Dhcp server leases filled with wrong entries and table full even though not so many users

himurae · December 30, 2024, 6:14pm

hello guys i am running the latest rolling release ,i have 2 vlans and 1 lan,the dhcp server table is filled for some networks even though there are not so many users

192.168.5.87                      rejected  2024/12/30 19:46:40  2024/12/31 19:46:40  21:56:58     LAN                                local
192.168.5.88                      rejected  2024/12/30 19:46:53  2024/12/31 19:46:53  21:57:11     LAN                                local
192.168.5.89                      rejected  2024/12/30 19:47:31  2024/12/31 19:47:31  21:57:49     LAN                                local
192.168.5.90                      rejected  2024/12/30 19:47:08  2024/12/31 19:47:08  21:57:26     LAN                                local
192.168.5.91                      rejected  2024/12/30 19:47:21  2024/12/31 19:47:21  21:57:39     LAN                                local
192.168.5.92   2c:e0:32:f0:d7:c8  active    2024/12/30 18:19:36  2024/12/31 18:19:36  20:29:54     LAN                                local
192.168.5.93   b6:af:12:77:9d:01  active    2024/12/30 16:43:35  2024/12/31 16:43:35  18:53:53     LAN                                local
192.168.5.94                      rejected  2024/12/30 19:47:35  2024/12/31 19:47:35  21:57:53     LAN                                local
192.168.5.95                      rejected  2024/12/30 21:03:56  2024/12/31 21:03:56  23:14:14     LAN                                local
192.168.5.96                      rejected  2024/12/30 19:45:19  2024/12/31 19:45:19  21:55:37     LAN                                local
192.168.5.97   d0:fc:cc:e2:30:27  active    2024/12/30 20:19:30  2024/12/31 20:19:30  22:29:48     LAN     galaxy-j5-prime            local
192.168.5.98                      rejected  2024/12/30 19:50:27  2024/12/31 19:50:27  22:00:45     LAN                                local
192.168.5.100                     rejected  2024/12/30 19:47:48  2024/12/31 19:47:48  21:58:06     LAN                                local
192.168.5.101  70:09:71:ed:2d:e9  active    2024/12/30 19:42:57  2024/12/31 19:42:57  21:53:15     LAN     samsung                    local
192.168.5.102  16:71:52:cd:4b:11  active    2024/12/30 20:50:03  2024/12/31 20:50:03  23:00:21     LAN                                local
192.168.5.103  b4:4b:d6:95:ab:d6  active    2024/12/30 17:22:09  2024/12/31 17:22:09  19:32:27     LAN                                local
192.168.5.105  ce:b4:a7:83:40:f4  active    2024/12/30 21:48:43  2024/12/31 21:48:43  23:59:01     LAN     redmi-13c-5g               local
192.168.5.106                     rejected  2024/12/30 19:48:03  2024/12/31 19:48:03  21:58:21     LAN                                local
192.168.5.107                     rejected  2024/12/30 19:48:16  2024/12/31 19:48:16  21:58:34     LAN                                local
192.168.5.108                     rejected  2024/12/30 21:43:55  2024/12/31 21:43:55  23:54:13     LAN                                local
192.168.5.109  3a:86:e0:44:00:1f  active    2024/12/30 21:43:09  2024/12/31 21:43:09  23:53:27     LAN     redmi-note-13              local
192.168.5.110  7e:1a:82:a6:ac:cc  active    2024/12/30 19:35:20  2024/12/31 19:35:20  21:45:38     LAN     transformer                local
192.168.5.111                     rejected  2024/12/30 19:48:30  2024/12/31 19:48:30  21:58:48     LAN                                local
192.168.5.112  10:c7:53:3e:5d:d6  active    2024/12/30 21:02:04  2024/12/31 21:02:04  23:12:22     LAN                                local
192.168.5.113                     rejected  2024/12/30 19:48:43  2024/12/31 19:48:43  21:59:01     LAN                                local
192.168.5.114                     rejected  2024/12/30 20:05:18  2024/12/31 20:05:18  22:15:36     LAN                                local
192.168.5.115  56:3e:62:1b:a4:8e  active    2024/12/30 18:27:21  2024/12/31 18:27:21  20:37:39     LAN     merjr-singh-pal            local
192.168.5.117                     rejected  2024/12/30 19:48:57  2024/12/31 19:48:57  21:59:15     LAN                                local
192.168.5.118                     rejected  2024/12/30 21:04:43  2024/12/31 21:04:43  23:15:01     LAN                                local
192.168.5.119                     rejected  2024/12/30 21:05:35  2024/12/31 21:05:35  23:15:53     LAN                                local
192.168.5.120                     rejected  2024/12/30 19:49:10  2024/12/31 19:49:10  21:59:28     LAN                                local
