How to control lease time for DHCP
deja_bh...@yahoo.com
time? Consider the following cases:
1. When I connect my Solaris machine at home into the DSL model (no
router, just modem), it obtains a lease for _24 hours_. Command
"ifconfig hme0 dhcp status" shows three times:
Began = now
Expires = 24 hours later
Renew = 12 hours + - a random interval (after this many hours
it will automatically try to extend the lease)
2. When I plug in a WIndows XP laptop in the EXACT SAME MODEM (again,
no routers), it obtains a lease for only 1 hour! Furthermore, when I
run "ifconfig / all" command in a DOS window, it shows me the lease
start time, expiration time, but no renew time. So, I do not know when
it will attempt to renew the lease.
3. When I plug in EXACT SAME LAPTOP, with no changes in any
configuration, at work, the laptop obtains a lease for 3 days.
Cases 1 and 2: Different machines (Solaris & laptop), same DHCP server
(Sonic.net), different lease time ==> somehow the client machine
decides the lease time.
Cases 2 and 3: Same machine (laptop), different DHCP servers
(sonic.net, and my employer's intranet),different lease time ==>
somehow the DHCP server decides the lease time.
To me, the above seem contradictory. So, what's the story? And, more
importantly, how can I set up the Windows XP laptop to request a lease
for more than 1 hour? I would like to have a lease for at least 1 day,
preferably much longer.
If it is relevant, my DSL connection at home is with Sonic.Net
(dynamic, 1.5Mbps max download), and the service has been quite good.
Bhoot Nath
sod...@gmail.com
deja_bh...@yahoo.com wrote:
> Is there a setting in Windows XP (registry?) that controls the lease
> time? Consider the following cases:
Read RFC 2131. A DHCP client can suggest a lease time to the server
("The client MAY suggest a network address and/or lease time by
including the 'requested IP address' and 'IP address lease time'
options. "), but the server can ignore this and use its own configured
default lease time.
The combination of a suggested lease time provided by the client to the
server and how the server handles it versus using its own configured
time explains all of the cases you're seeing.
I don't know if there's a registry setting that controlls the lease
time WinXP suggests to the server. I did a search of the MS
knowledgebase but didn't find anything.
Cubit
My desktop never releases the router, and my router never releases the DSL
(SBC).
However, my laptop has a half dozen different modes under power options.
Each of these modes times out various functions to preserve battery life,
and such. So, my guess is that your laptop power options need to be set to
never time out for anything, while on AC power.
<deja_bh...@yahoo.com> wrote in message
news:1159381190.4...@k70g2000cwa.googlegroups.com...
John Richards
lease from my home router!
--
John Richards
<deja_bh...@yahoo.com> wrote in message news:1159381190.4...@k70g2000cwa.googlegroups.com...
> Is there a setting in Windows XP (registry?) that controls the lease
> time?
[snip]
Javier
> Is there a setting in Windows XP (registry?) that controls the lease
> time? Consider the following cases:
(...)
Put a packet sniffer on the wire and look at what the Windows XP and the
Solaris machines are sending to the DHCP server. Ethereal is a good
choice (I think it changed name to Wire Shark somewhere along the way).
-jav
Jeff Liebermann
The principal author changed jobs and the former employer claimed it
owned the name Ethereal as a trademark.
| http://www.internetnews.com/dev-news/article.php/3628426
There's an easier way to debug DHCP. Try:
| http://www.weirdsolutions.com/weirdSolutions/files/products/desktopSoftware/desktopQueryTool/querytool_free.exe
which is a DHCP/BOOTP query tool for Windoze. It has one oddity. It
ask for a "device identifier". That's just a label and can be
anything. It also will not return anything if you have your client
setup with a static IP even though there's a DHCP server on the LAN.
That's an intentional Windoze feature.
As for how to "control" the lease time with Windoze, there are lots of
complications.
1. Windoze will start to renew the lease at 50% the lease time. See:
| http://www.comptechdoc.org/independent/networking/guide/netdhcp.html
for the details.
2. Windoze does NOT normally release the lease during shutdown. There
are registry hacks to force it to do so. This is generally a good
idea so that stupid Windoze doesn't try to renew the lease when the
client moves to a different network or router.
3. Some routers do odd things if there is a "static DHCP" or
"pre-assigned DHCP" IP address tied to a MAC address.
