(lagg0_vlan30) 10.0.30.29 bc:24:11:56:8c:be
2025-08-02T14:52:07 Informational dnsmasq-dhcp DHCPDISCOVER(lagg0_vlan30) bc:24:11:56:8c:be

dnsmasq config for network 10.0.30.0/24:

Code Select

opnsense:~ $ cat /usr/local/etc/dnsmasq.conf | grep 10.0.30.
dhcp-range=tag:lagg0_vlan30,10.0.30.2,10.0.30.50,255.255.255.0,14400
dhcp-host=3e:fc:21:0e:5e:81,10.0.30.2,vm1
dhcp-host=bc:24:11:d8:81:92,10.0.30.3,vm2
dhcp-host=bc:24:11:30:b8:85,10.0.30.4,vm3
dhcp-host=90:09:d0:4c:22:6b,10.0.30.10,vm4

dnsmasq leases for network 10.0.30.0/24:

Code Select

opnsense:~ $ cat /var/db/dnsmasq.leases | grep 10.0.30.
1754201733 bc:24:11:b4:19:a9 10.0.30.37 backup-test ff:57:36:dc:9a:00:02:00:00:ab:11:fd:56:83:cf:f9:62:ff:30
1754150452 bc:24:11:30:b8:85 10.0.30.4 vm3 01:bc:24:11:30:b8:85
1754206280 bc:24:11:d8:81:92 10.0.30.3 vm2 01:bc:24:11:d8:81:92
1754206560 3e:fc:21:0e:5e:81 10.0.30.2 vm1 ff:21:0e:5e:81:00:01:00:01:2b:38:9c:ad:2a:70:69:e5:3a:14
1754214126 bc:24:11:f7:ab:4b 10.0.30.30 * ff:74:09:e9:13:00:02:00:00:ab:11:84:27:b0:9c:75:71:23:85
1754150115 bc:24:11:ed:8f:58 10.0.30.17 ubu-int-vm-1 ff:74:09:e9:13:00:02:00:00:ab:11:5c:77:0f:46:4c:df:89:0a

dnsmasq hosts for network 10.0.30.0/24:

Code Select

opnsense:~ $ cat /var/etc/dnsmasq-hosts | grep 10.0.30.
10.0.30.2       vm1
10.0.30.3       vm2
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.4       vm3
10.0.30.4       vm3 alias
10.0.30.10      vm4
10.0.30.10      vm4 alias
10.0.30.10      vm4 alias
10.0.30.10      vm4 alias
10.0.30.10      vm4 alias
10.0.30.10      vm4 alias
10.0.30.10      vm4 alias
10.0.30.10      vm4 alias
10.0.30.10      vm4 alias

24.7, 24.10 Series / Re: Bug in Unbound configuration prevents IPv6 communication to DNS servers

July 16, 2025, 09:48:20 PM

Quote from: Ben S on January 07, 2025, 01:10:39 PM
Quote from: schnipp on December 22, 2024, 10:37:08 AMMy WAN interface configuration:
- DHCPv6
- Only request IPv6 prefix
- Sent Prefix Hint
- IPV6 Privacy Extensions enabled

OPNsense 24.7.11_2-amd64

My reading of the code is that in this case it would use the link-local address as you have seen. It looks as if setting the 'Optional prefix ID' under Settings > WAN > DHCPv6 may cause it to use the GUA, if that's something you can try (i.e. if the prefix for your ISP is bigger than /64 and you can assign a /64 to your WAN interface).

This is exactly the behavior that I can reproduce. The workaround with "Optional prefix ID" has helped.

Without set "Optional prefix ID":

Code Select

> cat /var/unbound/unbound.conf | grep outgoing-interface

outgoing-interface: 192.168.0.2
outgoing-interface: fe80::e63a:6eff:fe61:cbe0%lagg0_vlan4001

With set "Optional prefix ID":

Code Select

> cat /var/unbound/unbound.conf | grep outgoing-interface

outgoing-interface: 192.168.0.2
outgoing-interface: 2a02:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:cbe0

Version: 25.1.10
Architecture: amd64
Commit: 0b8e414bf

Pages1