DHCP lease cannot be obtained after putting restriction in place

[verfluchten]

I went to Leases and copied the MAC of the currently leasing device.
Then I pasted it entirely (without editing it to be 'partial') into the 1st box of MAC address control and checked off Deny unknown clients.
Once saved, the client was not able to renew the lease until I lifted the restriction. Is this how this is supposed to work?

'partial' confuses me. Can only partial MAC addresses be used in the 'allow' box? What if I want to allow only specific, full MAC addresses?

This is what I see in the log:

dhcpd[41135]   DHCPDISCOVER from xx:xx:xx:xx:xx:xx via em0: network 192.168.0.0/16: no free leases   
dhcpd[41135]   DHCPDISCOVER from xx:xx:xx:xx:xx:xx via em0: network 192.168.0.0/16: no free leases   
dhcpd[41135]   DHCPDISCOVER from xx:xx:xx:xx:xx:xx via em0: network 192.168.0.0/16: no free leases   
dhcpd[41135]   DHCPDISCOVER from xx:xx:xx:xx:xx:xx via em0: network 192.168.0.0/16: no free leases   
dhcpd[41135]   DHCPDISCOVER from xx:xx:xx:xx:xx:xx via em0: network 192.168.0.0/16: no free leases   
dhcpd[41135]   DHCPDISCOVER from xx:xx:xx:xx:xx:xx via em0: network 192.168.0.0/16: no free leases   
dhcpd[41135]   DHCPDISCOVER from xx:xx:xx:xx:xx:xx via em0: network 192.168.0.0/16: no free leases   
dhcpd[41135]   DHCPDISCOVER from xx:xx:xx:xx:xx:xx via em0: network 192.168.0.0/16: no free leases   
dhcpd[41135]   DHCPDISCOVER from xx:xx:xx:xx:xx:xx via em0: network 192.168.0.0/16: no free leases   
dhcpd[41135]   DHCPDISCOVER from xx:xx:xx:xx:xx:xx via em0: network 192.168.0.0/16: no free leases   
dhcpd[41135]   DHCPDISCOVER from xx:xx:xx:xx:xx:xx via em0: network 192.168.0.0/16: no free leases   
dhcpd[41135]   DHCPDISCOVER from xx:xx:xx:xx:xx:xx via em0: network 192.168.0.0/16: no free leases   
dhcpd[41135]   DHCPDISCOVER from xx:xx:xx:xx:xx:xx via em0: network 192.168.0.0/16: no free leases   
dhcpd[41135]   DHCPDISCOVER from xx:xx:xx:xx:xx:xx via em0: network 192.168.0.0/16: no free leases   
dhcpd[41135]   Wrote 1 leases to leases file.   
dhcpd[41135]   Wrote 0 class decls to leases file.   
dhcpd[41135]   DHCPNAK on 192.168.10.100 to xx:xx:xx:xx:xx:xx via em0   
dhcpd[41135]   DHCPREQUEST for 192.168.10.100 from xx:xx:xx:xx:xx:xx via em0: lease 192.168.10.100 unavailable.

Before adding the MAC and enabling Deny unknown clients:

C:\>ipconfig.exe /renew

Windows IP Configuration

An error occurred while releasing interface Loopback Pseudo-Interface 1 : The system cannot find the file specified.


Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : localdomain
   IPv4 Address. . . . . . . . . . . : 192.168.11.1
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . : 192.168.10.1

After:

C:\>ipconfig.exe /renew

Windows IP Configuration

An error occurred while renewing interface Local Area Connection : The name specified in the network control block (NCB) is in use on a remote adapter.
The NCB is the data.

An error occurred while releasing interface Loopback Pseudo-Interface 1 : The system cannot find the file specified.

[EricPerl]

Hmm, I helped someone with a similar issue back in February: https://forum.opnsense.org/index.php?topic=45443

I tested this again (on 25.1.5_5) and I'm having issues getting the same test to work...
I'll try again later.

[verfluchten]

I saw that but was not sure that it was the same issue. Is it?

[EricPerl]

As I said, I could get MAC control to do what I expected back in February, but no longer yesterday.
The OP in that thread got it to work as well.

Looking at the generated config file, the size of the MAC specified in the UX is properly taken into account.
I've tried with half a MAC (-> substring(1,3,MAC)) and a full MAC (-> substring(1,6,MAC)) but the outcome is unexpected.
IOW, with 2 pools (1 allow on MAC + deny_unknown, 1 catchall), all allocations end up out of the catchall pool.

In your case, without a fallback, you got an error.

I haven't had a chase to get back at it...