4. If you need to change the lease time, it needs to be done at the
server, not the client. See:
| http://support.microsoft.com/?kbid=158016
Note that many routers still enforce the 1 hour minimum lease time. If
your client receives garbage for the lease time record, I think (not
sure) Windoze will default to 1 hour so it can try again shortly.
5. If the DHCP pool is small and running out of IP's, then some DHCP
servers will intentionally issue short lease times to facilitate IP
address reuse. My guess(tm) is that this is what's happening.
I'm not sure what's causing the short lease problem especially without
a clue as to what hardware/router/server is issuing the DHCP
addresses.
--
Jeff Liebermann je...@comix.santa-cruz.ca.us
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558
deja_bh...@yahoo.com
Jeff Liebermann wrote:
> Javier <jav...@invalid.invalid> hath wroth:
>
> >deja_bh...@yahoo.com wrote:
> >> Is there a setting in Windows XP (registry?) that controls the lease
> >> time? Consider the following cases:
> >
> >(...)
> >
> >Put a packet sniffer on the wire and look at what the Windows XP and the
> >Solaris machines are sending to the DHCP server. Ethereal is a good
> >choice (I think it changed name to Wire Shark somewhere along the way).
Thank you to all of youwho responded, and in particular to Javier and
Jeff for detailed info.
1. I used "snoop -d hme0" on Solaris (as root), and could see the DHCP
requests being broadcasts (OFFER, ACK, REQUEST, etc. kind of packets).
However, there did not seem to be anything in there from client side
that suggested a requested time.
2. In case of the PC, thanks to the links from Jeff, and doing some
additional google search, I have verified that the lease duration is
100% controlled by the DHCP server.
3. The DHCP server, when I use DSL at home, is from Sonic.Net. Dane
Jasper and a few others from there often post in this group, so perhaps
they would give some hints.
4. The unresolved issue is: Why is Sonic.Net giving only 1 hour lease
to a laptop, and 24 hour lease to a Solaris machine. Both get exact
same ip (even though my DSL service has dynamic ip/DHCP, the actual
allocated ip is exactly the same every time).
5. At the moment, I wrote a simple batch file, which automatically
renews the lease before it is over. This works on the laptop, even when
I have VPN active
5. When I use VPN to connect to my employer, my laptop can NO LONGER
have "direct" internet connection. What I mean by this is somehow all
ports are blocked, or DNS is reassigned such that I can only connect to
m employer. I can not telnet /ssh to sonic, or be able to use internet
explorer and go to yahoo.com. However, the DHCP lease requests (via
ipconfig command) are getting through to sonic.
6. When I use Solaris machine to connect to the same VPN, on Solaris,
the DHCP broadcasts DO NOT reach sonic. Therefore, eventually the lease
expires without being renewed and the VPN connection is lost. Once VPN
connection is lost, the DHCP renewal succeeds, but I have to restart
the VPN session.
Bhoot Nath
deja_bh...@yahoo.com
Jeff Liebermann wrote:
> Javier <jav...@invalid.invalid> hath wroth:
>
> >deja_bh...@yahoo.com wrote:
> >> Is there a setting in Windows XP (registry?) that controls the lease
> >> time? Consider the following cases:
> >
> >(...)
> >
> >Put a packet sniffer on the wire and look at what the Windows XP and the
> >Solaris machines are sending to the DHCP server. Ethereal is a good
> >choice (I think it changed name to Wire Shark somewhere along the way).
Thank you to all of youwho responded, and in particular to Javier and
Jeff for detailed info.
Bhoot Nath
>
Roy
>
>
> 5. When I use VPN to connect to my employer, my laptop can NO LONGER
> have "direct" internet connection. What I mean by this is somehow all
> ports are blocked, or DNS is reassigned such that I can only connect to
> m employer. I can not telnet /ssh to sonic, or be able to use internet
> explorer and go to yahoo.com. However, the DHCP lease requests (via
> ipconfig command) are getting through to sonic.
>
> 6. When I use Solaris machine to connect to the same VPN, on Solaris,
> the DHCP broadcasts DO NOT reach sonic. Therefore, eventually the lease
> expires without being renewed and the VPN connection is lost. Once VPN
> connection is lost, the DHCP renewal succeeds, but I have to restart
> the VPN session.
>
>
Your basic problem seems to be faulty VPN software and/or setup. In the
windows case, the VPN software seems smart enough to send the DHCP
request out the real interface while the Solaris version would send the
request out the VPN interface.
