[leaf-user] DHCP Leases
I'm running Bering RC3. I have an internal net that my fw is supplying dhcp
service to on eth3. I also need to get a dhcp lease on my INTERNET access
connections (eth0, eth1 and eth4). They are supposed to be a 2 year lease
(sorta static-IP). Eth4 seems to be getting the 2 year lease, eth0 and eth1
lose their IP# after 12 hours.
Right now I'm running both pump and dhcpd packages.
My ISP is telling me - "Looking at the DHCP log, it appears that a 2 year
lease is assigned, then quickly changed to 12 hours. They made a couple of
changes on the scope, but we can't figure out why you are the only one with
these symptoms. "
Where can I see the information (Lease duration) that I am being given?
Is it possible that the Bering fw is modifying the lease time?
Thanks,
Harold Miller
--
/etc/pump.conf contains:
retries 3
script "/etc/pump.shorewall"
device eth0 {
nodns
}
device eth1 {
nodns
}
device eth4 {
nodns
}
-
/etc/dhcpd.conf contains:
dynamic-bootp-lease-length 604800;
max-lease-time 1209600;
subnet 192.168.2.0 netmask 255.255.255.0 {
option routers 192.168.2.254;
option domain-name "private.network";
option domain-name-servers 192.168.2.254,66.169.254.29,66.169.254.30;
range 192.168.2.1 192.168.2.199;
}
---
/etc/default/pump contains:
IFACES=eth0,eth1,eth4
/etc/network/interfaces contains:
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
auto eth1
iface eth1 inet dhcp
auto eth2
iface eth2 inet static
address 192.168.10.254
masklen 24
broadcast 192.168.10.255
auto eth3
iface eth3 inet static
address 192.168.2.254
masklen 24
broadcast 192.168.2.255
auto eth4
iface eth4 inet static
address 68.116.40.4
masklen 24
broadcast 68.116.40.255
gateway 68.116.40.1
---
This sf.net email is sponsored by: OSDN - Tired of that same old
cell phone? Get a new here for FREE!
https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] DHCP Leases - Second Posting
Is there a better place for me to ask this question?
I'm running Bering RC3. I have an internal net that my fw is supplying dhcp
service to on eth3. I also need to get a dhcp lease on my INTERNET access
connections (eth0, eth1 and eth4). They are supposed to be a 2 year lease
(sorta static-IP). Eth4 seems to be getting the 2 year lease, eth0 and eth1
lose their IP# after 12 hours.
Right now I'm running both pump and dhcpd packages.
My ISP is telling me - "Looking at the DHCP log, it appears that a 2 year
lease is assigned, then quickly changed to 12 hours. They made a couple of
changes on the scope, but we can't figure out why you are the only one with
these symptoms. "
Where can I see the information (Lease duration) that I am being given?
Is it possible that the Bering fw is modifying the lease time?
Thanks,
Harold Miller
--
/etc/pump.conf contains:
retries 3
script "/etc/pump.shorewall"
device eth0 {
nodns
}
device eth1 {
nodns
}
device eth4 {
nodns
}
-
/etc/dhcpd.conf contains:
dynamic-bootp-lease-length 604800;
max-lease-time 1209600;
subnet 192.168.2.0 netmask 255.255.255.0 {
option routers 192.168.2.254;
option domain-name "private.network";
option domain-name-servers 192.168.2.254,66.169.254.29,66.169.254.30;
range 192.168.2.1 192.168.2.199;
}
---
/etc/default/pump contains:
IFACES=eth0,eth1,eth4
/etc/network/interfaces contains:
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
auto eth1
iface eth1 inet dhcp
auto eth2
iface eth2 inet static
address 192.168.10.254
masklen 24
broadcast 192.168.10.255
auto eth3
iface eth3 inet static
address 192.168.2.254
masklen 24
broadcast 192.168.2.255
auto eth4
iface eth4 inet static
address 68.116.40.4
masklen 24
broadcast 68.116.40.255
gateway 68.116.40.1
---
This sf.net email is sponsored by: OSDN - Tired of that same old
cell phone? Get a new here for FREE!
https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] DHCP Leases - Second Posting
First of all, from the info you described, eth4 is not using pump to get a
DHCP lease; you are assigning it a static address in
/etc/network/interfaces, as follows:
iface eth4 inet static
address 68.116.40.4
masklen 24
broadcast 68.116.40.255
gateway 68.116.40.1
Your pump config line is inconsistent with this, as it does list eth4, but
I *think* the interfaces setting takes precedence.
Second, dhcp clients *can* ask for leases with specific time requirements.
