Hi, im having problems with DHCP in a site with 1000+ devices, im testing a openwrt 18.x.1 (last stable) x64 on a i3 8300 pc as a router. When i reboot the machine everything seeems fine, devices get ip and can get to internet. but there is a problem latter and "new" devices dont get ip anymore, but "old" ones can still navigate with no problems, cpu usage is low and wan fiber is like 400mbps used so no problems there.
seems a dhcp limitation
this is my /etc/config/dhcp
config dhcp 'lan'
option interface 'lan'
option start '100'
option leasetime '12h'
option limit '30000'
option force '1'
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option nonegcache '0'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
option nonwildcard '1'
option localservice '1'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
and this is my lan interface:
config interface 'lan'
option type 'bridge'
option proto 'static'
option ip6assign '60'
option _orig_ifname 'eth0'
option _orig_bridge 'true'
option ipaddr '10.6.0.1'
option netmask '255.255.0.0'
option dns '22.214.171.124 126.96.36.199'
option ifname 'eth0'
I cant see any errors on logs, just a ton of dhcp request and offers.
Can you help me? thank you.
Looks like an issue with DNSMASQ.
You can increase the verbosity of DNSMASQ, and see the full exchange of requests and responses. Or, if you do not see those requests, perhaps your firewall is configured to limit the amount of DHCP traffic.
Ok, thank you for the responses, the firewall is just the default Openwrt one, with no changes.
I just checked the logs and the problem is that there are no leases left!
but i did changed the limit to 30k, how is this possible? is there another hard cap somewhere?
is my first openwrt router, sorry if im a bit noob. And thank you.
log error looks like: DHCPNAK(br-lan) 10.6.x.xxx xx:c2:f1:xx:xx:xx no leases left
When dnsmasq starts up, it prints the effective DHCP lease range into the syslog in the form
Wed Oct 3 15:39:43 2018 daemon.info dnsmasq-dhcp: DHCP, IP range 10.11.12.100 -- 10.11.12.249, lease time 12h - what is it reporting for you?
Internally, the dnsmasq init script performs the following calculation to obtain the effective range:
# ipcalc.sh 10.6.0.1 255.255.0.0 100 30000
So your dnsmasq should serve addresses from
Thank you jow, this shows the log after a /etc/init.d/dnsmasq restart
Wed Oct 3 15:42:05 2018 daemon.info dnsmasq-dhcp: DHCPNAK(br-lan) 10.6.x.x xx:xx:xx no leases left
Wed Oct 3 15:42:05 2018 daemon.info dnsmasq: exiting on receipt of SIGTERM
Wed Oct 3 15:42:05 2018 daemon.info dnsmasq: started, version 2.80test3 cachesize 150
Wed Oct 3 15:42:05 2018 daemon.info dnsmasq: DNS service limited to local subnets
Wed Oct 3 15:42:05 2018 daemon.info dnsmasq: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP no-DHCPv6 no-Lua TFTP no-conntrack no-ipset no-auth no-DNSSEC no-ID loop-detect inotify dumpfile
Wed Oct 3 15:42:05 2018 daemon.info dnsmasq-dhcp: DHCP, IP range 10.6.0.100 -- 10.6.117.147, lease time 12h
the range seems fine to me.
Mmmm, the "hardcap" seems to be at 1000 dhcp leases,
i just did a vim on /tmp/dhcp.leases and there is like 1000 registers.
This looks just like what im seeing in the real world scenario, everything works until arround 1k devices, how can i increase this limit?
Not terribly surprising as a /24 only has 256 addresses in it. "Dnsmasq provides network infrastructure for small networks" and wasn't designed for "enterprise" use. (Not many "small networks" have "1000+ devices" on them.)
I'd look at
kea for your DHCP server, rather than trying to patch/hack
Thats it, Thank you so much lleachii, so the fix is just edit /etc/dnsmasq.conf
and add: dhcp-lease-max=5000
restart dnsmasq and no "no leases left" errors anymore.
thank you guys, apreciated.
lets see how performs on this scenario next days. cu
edit: just looking at /tmp/dhcp.leases is now showing 1300+ registers now.
Better use built-in instruments:
uci set dhcp.@dnsmasq.dhcp_lease_max='N'
uci commit dhcp
service dnsmasq reload
Because it will help to backup and survive reflash without additional issues.
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.