Why not buy a simple Linksys router and let it deal with sonic DHCP server
Roy
sod...@gmail.com
deja_bh...@yahoo.com wrote:
> 5. When I use VPN to connect to my employer, my laptop can NO LONGER
> have "direct" internet connection. What I mean by this is somehow all
> ports are blocked, or DNS is reassigned such that I can only connect to
> m employer. I can not telnet /ssh to sonic, or be able to use internet
> explorer and go to yahoo.com. However, the DHCP lease requests (via
> ipconfig command) are getting through to sonic.
Your VPN is probably setting up a new default route that routes all
traffic bound the the Internet through the VPN to your employer's
network instead. DHCP is a broadcast-based protocol, hence it won't
cross a router boundary, including the VPN.
Jeff Liebermann
>3. The DHCP server, when I use DSL at home, is from Sonic.Net.
What type of DSL account do you have that allows multiple DHCP
assigned IP's per user?
http://www.sonic.net/sales/broadband/dsl/residential.php
The dynamic IP accounts all allow exactly 1 IP address per account.
The static IP accounts can have one or more.
Do you have a router? Make and model please?
>5. When I use VPN to connect to my employer, my laptop can NO LONGER
>have "direct" internet connection.
That's exactly what a VPN is suppose to do. If you have "use gateway
on the remote server" set, then all internet traffic goes through the
VPN to the remote gateway and nowhere else. If you have it unset,
then all internet traffic goes to the local gateway. You can see the
action in Windoze XP with:
Start -> Run -> cmd <enter>
route print
Look at the last line for "default gateway". If the IP address is
part of the office VPN, you have all your internet traffic going
through the VPN to the office and to nowhere. I don't want to
speculate as to what the IP should be until I determine if you have a
router, and what type of service you have from Sonic.
Also, this is the reason you never want to use the same Class C IP
block for the remote VPN and for your local network. Lots of
potential for duplicate IP's and no easy way to unambiguously point to
the default gateway.
>What I mean by this is somehow all
>ports are blocked, or DNS is reassigned such that I can only connect to
>m employer.
They're not blocked. The default route it through the VPN and then to
nowhere.
>6. When I use Solaris machine to connect to the same VPN, on Solaris,
>the DHCP broadcasts DO NOT reach sonic. Therefore, eventually the lease
>expires without being renewed and the VPN connection is lost. Once VPN
>connection is lost, the DHCP renewal succeeds, but I have to restart
>the VPN session.
Ummmm... It's more likely that you're seeing the side effects of
switching between machines too quickly on a single DHCP IP address
lease. My guess(tm) is that you only can run one machine at a time,
and that Sonic is giving you the same IP address for both machines.
You need to wait a while for the ARP cache to flush before swapping
machines. Otherwise, the Sonic router's MAC address to IP table (ARP
table) still has the other machines MAC address in the table.
I think a phone call to Sonic support might be useful. Be sure to
explain what you're trying to accomplish first, before explaining
where you're stuck. If you're trying to connect two machines to the
internet simultaneously, with a single IP address account, you'll need
to buy a router that supports NAT. Also, be advised that many routers
only support one VPN pass through session from one computah.
Graham Freeman
> What type of DSL account do you have that allows multiple DHCP
> assigned IP's per user?
> http://www.sonic.net/sales/broadband/dsl/residential.php
> The dynamic IP accounts all allow exactly 1 IP address per account.
> The static IP accounts can have one or more.
Even with Sonic's static IP offerings, you can still obtain an IP via
DHCP. There's potential for confusion in that you could manually
configure one that would later be assigned to another of your devices
via DHCP, so Sonic recommends that you either use all DHCP or all
manually-configured. Otherwise, it's pretty handy.
--
Graham Freeman ::: Cernio Tech Co-op
+1 415 462 2991 ::: www.cernio.com
Consulting :: Hosting :: Community
deja_bh...@yahoo.com
Jeff Liebermann wrote:
> deja_bh...@yahoo.com hath wroth:
>
> >3. The DHCP server, when I use DSL at home, is from Sonic.Net.
>
> What type of DSL account do you have that allows multiple DHCP
> assigned IP's per user?
> http://www.sonic.net/sales/broadband/dsl/residential.php
> The dynamic IP accounts all allow exactly 1 IP address per account.
> The static IP accounts can have one or more.
>
> Do you have a router? Make and model please?