192.168.5.121  80:2a:a8:c9:4a:48  active    2024/12/30 16:20:21  2024/12/31 16:20:21  18:30:39     LAN     2ndflooremergency          local
192.168.5.122                     rejected  2024/12/30 19:49:24  2024/12/31 19:49:24  21:59:42     LAN                                local
192.168.5.123  ea:c9:9d:94:76:1c  active    2024/12/30 17:42:16  2024/12/31 17:42:16  19:52:34     LAN     redmi-13c-5g               local
192.168.5.124                     rejected  2024/12/30 19:49:38  2024/12/31 19:49:38  21:59:56     LAN                                local
192.168.5.125                     rejected  2024/12/30 19:49:52  2024/12/31 19:49:52  22:00:10     LAN                                local
192.168.5.126                     rejected  2024/12/30 19:50:05  2024/12/31 19:50:05  22:00:23     LAN                                local
192.168.5.127                     rejected  2024/12/30 19:50:19  2024/12/31 19:50:19  22:00:37     LAN                                local
192.168.5.128                     rejected  2024/12/30 19:50:33  2024/12/31 19:50:33  22:00:51     LAN                                local
192.168.5.129                     rejected  2024/12/30 21:05:24  2024/12/31 21:05:24  23:15:42     LAN                                local
192.168.5.130                     rejected  2024/12/30 19:51:47  2024/12/31 19:51:47  22:02:05     LAN                                local
192.168.5.131                     rejected  2024/12/30 19:50:46  2024/12/31 19:50:46  22:01:04     LAN                                local
192.168.5.132                     rejected  2024/12/30 19:50:59  2024/12/31 19:50:59  22:01:17     LAN                                local
192.168.5.133                     rejected  2024/12/30 19:51:13  2024/12/31 19:51:13  22:01:31     LAN                                local
192.168.5.134                     rejected  2024/12/30 19:51:26  2024/12/31 19:51:26  22:01:44     LAN                                local
192.168.5.135                     rejected  2024/12/30 19:51:40  2024/12/31 19:51:40  22:01:58     LAN                                local
192.168.5.136                     rejected  2024/12/30 19:51:54  2024/12/31 19:51:54  22:02:12     LAN                                local
192.168.5.137                     rejected  2024/12/30 19:52:31  2024/12/31 19:52:31  22:02:49     LAN                                local
192.168.5.138                     rejected  2024/12/30 21:05:49  2024/12/31 21:05:49  23:16:07     LAN                                local
192.168.5.139                     rejected  2024/12/30 19:52:08  2024/12/31 19:52:08  22:02:26     LAN                                local
192.168.5.140  34:1c:f0:8b:9c:40  active    2024/12/30 18:36:54  2024/12/31 18:36:54  20:47:12     LAN     m2006c3lii-redmi9i         local
192.168.5.141                     rejected  2024/12/30 21:06:06  2024/12/31 21:06:06  23:16:24     LAN                                local
192.168.5.142                     rejected  2024/12/30 19:52:21  2024/12/31 19:52:21  22:02:39     LAN                                local
192.168.5.144                     rejected  2024/12/30 19:52:35  2024/12/31 19:52:35  22:02:53     LAN                                local
192.168.5.145                     rejected  2024/12/30 19:52:51  2024/12/31 19:52:51  22:03:09     LAN                                local
192.168.5.146                     rejected  2024/12/30 19:52:48  2024/12/31 19:52:48  22:03:06     LAN                                local
192.168.5.147                     rejected  2024/12/30 19:53:02  2024/12/31 19:53:02  22:03:20     LAN                                local
192.168.5.148                     rejected  2024/12/30 19:53:06  2024/12/31 19:53:06  22:03:24     LAN                                local
192.168.5.149  88:dc:96:41:fb:f9  active    2024/12/30 16:42:38  2024/12/31 16:42:38  18:52:56     LAN                                local
192.168.5.150  fa:01:ab:21:e3:11  active    2024/12/30 18:41:38  2024/12/31 18:41:38  20:51:56     LAN     galaxy-xcover6-pro         local
192.168.5.151                     rejected  2024/12/30 19:53:15  2024/12/31 19:53:15  22:03:33     LAN                                local
192.168.5.152  e2:43:ba:6b:26:ad  active    2024/12/30 16:44:28  2024/12/31 16:44:28  18:54:46     LAN     mohandas-s-a50             local
192.168.5.153  80:99:e7:56:d7:bb  active    2024/12/30 17:56:12  2024/12/31 17:56:12  20:06:30     LAN                                local
192.168.5.155                     rejected  2024/12/30 21:06:23  2024/12/31 21:06:23  23:16:41     LAN                                local
192.168.5.156                     rejected  2024/12/30 19:53:25  2024/12/31 19:53:25  22:03:43     LAN

