dhclient(8) sets wrong interface netmask on boot up

Cary lists at flederma.us
Sat Sep 12 17:47:04 UTC 2015

On 09/12/2015 10:45, Adam Vande More wrote:
> On Fri, Sep 11, 2015 at 10:15 PM, Cary <lists at flederma.us> wrote:
>> QUESTION: How do I get dhclient to correctly set the interface netmask
>> when the system boots?
>> Once the system is booted, I cannot SSH into the system until I have
>> logged in via the console and restarted dhclient(8) (`service dhclient
>> restart em0`).
>> I've installed 10.2-RELEASE[uname] from scratch.
>> My [/etc/rc.conf] specifies that the em0 interface should have dhclient
>> run on it.
>> Running ifconfig(8) prior (ifconfig-0.out) and post (ifconfig-1.out)
>> dhclient, I found that the netmask is set incorrectly after boot:
>> # ifconfig -a > ifconfig-0.out
>> # service dhclient restart em0
>> Stopping dhclient.
>> Starting dhclient.
>> DHCPREQUEST on em0 to port 67
>> DHCPACK from
>> bound to -- renewal in 43200 seconds.
>> # ifconfig -a > ifconfig-1.out
>> # diff ifconfig-0.out ifconfig-1.out
>> 4c4
>> <       inet netmask 0xffffffff broadcast
>> ---
>>>       inet netmask 0xffffff00 broadcast
>> My [/etc/dhclient.conf] file is unchanged from the system default.
>> The DHCP server is an residential wireless router. All other devices are
>> receiving DHCP configurations from the router without issue.
>> Thank you in advance for any assistance!
> Nothing you've given us would lead me to believe this is an issue with
> dhclient.  Why do you?  It simply assigns whatever info it gets from DHCP.

Thanks, Adam. It is good to know that this configuration should be
correct. I believe it is a dhclient issue because it is the only means
by which I'm configuring the network, at boot up and once the system is
running. The netmask is set incorrectly on boot, and after running
dhclient manually it is set correctly.

>> [uname] FreeBSD public.fbsd.local 10.2-RELEASE FreeBSD 10.2-RELEASE #0
>> r286666: Wed Aug 12 15:26:37 UTC 2015
>> root at releng1.nyi.freebsd.org:/usr/obj/usr/src/sys/GENERIC  amd64
>> [/etc/rc.conf]
>> hostname="public.fbsd.local"
>> ifconfig_em0="DHCP"
>> cloned_interfaces="${cloned_interfaces} lo1"
> previous line doesn't make much sense.

That was copied from the FreeBSD handbook section on managing jails
(https://www.freebsd.org/doc/handbook/jails-ezjail.html). I didn't think
that the jails would mess with the base host network configuration.
However, after re-looking at the jail config, I changed the config line
in /usr/local/etc/ezjail/www_local from:

export jail_www_local_ip="lo1|,em0|"
export jail_www_local_ip="lo1|"

After reboot, I was able to SSH into it without trouble. But now the
httpd server cannot bind to the em0 interface. I guess I can forward
traffic with ipfw or pfctl to get around that issue.

LESSON LEARNED: ezjail *will* override the DHCP-assigned configuration
of an interface!

Thanks for the nudge, Adam. Hopefully my ignorance will help someone
else down the line.

>> sshd_enable="YES"

Cary Mathews

More information about the freebsd-questions mailing list