This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DHCP issues on External Interface with ISP

I have been using UTM for many years now... 6+?  When I first started, there were issues with certain Intel nics when used with DHCP and Cable Modems.

Lately, I have been having problems again.  I have had MANY calls with my ISP, I even went ahead and bought new hardware for my UTM.  Same problem.  I rarely get an IP address from my ISP and when I do, the external interface will only stay "up" for a brief period - and then drop again.

I plugged my "Gateway desktop" directly into my Cable Modem and it ran without an issue for 3 days.  Then I added an ASUS RT-N66 in as a "router".  That ran fine for a week - with A LOT of traffic going through it. 

I add the UTM and BAM!  I am back down again.

My question is - WHERE do I begin to troubleshoot this?  confd logs?  TCPDUMP?  My UTM seems happy to get a DCHP address from my ASUS if I test it that way...  I don't want to bail on Sophos, but I don't know what else to do.  Many years ago, I put an old router between my Cable Modem and my Sophos machine.  I really don't want to do that again.

UTM 9.355-1       

External NIC is an Intel Gigabit PCIe   EXPI9301CT

Quad core i3 with 4GB RAM, 160 GB HDD

Thoughts?  Advice, Similar issues?



This thread was automatically locked due to age.
Parents
  • Here are some messages in the Kernel Log:

    2016:04:23-10:48:12 gateway kernel: [  758.377493] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-10:48:23 gateway kernel: [  768.939643] e1000e: eth1 NIC Link is Down
    2016:04:23-10:48:30 gateway kernel: [  776.442181] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-10:50:00 gateway kernel: [  865.821230] e1000e: eth1 NIC Link is Down
    2016:04:23-10:50:38 gateway kernel: [  904.658553] IPv6: ADDRCONF(NETDEV_UP): eth1: link is not ready
    2016:04:23-10:50:41 gateway kernel: [  907.540737] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-10:50:41 gateway kernel: [  907.541064] IPv6: ADDRCONF(NETDEV_CHANGE): eth1: link becomes ready
    2016:04:23-10:51:19 gateway kernel: [  945.682526] e1000e: eth1 NIC Link is Down
    2016:04:23-10:51:22 gateway kernel: [  948.592871] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-10:53:35 gateway kernel: [ 1081.254428] e1000e: eth1 NIC Link is Down
    2016:04:23-10:53:50 gateway kernel: [ 1095.778970] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-10:54:00 gateway kernel: [ 1106.173764] e1000e: eth1 NIC Link is Down
    2016:04:23-10:54:09 gateway kernel: [ 1115.080085] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-10:56:57 gateway kernel: [ 1282.675651] e1000e: eth1 NIC Link is Down
    2016:04:23-10:57:00 gateway kernel: [ 1285.530112] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-10:57:56 gateway kernel: [ 1341.405767] e1000e: eth1 NIC Link is Down
    2016:04:23-10:58:10 gateway kernel: [ 1355.562596] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-10:58:17 gateway kernel: [ 1362.775461] e1000e: eth1 NIC Link is Down
    2016:04:23-10:58:24 gateway kernel: [ 1370.230352] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-11:00:13 gateway kernel: [ 1479.090491] e1000e: eth1 NIC Link is Down
    2016:04:23-11:00:23 gateway kernel: [ 1488.552889] IPv6: ADDRCONF(NETDEV_UP): eth1: link is not ready
    2016:04:23-11:00:26 gateway kernel: [ 1491.407113] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-11:00:26 gateway kernel: [ 1491.407441] IPv6: ADDRCONF(NETDEV_CHANGE): eth1: link becomes ready
    2016:04:23-11:01:14 gateway kernel: [ 1539.397573] e1000e: eth1 NIC Link is Down
    2016:04:23-11:01:17 gateway kernel: [ 1542.335965] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-11:02:10 gateway kernel: [ 1595.493949] e1000e: eth1 NIC Link is Down
    2016:04:23-11:02:24 gateway kernel: [ 1609.590857] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-11:02:34 gateway kernel: [ 1619.613758] e1000e: eth1 NIC Link is Down
    2016:04:23-11:02:43 gateway kernel: [ 1628.588096] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-11:05:27 gateway kernel: [ 1792.651664] e1000e: eth1 NIC Link is Down
    2016:04:23-11:05:30 gateway kernel: [ 1795.561956] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-11:06:22 gateway kernel: [ 1846.948419] e1000e: eth1 NIC Link is Down
    2016:04:23-11:06:26 gateway kernel: [ 1851.754167] e1000e: eth1 NIC Link is Down
    2016:04:23-11:06:26 gateway kernel: [ 1851.917813] IPv6: ADDRCONF(NETDEV_UP): eth1: link is not ready
    2016:04:23-11:06:34 gateway kernel: [ 1859.802306] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-11:06:34 gateway kernel: [ 1859.802634] IPv6: ADDRCONF(NETDEV_CHANGE): eth1: link becomes ready
    2016:04:23-11:06:43 gateway kernel: [ 1868.118537] e1000e: eth1 NIC Link is Down
    2016:04:23-11:06:50 gateway kernel: [ 1875.610180] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-11:09:39 gateway kernel: [ 2044.313620] e1000e: eth1 NIC Link is Down
    2016:04:23-11:09:42 gateway kernel: [ 2047.200097] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-11:10:29 gateway kernel: [ 2094.644769] e1000e: eth1 NIC Link is Down
    2016:04:23-11:10:30 gateway kernel: [ 2094.809929] IPv6: ADDRCONF(NETDEV_UP): eth1: link is not ready
    2016:04:23-11:10:33 gateway kernel: [ 2098.224747] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-11:10:33 gateway kernel: [ 2098.225075] IPv6: ADDRCONF(NETDEV_CHANGE): eth1: link becomes ready
    2016:04:23-11:10:35 gateway kernel: [ 2099.974377] e1000e: eth1 NIC Link is Down
    2016:04:23-11:10:49 gateway kernel: [ 2114.168435] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-11:10:56 gateway kernel: [ 2121.041660] e1000e: eth1 NIC Link is Down
    2016:04:23-11:11:05 gateway kernel: [ 2129.998125] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-11:13:53 gateway kernel: [ 2297.890733] e1000e: eth1 NIC Link is Down
    2016:04:23-11:13:56 gateway kernel: [ 2300.797848] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-11:14:48 gateway kernel: [ 2352.542868] e1000e: eth1 NIC Link is Down
    2016:04:23-11:15:02 gateway kernel: [ 2366.648262] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-11:15:09 gateway kernel: [ 2374.197185] e1000e: eth1 NIC Link is Down
    2016:04:23-11:15:17 gateway kernel: [ 2381.663877] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-11:18:06 gateway kernel: [ 2550.828143] e1000e: eth1 NIC Link is Down
    2016:04:23-11:18:09 gateway kernel: [ 2553.830462] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-11:19:01 gateway kernel: [ 2605.569639] e1000e: eth1 NIC Link is Down
    2016:04:23-11:19:15 gateway kernel: [ 2619.646567] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-11:19:22 gateway kernel: [ 2627.151254] e1000e: eth1 NIC Link is Down
    2016:04:23-11:19:30 gateway kernel: [ 2634.637771] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-11:22:20 gateway kernel: [ 2804.446769] e1000e: eth1 NIC Link is Down
    2016:04:23-11:22:23 gateway kernel: [ 2807.301248] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-11:23:14 gateway kernel: [ 2858.229197] e1000e: eth1 NIC Link is Down
    2016:04:23-11:23:28 gateway kernel: [ 2872.501973] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-11:23:38 gateway kernel: [ 2882.548564] e1000e: eth1 NIC Link is Down
    2016:04:23-11:23:47 gateway kernel: [ 2891.573787] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-11:26:31 gateway kernel: [ 3055.165531] e1000e: eth1 NIC Link is Down
    2016:04:23-11:26:34 gateway kernel: [ 3058.135767] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-11:27:25 gateway kernel: [ 3109.322109] e1000e: eth1 NIC Link is Down
    2016:04:23-11:27:39 gateway kernel: [ 3123.418906] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
    2016:04:23-11:27:49 gateway kernel: [ 3133.742888] e1000e: eth1 NIC Link is Down
    2016:04:23-11:27:58 gateway kernel: [ 3142.610223] e1000e: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx

  • What model cable modem are you using and how fast is your internet service?

  • The only DHCP logs I see are for the DHCP service (unless the client logs there too... I will check. 

    Also - I just saw the ethtool command... I will post the settings shortly.