configs are below

set firewall group network-group LAN network 'xxx.xxx.5.0/24'
set firewall group network-group LAN network 'xxx.xxx.10.0/24'
set firewall group network-group LAN network 'xxx.xxx.20.0/24'
set interfaces ethernet eth0 duplex 'auto'
set interfaces ethernet eth0 hw-id 'xx:xx:xx:xx:xx:5e'
set interfaces ethernet eth0 offload gro
set interfaces ethernet eth0 offload gso
set interfaces ethernet eth0 offload rfs
set interfaces ethernet eth0 offload rps
set interfaces ethernet eth0 offload sg
set interfaces ethernet eth0 offload tso
set interfaces ethernet eth0 ring-buffer rx '4096'
set interfaces ethernet eth0 ring-buffer tx '4096'
set interfaces ethernet eth0 speed 'auto'
set interfaces ethernet eth1 address 'xxx.xxx.5.1/24'
set interfaces ethernet eth1 duplex 'auto'
set interfaces ethernet eth1 hw-id 'xx:xx:xx:xx:xx:5c'
set interfaces ethernet eth1 offload gro
set interfaces ethernet eth1 offload gso
set interfaces ethernet eth1 offload rfs
set interfaces ethernet eth1 offload rps
set interfaces ethernet eth1 offload sg
set interfaces ethernet eth1 offload tso
set interfaces ethernet eth1 ring-buffer rx '4096'
set interfaces ethernet eth1 ring-buffer tx '4096'
set interfaces ethernet eth1 speed 'auto'
set interfaces ethernet eth1 vif 10 address 'xxx.xxx.10.1/24'
set interfaces ethernet eth1 vif 20 address 'xxx.xxx.20.1/24'
set interfaces ethernet eth2 disable
set interfaces ethernet eth2 hw-id 'xx:xx:xx:xx:xx:5d'
set interfaces ethernet eth2 offload gro
set interfaces ethernet eth2 offload gso
set interfaces ethernet eth2 offload sg
set interfaces ethernet eth2 offload tso
set interfaces ethernet eth3 disable
set interfaces ethernet eth3 hw-id 'xx:xx:xx:xx:xx:5f'
set interfaces ethernet eth3 offload gro
set interfaces ethernet eth3 offload gso
set interfaces ethernet eth3 offload sg
set interfaces ethernet eth3 offload tso
set interfaces loopback lo
set interfaces pppoe pppoe0 authentication password xxxxxx
set interfaces pppoe pppoe0 authentication username xxxxxx
set interfaces pppoe pppoe0 ip adjust-mss 'clamp-mss-to-pmtu'
set interfaces pppoe pppoe0 source-interface 'eth0'
set nat source rule 100 outbound-interface name 'pppoe0'
set nat source rule 100 source group network-group 'LAN'
set nat source rule 100 translation address 'masquerade'
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.5.0/24 lease '86400'
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.5.0/24 option default-router 'xxx.xxx.5.1'
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.5.0/24 option domain-name xxxxxx
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.5.0/24 option name-server 'xxx.xxx.5.1'
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.5.0/24 range 0 start 'xxx.xxx.5.10'
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.5.0/24 range 0 stop 'xxx.xxx.5.254'
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.5.0/24 subnet-id '1'
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.10.0/24 lease '86400'
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.10.0/24 option default-router 'xxx.xxx.10.1'
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.10.0/24 option domain-name xxxxxx
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.10.0/24 option name-server 'xxx.xxx.10.1'
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.10.0/24 range 0 start 'xxx.xxx.10.10'
