can't load at boot time; no ext IP address

[cbrace]

Hi all,

When I restart my FreeBSD server, PF is unable to load at boot time. I need to wait until the system is up and then start PF manually from a console.

The problem appears to be caused because I need to use DHCP to configure my external network interface, nfe0, and when PF runs at boot time, the DHCP client hasn't yet obtained an IP address. PF refuses to load, saying

No IP address found for nfe0

I somehow need to delay starting PF for a couple of seconds. Any thoughts on how best to do this?

Note: Please don't suggest configuring nfe0 statically. I have my ADSL modem in bridge mode, and the IP number assigned to me by my ISP is only valid when a DHCP lease is requested every few hours. I have no choice but to configure nfe0 by DHCP.

TIA

 

[phoenix]

From the rc.conf(5) man page:

synchronous_dhclient
                 (is currently in beta test.  Set to ``bool'') to start
                 dhclient(8) only in response to interface events and not syn-
                 chronously at startup.  This behavior can be overridden on a
                 per-interface basis by replacing the ``DHCP'' keyword in the
                 ifconfig_<interface> variable with ``SYNCDHCP'' or
                 ``NOSYNCDHCP''.

IOW, just update your ifconfig_nfe0 line to use SYNCDHCP instead of DHCP.

Also, consider enabling the netwait feature. Again from the rc.conf(5) man page:

 netwait_enable
                 (bool) If set to ``YES'', delays the start of network-reliant
                 services until netwait_if is up and ICMP packets to a desti-
                 nation defined in netwait_ip are flowing.  Link state is
                 examined first, followed by ``pinging'' an IP address to ver-
                 ify network usability.  If no destination can be reached or
                 timeouts are exceeded, network services are started anyway
                 with no guarantee that the network is usable.  Use of this
                 variable requires both netwait_ip and netwait_if to be set.

 

[cbrace]

SYNCDHCP does the trick. Brilliant, thanks. Rebooted to test it and it works fine. There is about a 2-second delay while the dhcp-client gets a new lease.

FWIW, I don't see anything on netwait_enable in the local rc.conf man page. Is by chance something added in FreeBSD 9? I am still running 8.1 release.

 

[plamaiziere]

Hi all,

No IP address found for nfe0

I somehow need to delay starting PF for a couple of seconds. Any thoughts on how best to do this?

Did you try to use the 'dynamic' interface address in pf.conf? IE the interface name surrounded by parentheses, like (nfe0). This is intented for addresse change (DHCP).

from pf.conf(5) (FreeBSD 9.1)

Host name resolution and interface to address translation are done
at ruleset load-time.  When the address of an interface (or host
name) changes (under DHCP or PPP, for instance), the ruleset must
be reloaded for the change to be reflected in the kernel.  Sur-
rounding the interface name (and optional modifiers) in parentheses
changes this behaviour.  When the interface name is surrounded by
parentheses, the rule is automatically updated whenever the inter-
face changes its address.

Regards.

 

[phoenix]

FWIW, I don't see anything on netwait_enable in the local rc.conf man page. Is by chance something added in FreeBSD 9? I am still running 8.1 release.

It was added in 8.3.