1. Your DHCP lease is 6600 seconds (110 minutes), much longer than the 5-10 minutes you say it takes for the problem to start.
This does not endorse my earlier guess about what your problem is; you should investigate the duplexing suggestion that Alex made before pursuing this level any further.Oct 14 00:15:49 M7r3f5 dhclient: bound to 62.24.66.141 -- renewal in 6600 seconds.
2. I assume you are sending us a mix of reports for different runs, since the external IP addresses are so different. In contrast to the external address you report being assigned above, you later report this external interface and network:
2: eth0: mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:20:18:64:8e:7e brd ff:ff:ff:ff:ff:ff
inet 62.245.70.229/24 brd 62.245.70.255 scope global eth0
... and ...
Although it is not an immediate concern (see item 1), in general it is bad practice to assemble a report by combining bits and pieces from different times, without explanation.Kernel IP routing table [...] 62.245.70.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0.0.0.0 62.245.70.1 0.0.0.0 UG 0 0 0 eth0
3. You ask ...
I am slightly puzzled as to why you are getting offers from different DHCP servers at (considerably) different times, but this question is better put to your (as yet unnamed, to us) ISP than to us. I'll *guess* that the private-address server makes the initial offers because it somehow authenticates the MAC addresses, then the public address makes later offers to avoid crashing into firewalls that block private addresses on the external interface (pretty clever, actually, for an ISP, if that is what they are doing).I dont know, why is here DHCPACK from 10.0.255.1 and later DHCPACK from 62.24.64.9. ?????????????? ?????????????????????? And why is the adress 10.0.255. I think it should be reserved for internal networks. ???
As a general matter, it is not at all unusual for an ISP to use a 10.b.c.d address for a DHCP server. It works very nicely, actually, since they want to limit the scope of the server to their own netwotk anyway, making a private address an ideal choice.
4. Next, you ask:
This is a common default IP address for firewalling routers, so the correspondence is likely just to be a coincidence. Since this is a DHCP broadcast packet (from the DHCP client port to the DHCP server port), it is probably just another user on the cable-modem network requesting a DHCP lease.In Bearing distro I found in log: (!!!) Oct 14 23:13:05 firewall kernel: Shorewall:rfc1918:DROP:IN=eth0 OUT= MAC= SRC=192.168.1.254 DST=255.255.255.255 LEN=576 TOS=0x00 PREC=0x00 TTL=64 ID=8128 DF PROTO=UDP SPT=68 DPT=67 LEN=556 (Why is SRC=192.168.1.254 on eth0??????? This is IP of my router at internal network!)
5. Finally, you ask:
This one could be contributing to your problem, -IF- at this point your external interface has address 62.245.70.176 (hard to know, since you're other pieces already mention *two* other external IP addresses at different times). If this is your external address, then what you are seeing here (the first log line) is Shorewall blocking a reply from a DHCP server to your DHCP client ... it is probably followed shortly by a loss of connectivity (either because you lose your external-address setting or because you keep it but the ISP will no longer route it ... which way it fails depends on details you haven't told us). The second log line is like nothing I've seen before and I do not know either what generated it or what it means.Oct 14 23:13:05 firewall kernel: Shorewall:rfc1918:DROP:IN=eth0 OUT=eth0 SRC=10.0.255.1 DST=62.245.70.176 LEN=328 TOS=0x00 PREC=0x00 TTL=62 ID=29104 PROTO=UDP SPT=67 DPT=68 LEN=308 Oct 14 23:13:05 firewall root: The /etc/shorewall/pump script is called with arg up eth0 62.245.70.176
This, BTW, is the problem I suggested you might have in my prior message.
At 11:41 PM 11/4/02 +0100, Vaclav Bouse wrote:
I wanted to say that I tried to use both distibutions: Dachstein and Bering (and not together :-)). (And I still don't know which one I should use.) Andi in BOTH distros I found this problem. At the and of this file I'm sending all logs, which I made during my tests. Sorry for this disorder, but I haven't that cable-modem at home (it's located at my friend's flat in the same house). I haven't done any changes in routing (I've just configured network interfaces) at the original configuration. But as I wrote: If I restarted computer (roter), it DOESN'T solve this problem. ONLY possible solution is restart cable modem (power off them for a while or press small button on it's back side). After that it's possible to get new lease after restart. And what about the idea from Alex Ryabtsev, that it could be with full-duplex mode? I'm not sure in which mode the card is and i can check it now, because I haven't this card at home just now. And I've just downloaded new version of Bering, but I've founded some strange things there (like upper-case commands and strange editor). Shoud i use Bering or Dachstein for this applicaton?
[log details deleted] -- -------------------------------------------"Never tell me the odds!"-------- Ray Olszewski -- Han Solo Palo Alto, California, USA [EMAIL PROTECTED] ------------------------------------------------------------------------------- ------------------------------------------------------- This SF.net email is sponsored by: ApacheCon, November 18-21 in Las Vegas (supported by COMDEX), the only Apache event to be fully supported by the ASF. http://www.apachecon.com ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
