DHCP configuration in the web GUI

You can also set up your DHCP server in the web GUI, which includes many more options than the console does:

1. Navigate to Services | DHCP Server. There will be a separate tab for each non-WAN interface.
2. Click on the tab for the interface you want to configure. 
3. In the General Options section, there is an Enable checkbox, which, as you probably guessed, enables the DHCP server on the interface.
4. There are also Range edit boxes where you can define the range of assigned addresses. If this is all you want to do (which is no more than the level of DHCP configuration the console provides), you can click on the Save button at the bottom of the page and the DHCP server will now be up and running.
5. One of the options added in version 2.4, the BOOTP checkbox, if checked, will cause the DHCP server to ignore BOOTP queries. BOOTP is a protocol by which networks can assign IP addresses to users. Like DHCP, it uses port 67 and port 68 to communicate. It also predates DHCP (it was originally defined in RFC 951 in September 1985, while DHCP was not defined until March 1997). Both BOOTP and DHCP are methods of automatic IP assignment. However, BOOTP differs from DHCP in several significant ways:
   • BOOTP uses the User Datagram Protocol (UDP), while DHCP uses the Transport Control Protocol (TCP).
   • BOOTP only works with IPv4 networks, while DHCP has been revised to support IPv6 networks.
   • BOOTP does not support DHCP, but the reverse is true: parts of BOOTP provide services to DHCP, and DHCP servers provide legacy BOOTP functionality.
   • Therefore, a DHCP server will normally also act as a BOOTP server. This can be problematic, however, because BOOTP leases do not have a maximum lease time by default (the original definition of BOOTP does not even include the lease concept). Therefore, BOOTP leases can easily exhaust the DHCP address pool. One possible solution is to just ignore BOOTP queries, which may seem like overkill, but it also eliminates the possibility of DHCP support for BOOTP ever being a problem. If you ever have problems with BOOTP queries, you can enable this option.

6. The Ignore denied clients checkbox, if checked, will cause pfSense to ignore denied clients rather than reject them. This, however, is not compatible with failover, because another pfSense system in the failover group will assume that the failure to respond to a DHCP request indicates a failure of the other system.
7. The Additional Pools section allows you to specify additional pools of addresses outside of the range specified in General Options:
   • You can add address pools by clicking on the Add pool button and entering the new range.
   • Once a new pool has been added, it will appear under the Additional Pools section, and you will be able to edit or delete the pool from the DHCP Server page.
8. You may want to set up your system so that only devices with certain MAC addresses receive DHCP leases. If so, check the Deny unknown clients checkbox.
9. You will then have to scroll down to the Other Options section and click on the Advanced button next to the MAC Address Control section.
10. In the MAC Allow edit box, specify the MAC addresses of the devices (as comma-separated values with no spaces) to which you want to allow access. If you want to deny access to certain devices, you can specify their MAC addresses in the MAC Deny edit box.