ZW USG 1100 don't release DHCP adresses

2

All Replies

  • alexey
    alexey Posts: 188  Master Member
    First Comment Friend Collector Fifth Anniversary
    edited January 2023
    PeterUK said:

    After more testing here and will test on a old series here is what is meant to happen

    DHCP table subnet full

    IP lease expires for clients

    I new client what to connect 

    Zywall tests a IP that has been expired by ARP to that IP

    If no reply client get IP.

    So maybe you have something making a ARP reply back to Zywall?



    We use this ZW DHCP net for maintenance/configuration devices. And device online less then 1 day. So in can't be, that all expired devices were online and send arp answer.

  • PeterUK
    PeterUK Posts: 3,388  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    edited January 2023

    If devices are stall online sending arp reply then zywall when DHCP is full can't give out any IP's

    Devices have to be off line for zywall to give out a IP to a new device that was in use.


  • alexey
    alexey Posts: 188  Master Member
    First Comment Friend Collector Fifth Anniversary
    I understand. And i sure, that devices are offline and don't answer to ARP.
  • PeterUK
    PeterUK Posts: 3,388  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    Maybe a Wireshark showing ARP ports 67 and 68 from the zywall of a client trying to get a IP might help.


  • Zyxel_James
    Zyxel_James Posts: 663  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate 100 Answers
    Could you capture the packet and collect the diag-info when this behavior occurs? ( Maintenace > Diagnostic > Controller > Collect Now)

    James
  • PeterUK
    PeterUK Posts: 3,388  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    edited January 2023

    There is a slight behaviour difference between V5.35 and V4.73

    The V5.35 with a lease of 2min then PC shutdwon will remove after some hours from the list where as V4.73 just stays listed.


  • mMontana
    mMontana Posts: 1,389  Guru Member
    50 Answers 1000 Comments Friend Collector Fifth Anniversary
    Both don't match the configuration.
    I'm expecting at the end of the lease (configured) wiping the macaddress from DHCP lease list.
    5.35 is unfortunate.
    4.73 is unacceptable.
  • alexey
    alexey Posts: 188  Master Member
    First Comment Friend Collector Fifth Anniversary
    Zyxel_James said:
    Could you capture the packet and collect the diag-info when this behavior occurs? ( Maintenace > Diagnostic > Controller > Collect Now)

    James
    Send via PM
  • Zyxel_Kevin
    Zyxel_Kevin Posts: 885  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 500 Comments
    Hi @alexey @PeterUK,
    We are checking the issue. 
    I will give feeback if any news . Thanks your patience. 
    Kevin
  • Zyxel_Kevin
    Zyxel_Kevin Posts: 885  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 500 Comments
    Hi @PeterUK
    Even if device is offline, DHCP will still be in the table. This is the expected behavior. After the next client goes online, it will take the IP which have expired in the table.
    @alexey
    Please kindly reduce lease time from 5 days to 2days and increase pool size. 
    Thank you
    Kevin

Categories

Security Highlight


Read more

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)