  • One thing strange I see here is the MDI-X is set to ON.  I am NOT using a cross-over cable.  I forced it off, with no change.

    gateway:/root # ethtool eth1
    Settings for eth1:
            Supported ports: [ TP ]
            Supported link modes:   10baseT/Half 10baseT/Full
                                    100baseT/Half 100baseT/Full
                                    1000baseT/Full
            Supported pause frame use: No
            Supports auto-negotiation: Yes
            Advertised link modes:  10baseT/Half 10baseT/Full
                                    100baseT/Half 100baseT/Full
                                    1000baseT/Full
            Advertised pause frame use: No
            Advertised auto-negotiation: Yes
            Speed: 1000Mb/s
            Duplex: Full
            Port: Twisted Pair
            PHYAD: 1
            Transceiver: internal
            Auto-negotiation: on
            MDI-X: on (auto)
            Supports Wake-on: pumbg
            Wake-on: g
            Current message level: 0x00000007 (7)
                                   drv probe link
            Link detected: yes

  • That's a very reliable modem. I have noticed similar issues with my Xbox One. For some reason it doesn't like to auto negotiate the port speed while it's sleeping. I would try modifying the UTM interface hardware settings for that particular port to a fixed 100baseT-Full and see if that helps. You should reboot both devices after making the change so they both recognize the new speed.

  • Can I do that through the webadmin console or do I have to use the ethtool?  My understanding is that if I use the ethtool, it would not be persistent unless I modified a startup file or network config file somewhere.  Attached is my Interfaces page from Webadmin.

  • From that screen just click the Hardware tab... It's the very last tab on the Interfaces menu. Clear the auto negotiate box and then a drop down will appear.
  • OK - tried that.  Still no-go.  I also turned off the HA link option since this is only one node.  I did find a few interesting entries in the system messages and configuration daemon logs (I will insert here.)  Is there a way to insert the logs?  It looks like I just have to paste them into this window..

