DHCP Fixed IP assignment problem temp solution

General questions.
Post Reply
RichardB
Posts: 15
Joined: May 31st, 2019, 6:00 pm

DHCP Fixed IP assignment problem temp solution

Post by RichardB » June 1st, 2019, 2:47 am

First, I should say I am not a Linux guru or even close. I am a more newbie, so the following my be over explained for some. For me, it was all unfamiliar until I started troubleshooting and investigating the problem I was having.

There are issues in IPFire Core 131 with creating fixed leases in the webGUI. When adding a fixed lease using the webGUI, the list of leases in the 'Current fixed leases' box may be cleared or only the lease added is shown. The issue is compounded because the file that the DHCP daemon configuration file can get corrupted with orphaned fix leases. The only current solution is to login or SSH into IPFire CLI and edit the files directly.

After spending hours searching, reading and testing, the following information was collected. Some of it can be found by searching the Internet but it is scattered. It has been collected here along with what was learned through testing. Additionally, all testing was done using IPFire Core 131 configured for a RED and GREEN network only. The information below may need to be modified for other IPFire network configurations.

There are two files involved in creating and enabling a DHCP fixed leases. They are:

Code: Select all

/var/ipfire/dhcp/fixleases
/var/ipfire/dhcp/dhcpd.conf
Assuming there are not many fixed leases to enter, the best solution would be to enter the fixed lease information in the fixleases file and remove any fixed leases in the dhcpd.conf file, then go to the webGUI and enable the fixed leases listed.

If a large number of fix leases need to be entered then you will need to write a script that takes a file containing the assignments and creates the fixleases file and the proper entries in the dhcpd.conf file.

The file format information and notes given below will help with either method.

Short description of the files:
The fixleases file is used by IPFire to populate the 'Current fixed leases' box in the webGUI. An entry in this file does not mean the lease is active. For the DHCP daemon to provide fixed leases the appropriate entries must be made in the dhcpd.conf file. IPFire uses the fixleases file to create the appropriate entries in the dhcpd.conf file when the fix lease is enabled in the webGUI.

It is worth noting that directly adding or deleting an entry in the fixleases file does not create nor enables the lease in the DHCP daemon. This means that by improperly editing either file; you can create an inconsistency that will not be visible in IPFire's webGUI. So edit carefully. Because, IPFire does NOT do validate or consistency check the data in the files or between the files.

File: /var/ipfire/dhcp/fixleases

This file is used by IPFire to store information on a fixed lease information only. An entry in this file does not mean the lease exists for the DHCP daemon. The contents of the fixleases file is used to populate the 'Current fixed leases' box in the webGUI.
The fixleases file contains coma-delimited data for each lease. It basically has seven fields separated by a coma. NOTE: If changes are manually made to this file, IPFire does NOT validate or do a consistency check of the field data nor creates an entry in the dhcpd.conf file.

The fields are as follows:
  • Field 1: MAC address
  • Field 2: IP address to reserve for lease
  • Field 3: Enabled flag: If set 'on' then it means the entry has been made in the dhcpd.conf file. If blank, then no entry exists in the dhcpd.conf. However, this field is not checked by IPFire for consistency. In other words, if you create an entry and this field is set to 'on', IPFire will NOT automatically create an entry in the dhcpd.conf file. More on this later.
  • Field 4: This is the 'next-server' field.
  • Field 5: This is the 'filename' field.
  • Field 6: This is the 'filename' field.
  • Field 7: This field is the 'Remark' field in the fixed leases listing.

Field to line mapping format:

Code: Select all

MACaddress,IPaddress,enabled,next-server,filename,rootpath,remark
Example of the fixleases file:

Code: Select all

01:01:01:01:01:01,172.16.0.10,,,,,LeaseOne
02:02:02:02:02:02,172.16.0.11,on,,,,LeaseTwo
03:03:03:03:03:03,172.16.0.12,on,NEXTSERVER,FILENAME,ROOTPATH,REMARK
04:04:04:04:04:04,172.16.0.13,,,,,LeaseFour
05:05:05:05:05:05,172.16.0.14,on,,,,LeaseFive
NOTES:
  • NO comments and NO blank lines should be added to the fixleases file.
  • A blank line will cause a blank entry in the 'Current fixed leases' listing.
  • Do NOT set the enable field to 'on' unless you also create an appropriate entry in the dhcpd.conf file.
  • To enable manually created fixleases entries, open the webGUI and go to the DHCP Server page and in the 'Current fixed leases' box click on the 'Enable' box. An appropriate entry in the dhcpd.conf file will be created.
  • If the enable field was set to 'on' in the fixleases file, it will show in the webGUI as enabled but no entry will be made in the dhcpd.conf file. This can be fixed by unchecking the 'Enable' box and rechecking it.