NO ROUTER INVOLVED. Only a DSL Modem, and the dynamic DSL service from
Sonic.net. I use PC / SOlaris this way.
Connect Solaris. Run "ifconfig" unix command to get an ip/lease. When I
am DONE with Solaris, I issue a "DHCP RELEASE" command (something like
ifconfig -d hme0 dhcp release). This RELEASES the hardware address
(MAC?) of the Solaris that is bound to the DHCP issued IP address.
Then I plug in the WIndows laptop. It either automatically gets a new
lease (or I can issue ipconfig /renew command).
I am NEVER using two machines at the same time. Always only one
machine, plugging and unplugging as needed. There is no need to use
both the machines at the same time. In fact, the Solaris machine is
getting very old (Ultra Sparc 5, with just 128MB memory), so we may
chuck it out one of these days..
>
> >5. When I use VPN to connect to my employer, my laptop can NO LONGER
> >have "direct" internet connection.
>
> That's exactly what a VPN is suppose to do. If you have "use gateway
> on the remote server" set, then all internet traffic goes through the
> VPN to the remote gateway and nowhere else. If you have it unset,
> then all internet traffic goes to the local gateway. You can see the
> action in Windoze XP with:
> Start -> Run -> cmd <enter>
> route print
> Look at the last line for "default gateway". If the IP address is
> part of the office VPN, you have all your internet traffic going
> through the VPN to the office and to nowhere.
OK, I will check that.
>
> >6. When I use Solaris machine to connect to the same VPN, on Solaris,
> >the DHCP broadcasts DO NOT reach sonic. Therefore, eventually the lease
> >expires without being renewed and the VPN connection is lost. Once VPN
> >connection is lost, the DHCP renewal succeeds, but I have to restart
> >the VPN session.
>
> Ummmm... It's more likely that you're seeing the side effects of
> switching between machines too quickly on a single DHCP IP address
> lease. My guess(tm) is that you only can run one machine at a time,
> and that Sonic is giving you the same IP address for both machines.
> You need to wait a while for the ARP cache to flush before swapping
> machines. Otherwise, the Sonic router's MAC address to IP table (ARP
> table) still has the other machines MAC address in the table.
Jeff, good guess, but in this case, incorrect :)
Everytime when I switch computers, I RELEASE the MAC address by issuing
"ifconfig -d hme0 dhcp release" on Solaris or by issuing "ipconfig
/release" on the Windows XP laptop. Otherwise, the DSL can not be used
on the other machine!
In fact, after I issue the release command, I have to wait a few
seconds for the broadcast to go thorugh and for release to be
effective. If I issue the release command and quickly switch the cable,
I have noticed that the release comand did not go through.
>
> I think a phone call to Sonic support might be useful. Be sure to
> explain what you're trying to accomplish first, before explaining
> where you're stuck. If you're trying to connect two machines to the
> internet simultaneously, with a single IP address account, you'll need
> to buy a router that supports NAT. Also, be advised that many routers
> only support one VPN pass through session from one computah.
I am a bit lazy (in calling Sonic), and frugal (not wanting to buy a
router). I really do not have ongoing need to have two or more
computers connected. If some one is throwing a cheap router, on the
other hand .... (The DSL cost is reimbursed by employer).
Anyway, my objectives are two:
1. Windows laptop: Be able to request or get LONGER lease time using a
windows laptop. I right now do this with a simple batch file (sleep
1800 seconds; issue ipconfig /renew command; go to sleep label .. an
infinite loop, running in a minimized CMD/Dos window). It would be nice
to not have to run the batch file.
2. SOLARIS: Be able to broadcast the DHCP "renew lease" command to the
Sonic DHCP server, even while VPN is active. The VPN, by the way, is
OFFICIAL client issued by a company which used to advertise "we are the
dot in dot-com" but has almost become a dot-bust company!
Bhoot Nath
Roy
>
>> 5. When I use VPN to connect to my employer, my laptop can NO LONGER
>> have "direct" internet connection.
>
> That's exactly what a VPN is suppose to do. If you have "use gateway
> on the remote server" set, then all internet traffic goes through the
> VPN to the remote gateway and nowhere else. If you have it unset,
> then all internet traffic goes to the local gateway. You can see the
> action in Windoze XP with:
> Start -> Run -> cmd <enter>
> route print
> Look at the last line for "default gateway". If the IP address is
> part of the office VPN, you have all your internet traffic going
> through the VPN to the office and to nowhere. I don't want to
> speculate as to what the IP should be until I determine if you have a
> router, and what type of service you have from Sonic.