    confd.log

    2016:04:24-11:45:30 gateway confd[6980]: I Role::authenticate:177() => id="3106" severity="info" sys="System" sub="confd" name="authentication successful" user="bkblank" srcip="192.168.2.104" sid="tOXBugVmgxSiDtLUBMBo" facility="webadmin" client="webadmin.plx" call="new"<31>Apr 24 11:45:30 confd[6980]: D sys::AUTOLOAD:302() => id="3100" severity="debug" sys="System" sub="confd" name="external call" user="bkblank" srcip="192.168.2.104" facility="webadmin" client="webadmin.plx" lock="none" method="get_SID"
    2016:04:24-11:46:10 gateway confd[3505]: I main::top-level:677() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="itfparams" type="primary" ref="REF_ItfPri000024" objname="209.162.52.42/26" user="system" srcip="127.0.0.1" sid="iPrGnWXfZZHAJraWBFDA" facility="system" client="dhcp_updown" pid="7155" attr_default_gateway_address="209.162.52.1" oldattr_dns_server_1="0.0.0.0" oldattr_netmask="0" attr_address="209.162.52.42" attr_dns_server_2="207.69.188.186" oldattr_name="0.0.0.0/0" oldattr_dns_server_2="0.0.0.0" attr_name="209.162.52.42/26" attr_resolved="1" oldattr_address="0.0.0.0" attr_dns_server_1="207.69.188.185" oldattr_resolved="0" oldattr_default_gateway_address="0.0.0.0" attr_netmask="26"
    2016:04:24-11:46:10 gateway confd[3505]: I main::top-level:677() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="network" type="interface_address" ref="REF_NetIntExterWanAddre" objname="External (WAN) (Address)" user="system" srcip="127.0.0.1" sid="iPrGnWXfZZHAJraWBFDA" facility="system" client="dhcp_updown" pid="7155" attr_address="209.162.52.42" attr_resolved="1" oldattr_address="0.0.0.0" oldattr_resolved="0"
    2016:04:24-11:46:10 gateway confd[3505]: I main::top-level:677() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="network" type="interface_network" ref="REF_NetIntExterWanNetwo" objname="External (WAN) (Network)" user="system" srcip="127.0.0.1" sid="iPrGnWXfZZHAJraWBFDA" facility="system" client="dhcp_updown" pid="7155" oldattr_netmask="0" attr_address="209.162.52.0" attr_resolved="1" oldattr_address="0.0.0.0" oldattr_resolved="0" attr_netmask="26"
    2016:04:24-11:46:10 gateway confd[3505]: I main::top-level:677() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="network" type="interface_broadcast" ref="REF_NetIntExterWanBroad" objname="External (WAN) (Broadcast)" user="system" srcip="127.0.0.1" sid="iPrGnWXfZZHAJraWBFDA" facility="system" client="dhcp_updown" pid="7155" attr_address="209.162.52.63" attr_resolved="1" oldattr_address="0.0.0.0" oldattr_resolved="0"
    2016:04:24-11:46:10 gateway confd[3505]: I main::top-level:774() => id="310n" severity="info" sys="System" sub="confd" name="applied changes" user="system" srcip="127.0.0.1" sid="iPrGnWXfZZHAJraWBFDA" facility="system" client="dhcp_updown" pid="7155" version="7" storage="/cfg"
    2016:04:24-11:46:20 gateway confd[3505]: I main::top-level:677() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="itfparams" type="primary" ref="REF_ItfPri000024" objname="0.0.0.0/0" user="system" srcip="127.0.0.1" sid="ZdYdICPnTolQJwXHscOH" facility="system" client="dhcp_updown" pid="7235" attr_default_gateway_address="0.0.0.0" oldattr_dns_server_1="207.69.188.185" oldattr_netmask="26" attr_address="0.0.0.0" attr_dns_server_2="0.0.0.0" oldattr_name="209.162.52.42/26" oldattr_dns_server_2="207.69.188.186" attr_name="0.0.0.0/0" attr_resolved="0" oldattr_address="209.162.52.42" attr_dns_server_1="0.0.0.0" oldattr_resolved="1" oldattr_default_gateway_address="209.162.52.1" attr_netmask="0"
    2016:04:24-11:46:20 gateway confd[3505]: I main::top-level:677() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="network" type="interface_address" ref="REF_NetIntExterWanAddre" objname="External (WAN) (Address)" user="system" srcip="127.0.0.1" sid="ZdYdICPnTolQJwXHscOH" facility="system" client="dhcp_updown" pid="7235" attr_address="0.0.0.0" attr_resolved="0" oldattr_address="209.162.52.42" oldattr_resolved="1"
