Connecting to DHCP managed fibre network.

[gareththered]

YouFibre is an UK ISP which provides routers which connect via DHCP (no PPPoE involved).

All Internet advice suggest that to use with your own router (OPNSense obviously), you need to ensure that the MAC address of the WAN side of your router matches what YouFibre expect, otherwise their DHCP server will refuse to issue you an IP address. Fortunately, their router has its MAC address printed on the base.

If I plug a Fedora laptop into the Optical Network Termination box and override the MAC address of the laptop with that taken from their router, then the connection comes up and a quick speed test shows a blistering 990Mbs on a 1Gbs package.  This shows that the principle works.

However, if I move the Ethernet cable to my OPNSense router and configure the same MAC address, I'm issued an IP address and given a default gateway via DHCP, but there's no further traffic.

I should add that the OPNSense router has been in service for a couple of years now, but the previous ISP used PPPoE.  I simply changed the WAN interface's settings from PPPoE to DHCP as suggested.

I can use the built-in packet sniffer to watch ICMP packets leave the router, but nothing returns.

I've even created a temporary any-any rule on the firewall just in-case I misconfigured something there.

I'm currently online by plugging the OPNSense router (with the MAC address reverted to default) into the LAN port of the provided YouFibre router, and am still managing 900Mbs or so, but I'd rather take the provided router out of the loop if possible.

Has anyone come across a similar situation, either with YouFibre or other DHCP and MAC address based ISPs?

[sopex]

Have you gone to your WAN interface settings on OPNsense and disabled "Block private networks" and "Block bogon networks"? I would start there.

You can also try deleting and re-adding the WAN interface.

[lnet.admin]

Have you tried with the MAC Address spoofing?
My UK fibre provider works perfectly well without it and I get no connection with it.

[gareththered]

Have you gone to your WAN interface settings on OPNsense and disabled "Block private networks" and "Block bogon networks"? I would start there.

You can also try deleting and re-adding the WAN interface.

Thanks for the suggestions.  The two blocks were already off.  They need to be as the OPNSense router gets a 192.168.x.x address from the YouFibre router, in my current workaround.

I deleted and re-added the WAN interface, but that didn't help.

I also had some tunables I'd set for PPPoE of the previous provider and set those back to default, but that didn't help neither.

[gareththered]

Have you tried with the MAC Address spoofing?
My UK fibre provider works perfectly well without it and I get no connection with it.

I have to spoof the MAC address, otherwise I don't get an IP address from YouFibre's DHCP servers.

[cookiemonster]

I would start looking for clues in two places: message buffer and system log which is /var/log/system/latest.log
Perhaps a live tail (tail -f) whilst renewing the dhcp lease from the ISP.

[gareththered]

I would start looking for clues in two places: message buffer and system log which is /var/log/system/latest.log
Perhaps a live tail (tail -f) whilst renewing the dhcp lease from the ISP.

Thanks for the suggestion of looking in the logs.  That got me thinking - it might not be firewall/routing, but lower level network issues.

Fedora worked with the a Realtek USB NIC, so I tried the same in my OPNSense router and it failed.  The logs showed the NIC bouncing.  A quick Google showed me that the default Realtek driver isn't the best with FreeBSD and a vendor one is available.  I installed that, and the OPNSense router's internal NIC for the WAN side (also a Realtek) came up straight away and gave me full speed.

I've now ordered an Intel based NIC for it, so that I can keep away from Realtek.

What's strange is that this internal Realtek NIC worked reliably with my previous provider.  They were using an OpenReach ONT though (made by Nokia apparently) while the current provider uses an Adtran ONT.  There must be some incompatibility somewhere.

This is what happens when someone who is comfortable with Linux dabbles with FreeBSD :-)

[gareththered]

Have you tried with the MAC Address spoofing?
My UK fibre provider works perfectly well without it and I get no connection with it.

Just to clarify - are you saying that you don't spoof the MAC and it works?  I'm with YouFibre and everyone says I have to spoof. I tried with and without and I could only get an IP address when spoofing while using the built-in Realtek driver.  Now that I've swapped to the vendor driver, and it's working, I realised I hadn't spoofed the MAC address.  I'm naturally reluctant to go a tweak again!

[nero355]

Fedora worked with the a Realtek USB NIC, so I tried the same in my OPNSense router and it failed.

You have broken two rules :
- USB Networking for critical services on your network.
- RealTek NIC in combination with FreeBSD.

That's TWO BIG DON'Ts at the same time! ;)

[gareththered]

Fedora worked with the a Realtek USB NIC, so I tried the same in my OPNSense router and it failed.

You have broken two rules :
- USB Networking for critical services on your network.
- RealTek NIC in combination with FreeBSD.

That's TWO BIG DON'Ts at the same time! ;)

Thanks.  I agree with the Realtek one - they seem rather poorly supported.

However, the USB NIC was just for testing.  My permanent NIC is internal, but just so happens to also be using a chipset manufactured by the devil :-)

It's being replaced by an Intel I210-AT based card tomorrow.