Hello Brian, If PF process too much DHCP traffic, pfqueue can’t cope with the DHCP load, some DHCP packets would be lost/dropped.
If it’s the case, you will see a high PFqueue processing, you can add more worker to help with that load. Thanks, Ludovic Zammit Product Support Engineer Principal Cell: +1.613.670.8432 Akamai Technologies - Inverse 145 Broadway Cambridge, MA 02142 Connect with Us: <https://community.akamai.com/> <http://blogs.akamai.com/> <https://twitter.com/akamai> <http://www.facebook.com/AkamaiTechnologies> <http://www.linkedin.com/company/akamai-technologies> <http://www.youtube.com/user/akamaitechnologies?feature=results_main> > On Jul 20, 2022, at 11:53 AM, Cuttler, Brian R (HEALTH) via PacketFence-users > <packetfence-users@lists.sourceforge.net> wrote: > > We are seeing that our Packetfence is sometimes missing IP address > information for entries. > > We are running v6.5.1 on a Centos 7.0 virtual platform. > > I found bug 0001419 which appears to be an exact match for our issue, but is > closed and should not apply to our PF version. > > The platform with our dhcp server is running the udp reflector to the IP of > the PF server’s management port 1443. > > Restarting the dhcp listener I find the following for our management > interface. > > Jul 20 11:23:39 pfdhcplistener(30191) INFO: pfdhcplistener_ens32 starting and > writing 30191 to /usr/local/pf/var/run/pfdhcpli > stener_ens32.pid (pf::services::util::createpid) > Jul 20 11:23:39 pfdhcplistener(30191) WARN: Unable to open VLAN proc > description for ens32: No such file or directory (pf::ut > il::get_vlan_from_int) > Jul 20 11:23:39 pfdhcplistener(30191) INFO: DHCP detector on ens32 enabled > (main::) > > Beyond notices of listern startup there is no other information in the > pfdhcplistener file. > > The management interface is not vlan tagged. > > ens32: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 > inet 10.50.156.54 netmask 255.255.254.0 broadcast 10.50.157.255 > inet6 fe80::250:56ff:fea5:ab95 prefixlen 64 scopeid 0x20<link> > ether 00:50:56:a5:ab:95 txqueuelen 1000 (Ethernet) > RX packets 52531513656 bytes 55369059858378 (50.3 TiB) > RX errors 0 dropped 0 overruns 0 frame 0 > TX packets 199484785 bytes 42356251615 (39.4 GiB) > TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 > > There is output when I tcpdump the interface for our management port. > > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on ens32, link-type EN10MB (Ethernet), capture size 262144 bytes > 11:50:43.678284 IP cedar.wadsworth.org <http://cedar.wadsworth.org/>.38130 > > pkfn7.wadsworth.org.ies-lm: UDP, length 300 > 11:50:43.678382 IP cedar.wadsworth.org <http://cedar.wadsworth.org/>.38130 > > pkfn7.wadsworth.org.ies-lm: UDP, length 300 > > Any guidance on properly populating the PF database would be appreciated. > > Thank you, > Brian > > > Brian Cuttler > > ITG - Information Technology Group, Network and System Administrator > Wadsworth Center, NYS Department of Health > Empire State Plaza, Albany, NY 12201 > (518) 486-1697 | brian.cutt...@health.ny.gov > <mailto:brian.cutt...@health.ny.gov> > > > > > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > <mailto:PacketFence-users@lists.sourceforge.net> > https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!Vh0TLD06DN_TRwi2BFRq7hlUe5-WJAijIug3ZnDkjRu1ry3cKna0eek3_zed0WHm4Zl7BUnDloOyJCbcAiQuesFYTccdlqQ95NgXYA$ > > <https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!Vh0TLD06DN_TRwi2BFRq7hlUe5-WJAijIug3ZnDkjRu1ry3cKna0eek3_zed0WHm4Zl7BUnDloOyJCbcAiQuesFYTccdlqQ95NgXYA$>
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users