    2016:04:24-11:46:20 gateway confd[3505]: I main::top-level:677() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="network" type="interface_network" ref="REF_NetIntExterWanNetwo" objname="External (WAN) (Network)" user="system" srcip="127.0.0.1" sid="ZdYdICPnTolQJwXHscOH" facility="system" client="dhcp_updown" pid="7235" oldattr_netmask="26" attr_address="0.0.0.0" attr_resolved="0" oldattr_address="209.162.52.0" oldattr_resolved="1" attr_netmask="0"
    2016:04:24-11:46:20 gateway confd[3505]: I main::top-level:677() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="network" type="interface_broadcast" ref="REF_NetIntExterWanBroad" objname="External (WAN) (Broadcast)" user="system" srcip="127.0.0.1" sid="ZdYdICPnTolQJwXHscOH" facility="system" client="dhcp_updown" pid="7235" attr_address="0.0.0.0" attr_resolved="0" oldattr_address="209.162.52.63" oldattr_resolved="1"
    2016:04:24-11:46:20 gateway confd[3505]: I main::top-level:774() => id="310n" severity="info" sys="System" sub="confd" name="applied changes" user="system" srcip="127.0.0.1" sid="ZdYdICPnTolQJwXHscOH" facility="system" client="dhcp_updown" pid="7235" version="8" storage="/cfg"
    2016:04:24-11:46:32 gateway confd[3505]: I main::top-level:677() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="itfparams" type="primary" ref="REF_ItfPri000024" objname="209.162.52.42/26" user="system" srcip="127.0.0.1" sid="fLpBLcZXSmexaCYqKpyo" facility="system" client="dhcp_updown" pid="7328" attr_default_gateway_address="209.162.52.1" oldattr_dns_server_1="0.0.0.0" oldattr_netmask="0" attr_address="209.162.52.42" attr_dns_server_2="207.69.188.186" oldattr_name="0.0.0.0/0" oldattr_dns_server_2="0.0.0.0" attr_name="209.162.52.42/26" attr_resolved="1" oldattr_address="0.0.0.0" attr_dns_server_1="207.69.188.185" oldattr_resolved="0" oldattr_default_gateway_address="0.0.0.0" attr_netmask="26"
    2016:04:24-11:46:32 gateway confd[3505]: I main::top-level:677() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="network" type="interface_address" ref="REF_NetIntExterWanAddre" objname="External (WAN) (Address)" user="system" srcip="127.0.0.1" sid="fLpBLcZXSmexaCYqKpyo" facility="system" client="dhcp_updown" pid="7328" attr_address="209.162.52.42" attr_resolved="1" oldattr_address="0.0.0.0" oldattr_resolved="0"
    2016:04:24-11:46:32 gateway confd[3505]: I main::top-level:677() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="network" type="interface_network" ref="REF_NetIntExterWanNetwo" objname="External (WAN) (Network)" user="system" srcip="127.0.0.1" sid="fLpBLcZXSmexaCYqKpyo" facility="system" client="dhcp_updown" pid="7328" oldattr_netmask="0" attr_address="209.162.52.0" attr_resolved="1" oldattr_address="0.0.0.0" oldattr_resolved="0" attr_netmask="26"
    2016:04:24-11:46:32 gateway confd[3505]: I main::top-level:677() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="network" type="interface_broadcast" ref="REF_NetIntExterWanBroad" objname="External (WAN) (Broadcast)" user="system" srcip="127.0.0.1" sid="fLpBLcZXSmexaCYqKpyo" facility="system" client="dhcp_updown" pid="7328" attr_address="209.162.52.63" attr_resolved="1" oldattr_address="0.0.0.0" oldattr_resolved="0"
    2016:04:24-11:46:32 gateway confd[3505]: I main::top-level:774() => id="310n" severity="info" sys="System" sub="confd" name="applied changes" user="system" srcip="127.0.0.1" sid="fLpBLcZXSmexaCYqKpyo" facility="system" client="dhcp_updown" pid="7328" version="9" storage="/cfg"
    2016:04:24-11:46:42 gateway confd[3505]: I main::top-level:677() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="itfparams" type="primary" ref="REF_ItfPri000024" objname="0.0.0.0/0" user="system" srcip="127.0.0.1" sid="NGWrjOwdGsWIVBpcIfDw" facility="system" client="dhcp_updown" pid="7408" attr_default_gateway_address="0.0.0.0" oldattr_dns_server_1="207.69.188.185" oldattr_netmask="26" attr_address="0.0.0.0" attr_dns_server_2="0.0.0.0" oldattr_name="209.162.52.42/26" oldattr_dns_server_2="207.69.188.186" attr_name="0.0.0.0/0" attr_resolved="0" oldattr_address="209.162.52.42" attr_dns_server_1="0.0.0.0" oldattr_resolved="1" oldattr_default_gateway_address="209.162.52.1" attr_netmask="0"
