PF Trying to Start Before DHCP

Hey,

I have a FreeBSD box running as a router/gateway on my LAN. It gets its external IP from my ISP using DHCP. I use PF for my firewalling and routing setup.

When the system reboots, PF tries to start before DHCP gets a IP address. So PF fails to start with various errors. So my routing isn't setup for the LAN, and I have to manually pfctl -f /etc/pf.conf in order to get my networking up again. Is there any way to fix this? See log below. Thanks!

Code:
Feb 12 09:09:41 hostname kernel: Starting Network: lo0 em0 em1.
Feb 12 09:09:41 hostname kernel: lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
Feb 12 09:09:41 hostname kernel: options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
Feb 12 09:09:41 hostname kernel: inet 127.0.0.1 netmask 0xff000000
Feb 12 09:09:41 hostname kernel: em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
Feb 12 09:09:41 hostname kernel: options=4219b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAGIC,VLAN_HWTSO>
Feb 12 09:09:41 hostname kernel: ether 2c:76:8a:ad:cb:34
Feb 12 09:09:41 hostname kernel: media: Ethernet autoselect
Feb 12 09:09:41 hostname kernel: status: no carrier
Feb 12 09:09:41 hostname kernel: em1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
Feb 12 09:09:41 hostname kernel: options=4219b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAGIC,VLAN_HWTSO>
Feb 12 09:09:41 hostname kernel: ether 2c:76:8a:ad:cb:35
Feb 12 09:09:41 hostname kernel: inet 10.0.0.1 netmask 0xff000000 broadcast 10.255.255.255
Feb 12 09:09:41 hostname kernel: media: Ethernet autoselect
Feb 12 09:09:41 hostname kernel: status: no carrier
Feb 12 09:09:41 hostname kernel: Starting devd.
Feb 12 09:09:41 hostname kernel: Configuring keyboard: keymap keyrate keybell.
Feb 12 09:09:41 hostname kernel: kldload: can't load ums: No such file or directory
Feb 12 09:09:41 hostname kernel: Starting pflog.
Feb 12 09:09:41 hostname kernel: Feb 12 09:09:31 pflogd[834]: [priv]: msg PRIV_OPEN_LOG received
Feb 12 09:09:41 hostname kernel: Enabling pfno IP address found for em0
Feb 12 09:09:41 hostname kernel: /etc/pf.conf:77: could not parse host specification
Feb 12 09:09:41 hostname kernel: no IP address found for em0
Feb 12 09:09:41 hostname kernel: /etc/pf.conf:103: could not parse host specification
Feb 12 09:09:41 hostname kernel: no IP address found for em0
Feb 12 09:09:41 hostname kernel: /etc/pf.conf:106: could not parse host specification
Feb 12 09:09:41 hostname kernel: no IP address found for em0

[Clipped a ton of these messages, all on different lines of [FILE]pf.conf[/FILE] where I reference [FILE]em0[/FILE]]

Feb 12 09:09:41 hostname kernel: Additional inet routing options: ignore ICMP redirect=YES log ICMP redirect=YES gateway=YES.
Feb 12 09:09:41 hostname kernel: Waiting 30s for the default route interface: ........(em0)
Feb 12 09:09:41 hostname kernel: Creating and/or trimming log files.
Feb 12 09:09:41 hostname kernel: Starting syslogd.
 
You can also experiment with raising these defaults to (artificially, if necessary) give DHCP time to "settle":
Code:
defaultroute_delay="30"		# Time to wait for a default route on a DHCP interface.
defaultroute_carrier_delay="5"	# Time to wait for carrier while waiting for a default route.
 
DHCPSYNC gave me an error:
/etc/rc.conf:
Code:
ifconfig_em0="DHCPSYNC"
/var/log/messages:
Code:
kernel: ifconfig: DHCPSYNC: bad value

I looked through /etc/defaults/rc.conf and found synchronous_dhclient. So I put that in my /etc/rc.conf and set it to "YES" and everything worked!

Thanks!

EDIT
For any future people, this is on FreeBSD 9.1-RELEASE
 
The value is SYNCDHCP. It does the same thing as synchronous_dhclient, but does not need an extra entry in rc.conf.
 
APseudoUtopia said:
DHCPSYNC gave me an error:
Sorry about that. I initially posted DHCPSYNC, checked it and figured it was wrong, it should have been SYNCDHCP. I had changed my post but you probably read it before I corrected it.
 
wblock@ said:
The value is SYNCDHCP. It does the same thing as synchronous_dhclient, but does not need an extra entry in rc.conf.

Oops. I checked it twice to make sure. I guess my eyes were playing tricks on me.

Sorry for the formatting :p

EDIT:
Ah ha! They weren't playing tricks on me :p
 
Back
Top