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.10.0/24 range 0 stop 'xxx.xxx.10.254'
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.10.0/24 subnet-id '10'
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.20.0/24 lease '86400'
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.20.0/24 option default-router 'xxx.xxx.20.1'
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.20.0/24 option domain-name xxxxxx
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.20.0/24 option name-server 'xxx.xxx.20.1'
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.20.0/24 range 0 start 'xxx.xxx.20.2'
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.20.0/24 range 0 stop 'xxx.xxx.20.254'
set service dhcp-server shared-network-name xxxxxx subnet xxx.xxx.20.0/24 subnet-id '20'
set service dns forwarding allow-from 'xxx.xxx.5.0/24'
set service dns forwarding allow-from 'xxx.xxx.10.0/24'
set service dns forwarding allow-from 'xxx.xxx.20.0/24'
set service dns forwarding cache-size '0'
set service dns forwarding listen-address 'xxx.xxx.5.1'
set service dns forwarding listen-address 'xxx.xxx.20.1'
set service dns forwarding listen-address 'xxx.xxx.10.1'
set service dns forwarding name-server xxx.xxx.0.1
set service dns forwarding name-server xxx.xxx.241.222
set service dns forwarding name-server xxx.xxx.20.20
set service ntp allow-client xxxxxx 'xxx.xxx.0.0/8'
set service ntp allow-client xxxxxx 'xxx.xxx.0.0/16'
set service ntp allow-client xxxxxx 'xxx.xxx.0.0/8'
set service ntp allow-client xxxxxx 'xxx.xxx.0.0/12'
set service ntp allow-client xxxxxx 'xxx.xxx.0.0/16'
set service ntp allow-client xxxxxx '::1/128'
set service ntp allow-client xxxxxx 'fe80::/10'
set service ntp allow-client xxxxxx 'fc00::/7'
set service ntp server xxxxx.tld
set service ntp server xxxxx.tld
set service ntp server xxxxx.tld
set service ssh listen-address 'xxx.xxx.5.1'
set service ssh port '22'
set system config-management commit-revisions '100'
set system conntrack table-size '10485760'
set system console device ttyS0 speed '115200'
set system host-name xxxxxx
set system ip arp table-size '32768'
set system ip multipath layer4-hashing
set system login user xxxxxx authentication encrypted-password xxxxxx
set system login user xxxxxx authentication plaintext-password xxxxxx
set system name-server 'xxx.xxx.1.1'
set system option performance 'network-throughput'
set system syslog global facility all level 'info'
set system syslog global facility local7 level 'debug'
set system time-zone 'Asia/Dubai'

I am confused what is causing this there are no fw rules ,it was working fine before

himurae · January 1, 2025, 9:30am

Can any geek explain why the dhcp table for one vlan is getting filled up even in the absence of devices help me figure out ,what is happening in this network

patient0 · January 1, 2025, 12:24pm

I’m couldn’t find helpful info about the rejected state, not sure if they are rejected by the client or the server.

What does the following command return (call KEA itself and returns the leases)?

echo '{ "command": "lease4-get-all" }' | nc -U /run/kea/dhcp4-ctrl-socket

himurae · January 2, 2025, 8:12am

issue is resolved now one port was creating issues ,don’t know what is connected on the other side maybe rogue dhcp server ,im glad its solved.
I just wish vyos would state this clearly so trouble shooting would be easy