    2016:04:24-11:46:42 gateway confd[3505]: I main::top-level:677() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="network" type="interface_address" ref="REF_NetIntExterWanAddre" objname="External (WAN) (Address)" user="system" srcip="127.0.0.1" sid="NGWrjOwdGsWIVBpcIfDw" facility="system" client="dhcp_updown" pid="7408" attr_address="0.0.0.0" attr_resolved="0" oldattr_address="209.162.52.42" oldattr_resolved="1"
    2016:04:24-11:46:42 gateway confd[3505]: I main::top-level:677() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="network" type="interface_network" ref="REF_NetIntExterWanNetwo" objname="External (WAN) (Network)" user="system" srcip="127.0.0.1" sid="NGWrjOwdGsWIVBpcIfDw" facility="system" client="dhcp_updown" pid="7408" oldattr_netmask="26" attr_address="0.0.0.0" attr_resolved="0" oldattr_address="209.162.52.0" oldattr_resolved="1" attr_netmask="0"
    2016:04:24-11:46:42 gateway confd[3505]: I main::top-level:677() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="network" type="interface_broadcast" ref="REF_NetIntExterWanBroad" objname="External (WAN) (Broadcast)" user="system" srcip="127.0.0.1" sid="NGWrjOwdGsWIVBpcIfDw" facility="system" client="dhcp_updown" pid="7408" attr_address="0.0.0.0" attr_resolved="0" oldattr_address="209.162.52.63" oldattr_resolved="1"
    2016:04:24-11:46:42 gateway confd[3505]: I main::top-level:774() => id="310n" severity="info" sys="System" sub="confd" name="applied changes" user="system" srcip="127.0.0.1" sid="NGWrjOwdGsWIVBpcIfDw" facility="system" client="dhcp_updown" pid="7408" version="10" storage="/cfg"
    2016:04:24-11:46:42 gateway confd[3505]: I main::top-level:677() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="itfparams" type="primary" ref="REF_ItfPri000024" objname="209.162.52.42/26" user="system" srcip="127.0.0.1" sid="GUXIIUZOULcDGsOksSDG" facility="system" client="dhcp_updown" pid="7429" attr_default_gateway_address="209.162.52.1" oldattr_dns_server_1="0.0.0.0" oldattr_netmask="0" attr_address="209.162.52.42" attr_dns_server_2="207.69.188.186" oldattr_name="0.0.0.0/0" oldattr_dns_server_2="0.0.0.0" attr_name="209.162.52.42/26" attr_resolved="1" oldattr_address="0.0.0.0" attr_dns_server_1="207.69.188.185" oldattr_resolved="0" oldattr_default_gateway_address="0.0.0.0" attr_netmask="26"
    2016:04:24-11:46:42 gateway confd[3505]: I main::top-level:677() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="network" type="interface_address" ref="REF_NetIntExterWanAddre" objname="External (WAN) (Address)" user="system" srcip="127.0.0.1" sid="GUXIIUZOULcDGsOksSDG" facility="system" client="dhcp_updown" pid="7429" attr_address="209.162.52.42" attr_resolved="1" oldattr_address="0.0.0.0" oldattr_resolved="0"
    2016:04:24-11:46:42 gateway confd[3505]: I main::top-level:677() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="network" type="interface_network" ref="REF_NetIntExterWanNetwo" objname="External (WAN) (Network)" user="system" srcip="127.0.0.1" sid="GUXIIUZOULcDGsOksSDG" facility="system" client="dhcp_updown" pid="7429" oldattr_netmask="0" attr_address="209.162.52.0" attr_resolved="1" oldattr_address="0.0.0.0" oldattr_resolved="0" attr_netmask="26"
    2016:04:24-11:46:42 gateway confd[3505]: I main::top-level:677() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="network" type="interface_broadcast" ref="REF_NetIntExterWanBroad" objname="External (WAN) (Broadcast)" user="system" srcip="127.0.0.1" sid="GUXIIUZOULcDGsOksSDG" facility="system" client="dhcp_updown" pid="7429" attr_address="209.162.52.63" attr_resolved="1" oldattr_address="0.0.0.0" oldattr_resolved="0"
    2016:04:24-11:46:42 gateway confd[3505]: I main::top-level:774() => id="310n" severity="info" sys="System" sub="confd" name="applied changes" user="system" srcip="127.0.0.1" sid="GUXIIUZOULcDGsOksSDG" facility="system" client="dhcp_updown" pid="7429" version="11" storage="/cfg"