The "max-lease"time" statement in dhcpd.conf, for example, is there to
prevent a DHCP *server* from issuing long licenses even if the client
requests a long one. Since I don't know what DHCP server software your ISP
runs, I can't say what it might be doing with respect to default and
maximum lease values.
To specify a particular lease time in your pump request, you use the -l
command-line argument, providing a value in hours. The man page I have does
not specify an equivalent config-file directive. Nor does it tell me if
pump has a default setting.
dhcpd is a DHCP server, so its config files are relevant only to your LAN,
not the external leases.
I'm sorry that none of this feedback is specific to Bering. I don't run
Bering herw, which is why I didn't reply first time around. Since you asked
a second time, I thought I would at least tell you what I could, in the
hope that you might be able to figure out for yourself how to apply this
info to the specifics of the Berign setup.
I think that if I were you, I'd just find out what the addresses are for
eth0 and eth1, and assign them as static entries in
/etc/network/interfaces. Two years is forever with respect to IP addresses.
At 03:33 PM 8/20/02 -0700, Harold Miller wrote:
>Is there a better place for me to ask this question?
>
>
>I'm running Bering RC3. I have an internal net that my fw is supplying dhcp
>service to on eth3. I also need to get a dhcp lease on my INTERNET access
>connections (eth0, eth1 and eth4). They are supposed to be a 2 year lease
>(sorta static-IP). Eth4 seems to be getting the 2 year lease, eth0 and eth1
>lose their IP# after 12 hours.
>
>Right now I'm running both pump and dhcpd packages.
>
>My ISP is telling me - "Looking at the DHCP log, it appears that a 2 year
>lease is assigned, then quickly changed to 12 hours. They made a couple of
>changes on the scope, but we can't figure out why you are the only one with
>these symptoms. "
>
>Where can I see the information (Lease duration) that I am being given?
>
>Is it possible that the Bering fw is modifying the lease time?
>
>Thanks,
>Harold Miller
>
>--
>/etc/pump.conf contains:
>retries 3
>script "/etc/pump.shorewall"
>device eth0 {
> nodns
>}
>device eth1 {
> nodns
>}
>device eth4 {
> nodns
>}
>-
>/etc/dhcpd.conf contains:
>dynamic-bootp-lease-length 604800;
>max-lease-time 1209600;
>
>subnet 192.168.2.0 netmask 255.255.255.0 {
> option routers 192.168.2.254;
> option domain-name "private.network";
> option domain-name-servers 192.168.2.254,66.169.254.29,66.169.254.30;
> range 192.168.2.1 192.168.2.199;
>}
>---
>/etc/default/pump contains:
>IFACES=eth0,eth1,eth4
>
>/etc/network/interfaces contains:
>auto lo
>iface lo inet loopback
>auto eth0
>iface eth0 inet dhcp
>auto eth1
>iface eth1 inet dhcp
>auto eth2
>iface eth2 inet static
> address 192.168.10.254
> masklen 24
> broadcast 192.168.10.255
>auto eth3
>iface eth3 inet static
> address 192.168.2.254
> masklen 24
> broadcast 192.168.2.255
>auto eth4
>iface eth4 inet static
> address 68.116.40.4
> masklen 24
> broadcast 68.116.40.255
> gateway 68.116.40.1
--
---"Never tell me the odds!"
Ray Olszewski -- Han Solo
Palo Alto, California, USA[EMAIL PROTECTED]
---
---
This sf.net email is sponsored by: OSDN - Tired of that same old
cell phone? Get a new here for FREE!
https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] DHCP Leases - Second Posting
Thanks for the reply. I've removed the contents of the pump.conf and
/etc/default/pump files, and restarted the system. At about 1130AM PST I
should know if this corrects the problem.
My routing / Nat / and MASQ files probably also have inconsistancies in
them, I know I'm using the same IP in 2 places on the same sub-net, but it
works...
HAROLD MILLER
> First of all, from the info you described, eth4 is not using pump
> to get a
> DHCP lease; you are assigning it a static address in
> /etc/network/interfaces, as follows:
>
> iface eth4 inet static
> address 68.116.40.4
> masklen 24
> broadcast 68.116.40.255
> gateway 68.116.40.1
>
> Your pump config line is inconsistent with this, as it does list
> eth4, but
> I *think* the interfaces setting takes precedence.
>
> Second, dhcp clients *can* ask for leases with specific time
> requirements.
> The "max-lease"time" statement in dhcpd.conf, for example, is there to
> prevent a DHCP *server* from issuing long licenses even if the client
> requests a long one. Since I don't know what DHCP server software
> your ISP
> runs, I can't say what it might be doing with respect to default and
> maximum lease values.