>
> Also, this is the reason you never want to use the same Class C IP
> block for the remote VPN and for your local network. Lots of
> potential for duplicate IP's and no easy way to unambiguously point to
> the default gateway.
>
Actually VPN client can operate in the mode you describe or in "split
tunnel" mode where only the IP addresses that belong to the "company"
network are routed through the tunnel. It depends on how paranoid the
company is. Most companies start in the restricted mode and then
realize that with all the problems it causes, the split tunnel is an
acceptable risk.
You can read about split tunnel at
http://www142.nortelnetworks.com/bvdoc/contivity/doc_html/315899A00/chapte7a.htm
The tunneling is what is causing the DHCP renew problem. During the
renew phase, the DHCP client sends the renewal request directly to the
DHCP server at it's IP address. If the VPN client sends that request
into the VPN, the DHCP lease will not renew.
Roy
Jeff Liebermann
>Jeff, good guess, but in this case, incorrect :)
Try this simple test.
Unplug the DSL modem and both computers.
Leave them sit disconnected or preferably off (to avoid an inadvertent
DHCP renewal) for at least 20 minutes. 20 minutes is the default
expiration time for the ARP cache on most routers.
Then, plug in the Windoze box and see what length lease time you get.
Jeff Liebermann
>Actually VPN client can operate in the mode you describe or in "split
>tunnel" mode where only the IP addresses that belong to the "company"
>network are routed through the tunnel. It depends on how paranoid the
>company is. Most companies start in the restricted mode and then
>realize that with all the problems it causes, the split tunnel is an
>acceptable risk.
I've never heard it referred to as a split tunnel but I see the point.
The few companies I deal with that use VPN's for remote access tend to
favor blocking local LAN traffic. That's because the most common
problem is not printing to a home network printer, but rather the kids
virus and worm infected computer on the same LAN attacking the
corporate LAN through the VPN. By allowing access to the local LAN
(and local gateway) at the same time as the VPN, this is a real risk.
>You can read about split tunnel at
>http://www142.nortelnetworks.com/bvdoc/contivity/doc_html/315899A00/chapte7a.htm
>
>The tunneling is what is causing the DHCP renew problem. During the
>renew phase, the DHCP client sends the renewal request directly to the
>DHCP server at it's IP address. If the VPN client sends that request
>into the VPN, the DHCP lease will not renew.
>Roy
That sounds reasonable, but I'm suspicious. Might as well try it.
This is what the route table looks like with the default gateway set
to my local router (192.168.1.1) and the remote VPN gateway
(192.168.111.141) using MS PPTP to a WRT54G.
192.168.1.xxx is home network. 192.168.111.xxx is office VPN.
I deleted loopback, multicast, and Net 44 just for clarity.
Default gateway set to the local router. I have a route to my local
router at 192.168.1.1 and DHCP renewal seems to work. All is working
normally.
| Active Routes:
| Network Destination Netmask Gateway Interface Metric
| 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.11 1
| 63.198.98.51 255.255.255.255 192.168.1.1 192.168.1.11 1
| 192.168.0.0 255.255.255.0 192.168.1.11 192.168.1.11 1
| 192.168.1.255 255.255.255.255 192.168.1.11 192.168.1.11 1
| 192.168.111.0 255.255.255.255 192.168.111.141 192.168.111.141 1
| 192.168.111.255 255.255.255.255 192.168.111.141 192.168.111.141 1
| 255.255.255.255 255.255.255.255 192.168.111.141 1000003 1
| Default Gateway: 192.168.1.1
Now, I change the default route to the VPN gateway and reconnect.
| Active Routes:
| Network Destination Netmask Gateway Interface Metric
| 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.11 2
| 0.0.0.0 0.0.0.0 192.168.111.141 192.168.111.141 1
| 63.198.98.51 255.255.255.255 192.168.1.1 192.168.1.11 1
| 192.168.1.0 255.255.255.0 192.168.1.11 192.168.1.11 1
| 192.168.1.255 255.255.255.255 192.168.1.11 192.168.1.11 1
| 192.168.111.255 255.255.255.255 192.168.111.141 192.168.111.141 1
| 255.255.255.255 255.255.255.255 192.168.111.141 1000003 1
| Default Gateway: 192.168.111.141
I can still ping my local router 192.168.1.1 and DHCP release/renew
seems to work. I can't ping my networked printer or other machines on
my LAN, but I can ping the router. So much for that theory.
