Page 1 of 2 12 LastLast
Results 1 to 10 of 18
  1. #1
    Newbie
    Join Date
    May 2020
    Posts
    10

    Default Lan IP's keep changing

    Hello everyone,

    Is there a reason why Untangle keeps changing IP's for many devices in LAN? compared to many routers, devices tend to keep the same ip. I know i can set static IP's, but does it has anything to do with DHCP Leased time?

  2. #2
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    8,754

    Default

    DHCP is sticky unless your range of DHCP IPs are smaller than the total MAC addresses seen.
    Jim.Alles likes this.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,020

    Wink Welcome

    ...to Untangle, and the Forums!

    Quote Originally Posted by jcoffin View Post
    DHCP is sticky unless your range of DHCP IPs are smaller than the total MAC addresses seen.
    Yes, dnsmasq is good at being consistent if you give it room to breath, even with a short lease time. On a LAN with hundreds of devices that come and go on Wi-Fi, I have used a /19 network in the 172.16.n.n range.
    Mainly because of convention, I wouldn't recommend going past a /24 in the 192.168.n.n range.

    But if you have about 100 devices, all that needs to be done is give more of your /24 to the DHCP range, as John said.
    A couple of hundred, like 192.168.n.50 to 192.168.n.250
    Last edited by Jim.Alles; 05-12-2020 at 09:29 AM.

  4. #4
    Newbie
    Join Date
    May 2020
    Posts
    10

    Default

    Max clients in my network was like 29, DHCP was assigned range from 11 to 60 then expanded from 11 to 99, will that solve the problem or i need to push it to like 115 to score a margin or 100? i had experience with many router OS's and never got this before, never happened with PFsense for example.

  5. #5
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,494

    Default

    Maximum Active is 29? How high is Known Devices?

    You don't need just 29 IPs in the range, you need enough for all the devices to burn an IP for the duration of the lease, that's a far different situation, and which platform you have servicing DHCP will make no difference.
    f1assistance likes this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  6. #6
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,020

    Default

    There are other factors that could affect this. It depends on the layout of your network, of which we have very little information.
    A sketch could help us there.

    Rob's question is first:
    1. How high is Known Devices? This is on the Network Information widget of the Dashboard.
    2. Are there other DHCP servers active on the network?
    3. Are there hosts that have static IP addresses assigned on them within the DHCP range?
    4. Are there any advanced configuration directives in place for [DNS & DHCP]?

    You mentioned the behavior of other router OSes. The OS for NGFW is Debian Linux.

    The DHCP server in NGFW is Dnsmasq.

    Here are couple of configuration entries that reference your issue, from the man pages
    Please note that neither of these options are in use in the stock configuration of NGFW. These quotes are not intended as recommendations, and note the cautions. The bold text states how dnsmasq works:

    dhcp-sequential-ip
    Dnsmasq is designed to choose IP addresses for DHCP clients using a hash of the client's MAC address. This normally allows a client's address to remain stable long-term, even if the client sometimes allows its DHCP lease to expire. In this default mode IP addresses are distributed pseudo-randomly over the entire available address range. There are sometimes circumstances (typically server deployment) where it is more convenient to have IP addresses allocated sequentially, starting from the lowest available address, and setting this flag enables this mode. Note that in the sequential mode, clients which allow a lease to expire are much more likely to move IP address; for this reason it should not be generally used.
    no-ping
    (IPv4 only) By default, the DHCP server will attempt to ensure that an address is not in use before allocating it to a host. It does this by sending an ICMP echo request (aka "ping") to the address in question. If it gets a reply, then the address must already be in use, and another is tried. This flag disables this check. Use with caution.
    So, to answer your question in the O.P. I would say yes if your lease time is very short (like one second) things are more likely going to get squirrelly, due to competition for limited resources (i.e.: the pool of IP addresses).

    In my instance with 1,116 known devices, generally about 60 active devices, I use a /18 which allows for 16,382 addresses; coupled with a two week lease expiration. This allows me to do some troubleshooting, and if necessary, targeted restrictions during an event.

    That's like a factor of ten, for headroom.
    Be generous, there is no shortage of bits here.
    Last edited by Jim.Alles; 05-13-2020 at 02:44 PM. Reason: grammar

  7. #7
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    8,754

    Default

    The simpler solution is to add static DHCP entries for the devices' MAC addresses in http:/<your_IP>/admin/index.do#config/network/dhcp-server
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  8. #8
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,020

    Default

    Quote Originally Posted by jcoffin View Post
    The simpler solution is to add static DHCP entries for the devices' MAC addresses in http:/<your_IP>/admin/index.do#config/network/dhcp-server
    What, for my use case with tens of thousands of people wandering around a music festival?

    bbbphht.

    Of course, I might get around to hitting that [+] button and nail it down if a person has presented a propensity to be particularly problematic.
    But not to simply keep an eye on things for a week.

    Sadly, I won't have to worry about any of that this year.

    Of course, the quote above is very good advice for a more typical home network. and a DHCP range with 200 addresses might get close to that headroom factor of ten.
    Last edited by Jim.Alles; 05-13-2020 at 05:29 PM.

  9. #9
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,494

    Default

    That brings up another solid question...

    Why do we care the addresses are changing?

    Dynamic means exactly what is said on the tin, you don't use IP addresses in dynamic ranges for management, you use other things instead. That way you can scale up to thousands or tens of thousands of devices and have it all just work.

    If you have a few devices that you want to manage specifically, you can set reservations for them. If you have more... well... then you start either making VLANs to group them up, or you start using MAC prefixes to define a preferred range for specific device types.

    The tools are all there, most of which aren't exposed via the GUI.
    Last edited by sky-knight; 05-13-2020 at 10:56 AM.
    f1assistance likes this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  10. #10
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,020

    Question Why not?

    Why do we care the addresses are changing?
    I actually considered getting snarky with just that point:
    Who cares? it is working just fine!

    But then, I considered my own slight OCD, coupled with hyper-focus on some details, and realized that I had asked that very same question myself. Because I am able to keep a few IP addresses in my head. not all of them mind you, (especially if you had asked me) but I can tell something changed.


    WHY does this work differently? I asked, which is why I knew to look in a somewhat strange part of the Man page - how to turn that behavior off.

    And the O.P. stated that he has experience with other 'routers' - probably more than me!

    That is why I provided the
    "...Glossy photographs with circles and arrows and a paragraph on the back of Each one explainin' what each one was,...
    Enjoy!

    Oh and for me, with 100's of devices coming and going, I did want to keep an eye on the dashboard bandwidth charts, without having to worry about zooming into the wrong one, because the assignment changed after 4 hours. It is all on a 5Mbit DSL circuit, on a farm.

    The tools are all there, most of which aren't exposed via the GUI.
    Yup, With feelin'
    Walk right in, it's around the back
    Just a half a mile from the railroad track
    You can get anything you want at Alice's restaurant
    Last edited by Jim.Alles; 05-13-2020 at 02:41 PM.

Page 1 of 2 12 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2