File: /var/ipfire/dhcp/dhcpd.conf

This file is used by the DHCP deamon.

NOTES:
  • The 'host fix' number will change as fixed leases are enabled or disabled.
  • The 'host fix' number-to-MAC address mapping is in the same order as the entries given in the fixleases file when the entry is 'Enabled' properly in the webGUI.
If creating an entry in the dhcpd.conf file several things should be done:
  • An appropriate entry in the fixleases file must exist.
  • The ENABLE field in the fixleases file should be set to 'on'.
  • The number (#) in the 'host fix#' line should increment with each 'enabled' entry in the fixleases file and in the same order as they appear in the fixleases file. This may be best understood by comparing the example fixleases file above with the example dhcpd.conf file below.
Do NOT edit any entries other than the 'host fix#' entries. Doing so could and probably will cause issues with IPFire.

Example of the dhcpd.conf file:

Code: Select all

deny bootp;     #default
authoritative;
ddns-update-style none;
subnet 172.16.0.0 netmask 255.255.255.0 #GREEN
{
        range 172.16.0.10 172.16.0.200;
        option subnet-mask 255.255.255.0;
        option domain-name "local";
        option routers 172.16.0.1;
        option domain-name-servers 172.16.0.1, 8.8.8.8;
        default-lease-time 3600;
        max-lease-time 7200;
} #GREEN
host fix0 # LeaseTwo
{
        hardware ethernet 02:02:02:02:02:02;
        fixed-address 172.16.0.11;
}
host fix1 # REMARK
{
        hardware ethernet 03:03:03:03:03:03;
        fixed-address 172.16.0.12;
        next-server NEXTSERVER;
        filename "FILENAME";
        option root-path "ROOTPATH";
}
host fix2 # LeaseFive
{
        hardware ethernet 05:05:05:05:05:05;
        fixed-address 172.16.0.14;
}
include "/var/ipfire/dhcp/dhcpd.conf.local";
The host entry, fix1, shows all available fields and mapping that IPFire uses in creating the dhcpd.conf file from entries in the fixleases file.

Hope this helps.

BeBiMa
Posts: 2842
Joined: July 30th, 2011, 12:55 pm
Location: Mannheim

Re: DHCP Fixed IP assignment problem temp solution

Post by BeBiMa » June 2nd, 2019, 12:41 pm

RichardB wrote:
June 1st, 2019, 2:47 am
First, I should say I am not a Linux guru or even close. I am a more newbie, so the following my be over explained for some. For me, it was all unfamiliar until I started troubleshooting and investigating the problem I was having.

There are issues in IPFire Core 131 with creating fixed leases in the webGUI. When adding a fixed lease using the webGUI, the list of leases in the 'Current fixed leases' box may be cleared or only the lease added is shown. The issue is compounded because the file that the DHCP daemon configuration file can get corrupted with orphaned fix leases. The only current solution is to login or SSH into IPFire CLI and edit the files directly.
After spending hours searching, reading and testing, the following information was collected. Some of it can be found by searching the Internet but it is scattered. It has been collected here along with what was learned through testing. Additionally, all testing was done using IPFire Core 131 configured for a RED and GREEN network only. The information below may need to be modified for other IPFire network configurations.
That's right. But a search here in the forum gives you several threads discussing this problem. The bug is located in the dhcp.cgi WUI file. Solutions are posted, too. A fixed dhcp.cgi is posted also.
RichardB wrote:
June 1st, 2019, 2:47 am

There are two files involved in creating and enabling a DHCP fixed leases. They are:

Code: Select all

/var/ipfire/dhcp/fixleases
/var/ipfire/dhcp/dhcpd.conf
Assuming there are not many fixed leases to enter, the best solution would be to enter the fixed lease information in the fixleases file and remove any fixed leases in the dhcpd.conf file, then go to the webGUI and enable the fixed leases listed.
Interesting approach, which should function. Maybe this cpould be developped to a new functionality: enable/disable all entries in the fixed leases list ( contents of /var/ipfire/dhcp/fixleases ).
RichardB wrote:
June 1st, 2019, 2:47 am

If a large number of fix leases need to be entered then you will need to write a script that takes a file containing the assignments and creates the fixleases file and the proper entries in the dhcpd.conf file.

The file format information and notes given below will help with either method.

Short description of the files:
The fixleases file is used by IPFire to populate the 'Current fixed leases' box in the webGUI. An entry in this file does not mean the lease is active. For the DHCP daemon to provide fixed leases the appropriate entries must be made in the dhcpd.conf file. IPFire uses the fixleases file to create the appropriate entries in the dhcpd.conf file when the fix lease is enabled in the webGUI.