Roy
>...
Let me address the DHCP issue. You have leaped to a assumption that
Sonic's DHCP server is local to the subnet that the client is on. I
don't know if this is true or not. There is no technical limitation
restricting the location of the DHCP server. Smart routers have DHCP
helper functions which relay the DHCP broadcasts to a distant server so
the DHCP server can be anywhere in the world.
Roy
Roy
> Roy <aa...@aa4re.ampr.org> hath wroth:
>
>> Actually VPN client can operate in the mode you describe or in "split
>> tunnel" mode where only the IP addresses that belong to the "company"
>> network are routed through the tunnel. It depends on how paranoid the
>> company is. Most companies start in the restricted mode and then
>> realize that with all the problems it causes, the split tunnel is an
>> acceptable risk.
>
> I've never heard it referred to as a split tunnel but I see the point.
> The few companies I deal with that use VPN's for remote access tend to
> favor blocking local LAN traffic. That's because the most common
> problem is not printing to a home network printer, but rather the kids
> virus and worm infected computer on the same LAN attacking the
> corporate LAN through the VPN. By allowing access to the local LAN
> (and local gateway) at the same time as the VPN, this is a real risk.
>
There is a fallacy to this logic. The function of preventing the client
computer from acting as relay for a bad guy on the local subnet is up to
the client OS. That relay is not going to be inhibited by the VPN
tunnel as long as the local subnet is still accessible (as you outlined
in the rest of your note about the DHCP function). If the client is
susceptible to relay, the relay will occur no matter what mode the VPN
tunnel is in.
What the restrictive VPN tunnel does prevent is someone on the Internet
from using an application on the client to gain access to VPN. I know
of multiple cases where someone was using GotoMyPC to a friend's
computer and thus gained access to the friend's employer's network.
That is the primary purpose of the very restrictive VPN mode.
Roy
Jeff Liebermann
>Let me address the DHCP issue. You have leaped to a assumption that
>Sonic's DHCP server is local to the subnet that the client is on. I
>don't know if this is true or not.
Leap implies going downward. I prefer to "jump" to my conclusions,
which implies going up.
I tweaked the settings on my desktop to have the default route outside
the netmask address range. I can still ping the router, DHCP release
and renew work, but I can't ping any of the other machines on my LAN.
Therefore, if Sonic's gateway router were outside the netmask IP
address range of the clients setup, DHCP would still work because
there has to be a route to the gateway router in order for anything to
work. It's possible that the DHCP server would have a different IP
address as the default gateway, which would certainly cause the
renewal problem you describe, but not if the gateway and DHCP server
(or DHCP relay server) were all the same IP.
I don't know what netmask the Sonic DHCP server issues for a single
dynamic IP address but I don't think it's relevent. Even if it were
one of those strange netmasks of 255.255.255.255 that shovels
everything including broadcasts to one IP address, it would still work
if the DHCP server and the gateway router had the same IP address.
>There is no technical limitation
>restricting the location of the DHCP server. Smart routers have DHCP
>helper functions which relay the DHCP broadcasts to a distant server so
>the DHCP server can be anywhere in the world.
True. However the DHCP relay is usually implimented in the gateway
router, which gives the DHCP relay server the same IP as the gateway
router.
However, after scribbling all this, I think you may have something.
Some of the early Unix and Windoze incantation absolutely would not
work if the default gateway was outside the netmask IP range. If
Sonic does this, and the Solaris operating system is sufficient
ancient to qualify, it might explain the problem.
Tony Rall
> However, after scribbling all this, I think you may have something.
> Some of the early Unix and Windoze incantation absolutely would not
> work if the default gateway was outside the netmask IP range. If
> Sonic does this, and the Solaris operating system is sufficient
> ancient to qualify, it might explain the problem.
Actually, all IP stacks should fail to reach remote networks if the
gateway to that network is not on a directly connected subnet.
Namely, the gateway address must be within the address/mask of one of
your interfaces (or it must be a point-to-point link).
If your previous test worked as you described, my guess is that you
had it configured normally, then manually changed the config but did
not reboot. The arp table entry of the gateway was still in the arp
cache. Run your test again, except first clear the arp cache with (on
an XP system) "arp -d *".