>
> To specify a particular lease time in your pump request, you use the -l
> command-line argument, providing a value in hours. The man page I
> have does
> not specify an equivalent config-file directive. Nor does it tell me if
> pump has a default setting.
>
> dhcpd is a DHCP server, so its config files are relevant only to
> your LAN,
> not the external leases.
>
> I'm sorry that none of this feedback is specific to Bering. I don't run
> Bering herw, which is why I didn't reply first time around. Since
> you asked
> a second time, I thought I would at least tell you what I could, in the
> hope that you might be able to figure out for yourself how to apply this
> info to the specifics of the Berign setup.
>
> I think that if I were you, I'd just find out what the addresses are for
> eth0 and eth1, and assign them as static entries in
> /etc/network/interfaces. Two years is forever with respect to IP
> addresses.
>
> At 03:33 PM 8/20/02 -0700, Harold Miller wrote:
> >Is there a better place for me to ask this question?
> >
> >
> >I'm running Bering RC3. I have an internal net that my fw is
> supplying dhcp
> >service to on eth3. I also need to get a dhcp lease on my INTERNET access
> >connections (eth0, eth1 and eth4). They are supposed to be a 2 year lease
> >(sorta static-IP). Eth4 seems to be getting the 2 year lease,
> eth0 and eth1
> >lose their IP# after 12 hours.
> >
> >Right now I'm running both pump and dhcpd packages.
> >
> >My ISP is telling me - "Looking at the DHCP log, it appears that a 2 year
> >lease is assigned, then quickly changed to 12 hours. They made
> a couple of
> >changes on the scope, but we can't figure out why you are the
> only one with
> >these symptoms. "
> >
> >Where can I see the information (Lease duration) that I am being given?
> >
> >Is it possible that the Bering fw is modifying the lease time?
> >
> >Thanks,
> >Harold Miller
> >
> >--
> >/etc/pump.conf contains:
> >retries 3
> >script "/etc/pump.shorewall"
> >device eth0 {
> > nodns
> >}
> >device eth1 {
> > nodns
> >}
> >device eth4 {
> > nodns
> >}
> >-
> >/etc/dhcpd.conf contains:
> >dynamic-bootp-lease-length 604800;
> >max-lease-time 1209600;
> >
> >subnet 192.168.2.0 netmask 255.255.255.0 {
> > option routers 192.168.2.254;
> > option domain-name "private.network";
> > option domain-name-servers
> 192.168.2.254,66.169.254.29,66.169.254.30;
> > range 192.168.2.1 192.168.2.199;
> >}
> >---
> >/etc/default/pump contains:
> >IFACES=eth0,eth1,eth4
> >
> >/etc/network/interfaces contains:
> >auto lo
> >iface lo inet loopback
> >auto eth0
> >iface eth0 inet dhcp
> >auto eth1
> >iface eth1 inet dhcp
> >auto eth2
> >iface eth2 inet static
> > address 192.168.10.254
> > masklen 24
> > broadcast 192.168.10.255
> >auto eth3
> >iface eth3 inet static
> > address 192.168.2.254
> > masklen 24
> > broadcast 192.168.2.255
> >auto eth4
> >iface eth4 inet static
> > address 68.116.40.4
> > masklen 24
> > broadcast 68.116.40.255
> > gateway 68.116.40.1
>
>
>
>
> --
> ---"Never tell me the
> odds!"
> Ray Olszewski -- Han Solo
> Palo Alto, California, USA [EMAIL PROTECTED]
> --
> -
>
---
This sf.net email is sponsored by: OSDN - Tired of that same old
cell phone? Get a new here for FR
[leaf-user] DHCP Leases can cause problems with VMWare and Tunnels
I posted this on OpenVPN but I notice quite a lot of tunnel-related stuff here too. I have set up an OpenVPN system (using a LEAF Firewall on a WRAP Platform) and have been testing this with Windows XP clients, using the GUI from Mathias Sundman. As the clients connect over Wi-Fi, their DHCP leases are quite short (1 hour). To allow more testing, I started using XP clients under VMWare (version 4.5.1) and noticed that they lose connectivity after 1 hour of operation. On examination, I found that the DHCP lease update occurring on the physical network was resetting the default gateway back to the value of the physical router and removing the default gateway set up over OpenVPN with the directive 'push "redirect gateway"'. A reconnection of the VPN client fixes this. Curiously it does not seem to happen to the host computer (also XP) running the VMWare clients - this machine reports 2 default gateways, one for the physical NIC and one for the VPN tunnel (only MS could have 2 'defaults'), but anyway it works. It seems the VMWare NIC software is changing the way that DHCP is affecting the routing table. I remember having seen reports of similar ocurrences in this list, which is why I am posting, I hope it helps. Regards, Bob von Knobloch - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
