Huge DHCP logfiles - and no idea how to stop it

Started by brot, February 17, 2025, 09:57:29 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 17, 2025, 09:57:29 AM
Hello everyone,

first of all, thank you for this awesome project. I am running OPNsense 25.1-amd64 on a KVM virtual machine on my "nas". Each VLAN (home,iot,guest) has its own interface, and i am happy to have 1 Gbit/s fiber internet connection (via PPPoe).

I am facing a problem: The dhcp logfiles are growing quite large. Since i am not sure if it is a bug, or that maybe i have made some mistake, i thought i will look for help here.

The logfiles are growing at 3,5GB / day, so i have to schedule deletion of the logfiles frequently otherwise i will run out of space.

Code Select
-rw-------  1 root wheel  3.5G Feb 15 00:00 dhcpd_20250214.log
-rw-------  1 root wheel  3.5G Feb 16 00:00 dhcpd_20250215.log
-rw-------  1 root wheel  3.5G Feb 17 00:00 dhcpd_20250216.log

The logfiles are flooded with the same messages over and over again:

Code Select
<190>1 2025-02-16T00:00:00+01:00 OPNsense.lan dhcpd 28149 - [meta sequenceId="13"] Renew message from fe80::2e59:e5ff:feef:882f port 546, transaction ID 0xC7B89D00
<190>1 2025-02-16T00:00:00+01:00 OPNsense.lan dhcpd 28149 - [meta sequenceId="14"] Reply NA: address 2001:(...):2000 to client with duid 00:03:00:01:2c:59:e5:ef:88:2f iaid = 3 valid for 7200 seconds
<191>1 2025-02-16T00:00:00+01:00 OPNsense.lan dhcpd 28149 - [meta sequenceId="15"] Reusing lease for: 2001:(...):2000, age 1732 secs < 25%, sending shortened lifetimes - preferred: 1, valid 5468
<190>1 2025-02-16T00:00:00+01:00 OPNsense.lan dhcpd 28149 - [meta sequenceId="16"] Sending Reply to fe80::2e59:e5ff:feef:882f port 546
<190>1 2025-02-16T00:00:00+01:00 OPNsense.lan dhcpd 28149 - [meta sequenceId="17"] Renew message from fe80::2e59:e5ff:feef:882f port 546, transaction ID 0x38C1ED00
<190>1 2025-02-16T00:00:00+01:00 OPNsense.lan dhcpd 28149 - [meta sequenceId="18"] Reply NA: address 2001:(...):2000 to client with duid 00:03:00:01:2c:59:e5:ef:88:2f iaid = 3 valid for 7200 seconds
<191>1 2025-02-16T00:00:00+01:00 OPNsense.lan dhcpd 28149 - [meta sequenceId="19"] Reusing lease for: 2001:(...):2000, age 1732 secs < 25%, sending shortened lifetimes - preferred: 1, valid 5468
<190>1 2025-02-16T00:00:00+01:00 OPNsense.lan dhcpd 28149 - [meta sequenceId="20"] Sending Reply to fe80::2e59:e5ff:feef:882f port 546
<190>1 2025-02-16T00:00:00+01:00 OPNsense.lan dhcpd 28149 - [meta sequenceId="21"] Renew message from fe80::2e59:e5ff:feef:882f port 546, transaction ID 0xC70A6E00
<190>1 2025-02-16T00:00:00+01:00 OPNsense.lan dhcpd 28149 - [meta sequenceId="22"] Reply NA: address 2001:(...):2000 to client with duid 00:03:00:01:2c:59:e5:ef:88:2f iaid = 3 valid for 7200 seconds
<191>1 2025-02-16T00:00:00+01:00 OPNsense.lan dhcpd 28149 - [meta sequenceId="23"] Reusing lease for: 2001:(...):2000, age 1732 secs < 25%, sending shortened lifetimes - preferred: 1, valid 5468
<190>1 2025-02-16T00:00:00+01:00 OPNsense.lan dhcpd 28149 - [meta sequenceId="24"] Sending Reply to fe80::2e59:e5ff:feef:882f port 546

That "2001:(...):2000" v6 address is my public ip, so i would guess that there is some disagreement between the providers dhcp and opnsense? I am requesting a delegated prefix, however since my vlans are receiving their prefixes i think the config should be fine.

I would be happy if someone can give me additional pointers. Also, if i should share my pppoe or wan config, i can do that too.

Thanks for your help, have a nice day,
brot
February 17, 2025, 12:20:45 PM #1
Those are messages from your own dhcpv6 daemon issuing addresses to a device from HP, with MAC 2c:59:e5:ef:88:2f.
The requests are coming in back-to-back, the answers get send out back-to-back as well.

From the looks of it, I would guess that the answers do not get picked up by the client for whatever reason. Maybe you misconfigured your DHCPv6, e.g. because you gave the VLAN the same prefix ID than your WAN?
Intel N100, 4 x I226-V, 16 GByte, 256 GByte NVME, ZTE F6005

1100 down / 770 up, Bufferbloat A
February 18, 2025, 11:39:32 AM #2
Thank you for your input meyergru.

I verified that ipv6 works on the "iot" VLAN - a raspberry pi zero 2w on the same WiFi network is getting its ipv6 addresses without problems.  So i think that the DHCPv6 configuration on that interface is sane, and the prefix is different from the other VLANs.

Then i had a look at the ipv6 config that the printer offers, which is only to en/disable ipv6 or enter a manual address. Since the printer is quite old (2010-ish) i am guessing that it just has a weird ipv6 stack and disabled it altogether.

Thanks again for your help, have a nice day,
brot
Print
Go Up Pages1
User actions