    system.log

    2016:04:24-11:41:58 gateway dhclient: DHCPREQUEST on eth1 to 255.255.255.255 port 67
    2016:04:24-11:41:58 gateway dhclient: DHCPACK from 209.162.52.1
    2016:04:24-11:41:59 gateway dhclient: bound to 209.162.52.42 -- renewal in 119402 seconds.
    2016:04:24-11:41:59 gateway dns-resolver[4407]: Adding REF_DefaultSophosUTMSupportHost
    2016:04:24-11:41:59 gateway dns-resolver[4407]: Adding REF_NetDnsSophoLivec
    2016:04:24-11:41:59 gateway dns-resolver[4407]: Adding REF_NtpPool
    2016:04:24-11:41:59 gateway dns-resolver[4407]: DNS server failed to contact!
    2016:04:24-11:42:00 gateway ntpd[4501]: Listen normally on 5 eth1 209.162.52.42:123
    2016:04:24-11:42:00 gateway ntpd[4501]: new interface(s) found: waking up resolver
    2016:04:24-11:42:09 gateway dhclient: Killed old client process
    2016:04:24-11:42:10 gateway dhclient: DHCPREQUEST on eth1 to 255.255.255.255 port 67
    2016:04:24-11:42:11 gateway dns-resolver[4407]: Adding REF_DefaultSophosUTMSupportHost
    2016:04:24-11:42:11 gateway dns-resolver[4407]: Adding REF_NetDnsSophoLivec
    2016:04:24-11:42:11 gateway dns-resolver[4407]: Adding REF_NtpPool
    2016:04:24-11:42:11 gateway dns-resolver[4407]: DNS server failed to contact!
    2016:04:24-11:42:11 gateway ntpd[4501]: Deleting interface #5 eth1, 209.162.52.42#123, interface stats: received=0, sent=0, dropped=0, active_time=11 secs
    2016:04:24-11:42:17 gateway dhclient: DHCPREQUEST on eth1 to 255.255.255.255 port 67
    2016:04:24-11:42:30 gateway dhclient: Killed old client process
    2016:04:24-11:42:32 gateway dhclient: DHCPREQUEST on eth1 to 255.255.255.255 port 67
    2016:04:24-11:42:32 gateway dhclient: DHCPACK from 209.162.52.1
    2016:04:24-11:42:32 gateway dhclient: bound to 209.162.52.42 -- renewal in 109928 seconds.
    2016:04:24-11:42:32 gateway dns-resolver[4407]: Adding REF_DefaultSophosUTMSupportHost
    2016:04:24-11:42:32 gateway dns-resolver[4407]: Adding REF_NetDnsSophoLivec
    2016:04:24-11:42:32 gateway dns-resolver[4407]: Adding REF_NtpPool
    2016:04:24-11:42:32 gateway dns-resolver[4407]: DNS server failed to contact!
    2016:04:24-11:42:33 gateway ntpd[4501]: Listen normally on 6 eth1 209.162.52.42:123
    2016:04:24-11:42:33 gateway ntpd[4501]: new interface(s) found: waking up resolver
    2016:04:24-11:43:32 gateway dns-resolver[4407]: DNS server failed to contact!
    2016:04:24-11:44:32 gateway dns-resolver[4407]: DNS server failed to contact!
    2016:04:24-11:45:01 gateway dhclient: Killed old client process
    2016:04:24-11:45:01 gateway /usr/sbin/cron[6834]: (root) CMD ( /usr/local/bin/rpmdb_backup )
    2016:04:24-11:45:01 gateway /usr/sbin/cron[6835]: (root) CMD (   /usr/local/bin/reporter/system-reporter.pl)
    2016:04:24-11:45:03 gateway dhclient: DHCPREQUEST on eth1 to 255.255.255.255 port 67
    2016:04:24-11:45:03 gateway dns-resolver[4407]: Adding REF_DefaultSophosUTMSupportHost
    2016:04:24-11:45:03 gateway dns-resolver[4407]: Adding REF_NetDnsSophoLivec
    2016:04:24-11:45:03 gateway dns-resolver[4407]: Adding REF_NtpPool
    2016:04:24-11:45:03 gateway dns-resolver[4407]: DNS server failed to contact!
    2016:04:24-11:45:04 gateway ntpd[4501]: Deleting interface #6 eth1, 209.162.52.42#123, interface stats: received=0, sent=0, dropped=0, active_time=151 secs
    2016:04:24-11:45:06 gateway dhclient: DHCPREQUEST on eth1 to 255.255.255.255 port 67
    2016:04:24-11:45:12 gateway dhclient: DHCPREQUEST on eth1 to 255.255.255.255 port 67
    2016:04:24-11:45:19 gateway dhclient: DHCPDISCOVER on eth1 to 255.255.255.255 port 67 interval 6
    2016:04:24-11:45:23 gateway dhclient: Killed old client process
    2016:04:24-11:45:24 gateway dhclient: DHCPREQUEST on eth1 to 255.255.255.255 port 67
    2016:04:24-11:45:29 gateway dhclient: DHCPREQUEST on eth1 to 255.255.255.255 port 67