--
Tony Rall
deja_bh...@yahoo.com
Jeff Liebermann wrote:
>
This discussion has taken quite a turn, usual with Usenet, but I
learned a few things. So, Roy & Jeff & others, thank you!
>
> I don't know what netmask the Sonic DHCP server issues for a single
> dynamic IP address but I don't think it's relevent. Even if it were
> one of those strange netmasks of 255.255.255.255 that shovels
> everything including broadcasts to one IP address, it would still work
> if the DHCP server and the gateway router had the same IP address.
Sonic.net assigs the following: (xxx are same in all cases; yyy are
same in all cases)
The dynamic ip address: 209.xxx.yyy.zzz (SAME address everytime.
Sonic.net guarantees that my dynamic address will be from
209.xxx.yyy.z1 through 209.xxx.yyy.z2 range, and z1 and z2 are exactly
the same.)
Default gateway: 209.xxx.yyy.1
Subnet mask: 255.255.255.0
DHCP Server: 64.aaa.bbb.cc (entire different range)
DNS servers: 208.201.224.11 and .33 (ns1.sonic.net and ns2.sonic.net)
>
> >There is no technical limitation
> >restricting the location of the DHCP server. Smart routers have DHCP
> >helper functions which relay the DHCP broadcasts to a distant server so
> >the DHCP server can be anywhere in the world.
Seems like the Sonic.net DHCP Server (64.something) is in an entirely
different ip range than the other Sonic ip range (209.something)
>
> True. However the DHCP relay is usually implimented in the gateway
> router, which gives the DHCP relay server the same IP as the gateway
> router.
>
> However, after scribbling all this, I think you may have something.
> Some of the early Unix and Windoze incantation absolutely would not
> work if the default gateway was outside the netmask IP range. If
> Sonic does this, and the Solaris operating system is sufficient
> ancient to qualify, it might explain the problem.
Well, Solaris is 9.0, failrly recent. The behavior was exactly the same
with Solaris 8.0; Sonic.net gives a 24-hour lease on ip for Solaris 8 &
9; and the VPN of SUN Microsystem blocks ALL other communication.
Actually, the VPN client is rom Cisco, SUn just distributes it.
The Windows XP laptop is current with all of MS patches/updates. It
gets a lease time of just 1 hour. If I do not have VPN running, lease
auto renews. If I have VPN running, the auto-renew does not happen.
However, I can launch ipcopnfig from a batch file which does renew the
lease (and the batch file sleeps, and loops and loops ...).
Bhoot Nath
deja_bh...@yahoo.com
"[...] the default lease time is 3600 seconds, the maximum allowed
lease time is 86400 seconds (one day). If you configure your client to
ask for a lease of one day in length, our
server should have no problem giving it to you. "
On Solaris machine, I can put the optional lease duration parameter in
a confg file, and indeed that is being passed on to the sonic.net dhcp
server, and the lease is being issued for a full 1 day.
The default windows XP DHCP client (ipconfig) does not have any way to
pass on the optional parameter related to lease duration. I would
appreciate pointes to any add-on software for Windwos XP that will
allow me to pass on the optional lease duration parameter to sonic.net
DHCP servers.
Thanks.
Jeff Liebermann
>I received the following response from Sonic.Net customer support.
>
>"[...] the default lease time is 3600 seconds, the maximum allowed
>lease time is 86400 seconds (one day). If you configure your client to
>ask for a lease of one day in length, our
>server should have no problem giving it to you. "
OK, that explains the short lease time for Windoze.
>On Solaris machine, I can put the optional lease duration parameter in
>a confg file, and indeed that is being passed on to the sonic.net dhcp
>server, and the lease is being issued for a full 1 day.
>
>The default windows XP DHCP client (ipconfig) does not have any way to
>pass on the optional parameter related to lease duration. I would
>appreciate pointes to any add-on software for Windwos XP that will
>allow me to pass on the optional lease duration parameter to sonic.net
>DHCP servers.
>
>Thanks.
I would think the netsh command in Windoze would do it, but I can't
find any specific references.
I did find some registry keys that have something to do with DHCP
leases.
http://support.microsoft.com/kb/314053
Search for "lease", "LeaseObtainedTime", and "LeaseTerminatesTime".
I'll dig some more later...
--
# Jeff Liebermann 150 Felker St #D Santa Cruz CA 95060
# 831-336-2558 je...@comix.santa-cruz.ca.us
# http://802.11junk.com je...@cruzio.com
# http://www.LearnByDestroying.com AE6KS