[SOLVED] 25.7.1 dnsmasq-dhcp no leases left

Started by Slinx, August 02, 2025, 03:31:05 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 02, 2025, 03:31:05 PM Last Edit: Today at 11:52:55 AM by Slinx
Hi everyone,

A few weeks ago, I migrated ISC DHCP to dnsmasq-dhcp.
I have now successfully upgraded to 25.7.1.

However, my DHCP leases are exhibiting strange behavior.
I am provisioning new VMs in a network with sufficient free leases and am receiving the following log messages.

Do you have any idea why this is happening? The configuration looks fine to me.

WebUI dnsmasq debug log:
Code Select
2025-08-02T14:52:42 Informational dnsmasq-dhcp DHCPNAK(lagg0_vlan30) 10.0.30.29 bc:24:11:56:8c:be no leases left
2025-08-02T14:52:42 Informational dnsmasq-dhcp DHCPREQUEST(lagg0_vlan30) 10.0.30.29 bc:24:11:56:8c:be
2025-08-02T14:52:42 Informational dnsmasq-dhcp DHCPOFFER(lagg0_vlan30) 10.0.30.29 bc:24:11:56:8c:be
2025-08-02T14:52:42 Informational dnsmasq-dhcp DHCPDISCOVER(lagg0_vlan30) bc:24:11:56:8c:be
2025-08-02T14:52:07 Informational dnsmasq-dhcp DHCPNAK(lagg0_vlan30) 10.0.30.29 bc:24:11:56:8c:be no leases left
2025-08-02T14:52:07 Informational dnsmasq-dhcp DHCPREQUEST(lagg0_vlan30) 10.0.30.29 bc:24:11:56:8c:be
2025-08-02T14:52:07 Informational dnsmasq-dhcp DHCPOFFER(lagg0_vlan30) 10.0.30.29 bc:24:11:56:8c:be
2025-08-02T14:52:07 Informational dnsmasq-dhcp DHCPDISCOVER(lagg0_vlan30) bc:24:11:56:8c:be

dnsmasq config for network 10.0.30.0/24:
Code Select
opnsense:~ $ cat /usr/local/etc/dnsmasq.conf | grep 10.0.30.
dhcp-range=tag:lagg0_vlan30,10.0.30.2,10.0.30.50,255.255.255.0,14400
dhcp-host=3e:fc:21:0e:5e:81,10.0.30.2,vm1
dhcp-host=bc:24:11:d8:81:92,10.0.30.3,vm2
dhcp-host=bc:24:11:30:b8:85,10.0.30.4,vm3
dhcp-host=90:09:d0:4c:22:6b,10.0.30.10,vm4

dnsmasq leases for network 10.0.30.0/24:
Code Select
opnsense:~ $ cat /var/db/dnsmasq.leases | grep 10.0.30.
1754201733 bc:24:11:b4:19:a9 10.0.30.37 backup-test ff:57:36:dc:9a:00:02:00:00:ab:11:fd:56:83:cf:f9:62:ff:30
1754150452 bc:24:11:30:b8:85 10.0.30.4 vm3 01:bc:24:11:30:b8:85
1754206280 bc:24:11:d8:81:92 10.0.30.3 vm2 01:bc:24:11:d8:81:92
1754206560 3e:fc:21:0e:5e:81 10.0.30.2 vm1 ff:21:0e:5e:81:00:01:00:01:2b:38:9c:ad:2a:70:69:e5:3a:14
1754214126 bc:24:11:f7:ab:4b 10.0.30.30 * ff:74:09:e9:13:00:02:00:00:ab:11:84:27:b0:9c:75:71:23:85
1754150115 bc:24:11:ed:8f:58 10.0.30.17 ubu-int-vm-1 ff:74:09:e9:13:00:02:00:00:ab:11:5c:77:0f:46:4c:df:89:0a

dnsmasq hosts for network 10.0.30.0/24:
Code Select
opnsense:~ $ cat /var/etc/dnsmasq-hosts | grep 10.0.30.
10.0.30.2       vm1
10.0.30.3       vm2
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.3       vm2 alias
10.0.30.4       vm3
10.0.30.4       vm3 alias
10.0.30.10      vm4
10.0.30.10      vm4 alias
10.0.30.10      vm4 alias
10.0.30.10      vm4 alias
10.0.30.10      vm4 alias
10.0.30.10      vm4 alias
10.0.30.10      vm4 alias
10.0.30.10      vm4 alias
10.0.30.10      vm4 alias
Today at 11:52:05 AM #1
Update

I found the source of this issue.

I reached DHCP max leases in dnsmasq (default: 1000)

Code Select
opnsense:~ $ cat /var/db/dnsmasq.leases | wc -l
    1000

After further searching, I see two Meross Smart Plugs with DHCPv6 causing trouble in another network.
They obtain an address every ~30 seconds and inflate the lease file.

Code Select
opnsense:~ $ cat /var/db/dnsmasq.leases | grep 48:e1:e9:eb:bb:1c | wc -l
    484

Code Select
opnsense:~ $ cat /var/db/dnsmasq.leases | grep 48:e1:e9:eb:b6:c9 | wc -l
    509

Workaround

I don't know why this happens, but with ISC DHCP, I didn't see as many leases for these devices.
I temporarily increased the DHCP max leases to 2000 and stored the two MAC addresses as hosts with the ignore option.
So that they do not obtain any further IPv6 addresses via DHCP.
Today at 06:45:13 PM #2
I have seen the same issue with TP-Link switches and smart plugs.  They are issued a new IPV6 address about every 10 minutes.  Never saw this with ISC DHCPv6.  Also used the dnsmasq ignore option on these TP-Link devices.
Print
Go Up Pages1
User actions