It is worth noting that directly adding or deleting an entry in the fixleases file does not create nor enables the lease in the DHCP daemon. This means that by improperly editing either file; you can create an inconsistency that will not be visible in IPFire's webGUI. So edit carefully. Because, IPFire does NOT do validate or consistency check the data in the files or between the files.
This is because of the basic work flow in IPFire:
  • Configuration is done in the WUI
  • settings are stored in IPFire files ( usually in /var/ipfire/ )
  • The WUI compiles these settings to the configuration files of the OS component to be configured, and restarts this component
Thus it isn't a really good idea to edit one or both files manually. Consistency is produced by the "compilation process" of the WUI, or should be made.
All further configuration ( which can not be made in the WUI ) must be done in the xxx.local files, if they exist. These files are included to the configuation file.
RichardB wrote:
June 1st, 2019, 2:47 am

File: /var/ipfire/dhcp/fixleases

This file is used by IPFire to store information on a fixed lease information only. An entry in this file does not mean the lease exists for the DHCP daemon. The contents of the fixleases file is used to populate the 'Current fixed leases' box in the webGUI.
The fixleases file contains coma-delimited data for each lease. It basically has seven fields separated by a coma. NOTE: If changes are manually made to this file, IPFire does NOT validate or do a consistency check of the field data nor creates an entry in the dhcpd.conf file.

The fields are as follows:
  • Field 1: MAC address
  • Field 2: IP address to reserve for lease
  • Field 3: Enabled flag: If set 'on' then it means the entry has been made in the dhcpd.conf file. If blank, then no entry exists in the dhcpd.conf. However, this field is not checked by IPFire for consistency. In other words, if you create an entry and this field is set to 'on', IPFire will NOT automatically create an entry in the dhcpd.conf file. More on this later.
  • Field 4: This is the 'next-server' field.
  • Field 5: This is the 'filename' field.
  • Field 6: This is the 'filename' field.
  • Field 7: This field is the 'Remark' field in the fixed leases listing.

Field to line mapping format:

Code: Select all

MACaddress,IPaddress,enabled,next-server,filename,rootpath,remark
Example of the fixleases file:

Code: Select all

01:01:01:01:01:01,172.16.0.10,,,,,LeaseOne
02:02:02:02:02:02,172.16.0.11,on,,,,LeaseTwo
03:03:03:03:03:03,172.16.0.12,on,NEXTSERVER,FILENAME,ROOTPATH,REMARK
04:04:04:04:04:04,172.16.0.13,,,,,LeaseFour
05:05:05:05:05:05,172.16.0.14,on,,,,LeaseFive
NOTES:
  • NO comments and NO blank lines should be added to the fixleases file.
  • A blank line will cause a blank entry in the 'Current fixed leases' listing.
  • Do NOT set the enable field to 'on' unless you also create an appropriate entry in the dhcpd.conf file.
  • To enable manually created fixleases entries, open the webGUI and go to the DHCP Server page and in the 'Current fixed leases' box click on the 'Enable' box. An appropriate entry in the dhcpd.conf file will be created.
  • If the enable field was set to 'on' in the fixleases file, it will show in the webGUI as enabled but no entry will be made in the dhcpd.conf file. This can be fixed by unchecking the 'Enable' box and rechecking it.
See above.
RichardB wrote:
June 1st, 2019, 2:47 am


File: /var/ipfire/dhcp/dhcpd.conf

This file is used by the DHCP deamon.

NOTES:
  • The 'host fix' number will change as fixed leases are enabled or disabled.
  • The 'host fix' number-to-MAC address mapping is in the same order as the entries given in the fixleases file when the entry is 'Enabled' properly in the webGUI.
If creating an entry in the dhcpd.conf file several things should be done:
  • An appropriate entry in the fixleases file must exist.
  • The ENABLE field in the fixleases file should be set to 'on'.
  • The number (#) in the 'host fix#' line should increment with each 'enabled' entry in the fixleases file and in the same order as they appear in the fixleases file. This may be best understood by comparing the example fixleases file above with the example dhcpd.conf file below.
Do NOT edit any entries other than the 'host fix#' entries. Doing so could and probably will cause issues with IPFire.
If you edit the dhcp.conf file you should name the host different from all other definitions. The name is from host name.
Best, you don't use fixnnn, use a identical descriptive name.
RichardB wrote:
June 1st, 2019, 2:47 am

Example of the dhcpd.conf file:

Code: Select all

deny bootp;     #default
authoritative;
ddns-update-style none;
subnet 172.16.0.0 netmask 255.255.255.0 #GREEN
{
        range 172.16.0.10 172.16.0.200;
        option subnet-mask 255.255.255.0;
        option domain-name "local";
        option routers 172.16.0.1;
        option domain-name-servers 172.16.0.1, 8.8.8.8;
        default-lease-time 3600;
        max-lease-time 7200;
} #GREEN
host fix0 # LeaseTwo
{
        hardware ethernet 02:02:02:02:02:02;
        fixed-address 172.16.0.11;
}
host fix1 # REMARK
{
        hardware ethernet 03:03:03:03:03:03;
        fixed-address 172.16.0.12;
        next-server NEXTSERVER;
        filename "FILENAME";
        option root-path "ROOTPATH";
}
host fix2 # LeaseFive
{
        hardware ethernet 05:05:05:05:05:05;
        fixed-address 172.16.0.14;
}
include "/var/ipfire/dhcp/dhcpd.conf.local";
The host entry, fix1, shows all available fields and mapping that IPFire uses in creating the dhcpd.conf file from entries in the fixleases file.

Hope this helps.
To sum up my comments
  • use the search function of the forum
  • don't try to edit the configuration, you should exactly now what you are doing
  • post to Bugzilla
    Maybe you find a bug is posted,yet ;)
Image
Unitymedia Cable Internet ( 32MBit )

RichardB
Posts: 15
Joined: May 31st, 2019, 6:00 pm

Re: DHCP Fixed IP assignment problem temp solution

Post by RichardB » June 4th, 2019, 4:49 pm

BeBiMa, I did search the forums. I did find the dchp.cgi 'fix'. I did try and install it. And the DCHP WGI would not load properly. And after spending several hours searching and trying to figure the problem, which I never did, I gave up. The initial post did not say where to put the file either, so I had to search that too. On top of that, the wiki information on IPFire is horribly out dated. Plus other people made a point that they would like to add a large number of leases and they figured it out. But no one ever gave instructions on how to do it.

As I said, I am not a guru which is one of the reasons I am using IPFire is it provides me with a means of having a firewall at home and work (for a small sub-net I need), that is easy to setup. It has an easy interface where I don't need to 'know' a lot to get the functionality that I need and have a patch-able firewall. I used IPFire for years but decided to try SmoothWall. That lasted a few months as I learned it has not been updated in awhile. So, I come back to IPFire and install Core 131 and low'n behold, I can't get the fixed leases setup that I need. Nor can I find any guide/solution in the forum that seems to work. But I find people saying they figured it out, but no one says how.

So, to solve my problem and provide information on a subject that a number of people seem to be asking but no one sharing any kind of organized answer for, I wrote a document. Writing is not my strong point my post probably could be improved on, but it gives insight into how to solve a problem on two fronts: 1) how to do something until a new Core release is provided that solves the problem. 2) What if someone has a lot of fixed leases to enter.

IPFire provides no method on entering a loarge number of fixed leases. Souch a method is needed for several situations: a new setup, migrating from a different firewall and failing to create a backup of IPFire settings.

I think it would be a good idea in the WGI to have a enable/disable all fixed leases option, rather than having to enable/disable each individually.

I agree it isn't a good idea to edit these files manually. But, if IPFire were working properly, I would not need to edit these files.

BeBiMa
Posts: 2842
Joined: July 30th, 2011, 12:55 pm
Location: Mannheim

Re: DHCP Fixed IP assignment problem temp solution

Post by BeBiMa » June 4th, 2019, 6:24 pm

Hi,

I understand your problems. But the fixed file is published several times in the forum.
The problem about adding a big number of fixed leases is known. But I would prefere to do this addition from the commandline. It is much easier to find possible errors in fixedleases file without smashing up the dhcp configuration. But this functionality has to been developped/verified.

Bernhard

Find attached the modified WUI file.
Unpack it ( in temp directory ) and copy dhcp.cgi to /srv/web/ipfire/cgi-bin
dhcp_cgi.tgz
(11.42 KiB) Downloaded 80 times
Image
Unitymedia Cable Internet ( 32MBit )

RichardB
Posts: 15
Joined: May 31st, 2019, 6:00 pm

Re: DHCP Fixed IP assignment problem temp solution

Post by RichardB » June 5th, 2019, 5:27 pm

How does one get this file transferred to IPFire? I have looked for that answer and have not found an answer.

User avatar
FischerM
Community Developer
Community Developer
Posts: 1025
Joined: November 2nd, 2011, 12:28 pm

Re: DHCP Fixed IP assignment problem temp solution

Post by FischerM » June 5th, 2019, 6:19 pm

Hi,

You can do that with, e.g., WinSCP or from console.

Just take a look here:
BeBiMa wrote:To use the patched version just download the .tgz file, unpack it and copy dhcp.cgi to /srv/web/ipfire/cgi-bin. You can do it from a console or with a remote tool like WinSCP.
Or here.

HTH,
Matthias

Post Reply