    2016:04:24-11:45:37 gateway dhclient: DHCPDISCOVER on eth1 to 255.255.255.255 port 67 interval 6
    2016:04:24-11:45:40 gateway dhclient: Killed old client process
    2016:04:24-11:45:41 gateway dhclient: DHCPREQUEST on eth1 to 255.255.255.255 port 67
    2016:04:24-11:45:44 gateway dhclient: DHCPREQUEST on eth1 to 255.255.255.255 port 67
    2016:04:24-11:45:49 gateway dhclient: DHCPREQUEST on eth1 to 255.255.255.255 port 67
    2016:04:24-11:45:55 gateway dhclient: Killed old client process
    2016:04:24-11:45:56 gateway dhclient: DHCPREQUEST on eth1 to 255.255.255.255 port 67
    2016:04:24-11:46:00 gateway dhclient: DHCPREQUEST on eth1 to 255.255.255.255 port 67
    2016:04:24-11:46:01 gateway /usr/sbin/cron[7083]: (root) CMD (/sbin/audld.plx --trigger)
    2016:04:24-11:46:03 gateway dns-resolver[4407]: DNS server failed to contact!
    2016:04:24-11:46:05 gateway dhclient: DHCPREQUEST on eth1 to 255.255.255.255 port 67
    2016:04:24-11:46:09 gateway dhclient: Killed old client process
    2016:04:24-11:46:10 gateway dhclient: DHCPREQUEST on eth1 to 255.255.255.255 port 67
    2016:04:24-11:46:10 gateway dhclient: DHCPACK from 209.162.52.1
    2016:04:24-11:46:10 gateway dhclient: bound to 209.162.52.42 -- renewal in 105555 seconds.
    2016:04:24-11:46:11 gateway dns-resolver[4407]: Adding REF_DefaultSophosUTMSupportHost
    2016:04:24-11:46:11 gateway dns-resolver[4407]: Adding REF_NetDnsSophoLivec
    2016:04:24-11:46:11 gateway dns-resolver[4407]: Adding REF_NtpPool
    2016:04:24-11:46:11 gateway dns-resolver[4407]: DNS server failed to contact!
    2016:04:24-11:46:11 gateway ntpd[4501]: Listen normally on 7 eth1 209.162.52.42:123
    2016:04:24-11:46:11 gateway ntpd[4501]: new interface(s) found: waking up resolver
    2016:04:24-11:46:19 gateway dhclient: Killed old client process
    2016:04:24-11:46:20 gateway dhclient: DHCPREQUEST on eth1 to 255.255.255.255 port 67
    2016:04:24-11:46:21 gateway dns-resolver[4407]: Adding REF_DefaultSophosUTMSupportHost
    2016:04:24-11:46:21 gateway dns-resolver[4407]: Adding REF_NetDnsSophoLivec
    2016:04:24-11:46:21 gateway dns-resolver[4407]: Adding REF_NtpPool
    2016:04:24-11:46:21 gateway dns-resolver[4407]: DNS server failed to contact!
    2016:04:24-11:46:21 gateway ntpd[4501]: Deleting interface #7 eth1, 209.162.52.42#123, interface stats: received=0, sent=0, dropped=0, active_time=10 secs
    2016:04:24-11:46:23 gateway dhclient: DHCPREQUEST on eth1 to 255.255.255.255 port 67
    2016:04:24-11:46:31 gateway dhclient: DHCPDISCOVER on eth1 to 255.255.255.255 port 67 interval 3
    2016:04:24-11:46:31 gateway dhclient: DHCPREQUEST on eth1 to 255.255.255.255 port 67
    2016:04:24-11:46:31 gateway dhclient: DHCPOFFER from 209.162.52.1
    2016:04:24-11:46:31 gateway dhclient: DHCPACK from 209.162.52.1
    2016:04:24-11:46:32 gateway dhclient: bound to 209.162.52.42 -- renewal in 114573 seconds.
    2016:04:24-11:46:32 gateway dns-resolver[4407]: Adding REF_DefaultSophosUTMSupportHost
    2016:04:24-11:46:32 gateway dns-resolver[4407]: Adding REF_NetDnsSophoLivec
    2016:04:24-11:46:32 gateway dns-resolver[4407]: Adding REF_NtpPool
    2016:04:24-11:46:32 gateway dns-resolver[4407]: DNS server failed to contact!
    2016:04:24-11:46:33 gateway ntpd[4501]: Listen normally on 8 eth1 209.162.52.42:123
    2016:04:24-11:46:33 gateway ntpd[4501]: new interface(s) found: waking up resolver
    2016:04:24-11:46:40 gateway dhclient: Killed old client process
    2016:04:24-11:46:42 gateway dhclient: DHCPREQUEST on eth1 to 255.255.255.255 port 67
    2016:04:24-11:46:42 gateway dhclient: DHCPACK from 209.162.52.1
    2016:04:24-11:46:42 gateway dhclient: bound to 209.162.52.42 -- renewal in 120674 seconds.
    2016:04:24-11:46:42 gateway dns-resolver[4407]: Adding REF_DefaultSophosUTMSupportHost
    2016:04:24-11:46:42 gateway dns-resolver[4407]: Adding REF_NetDnsSophoLivec
    2016:04:24-11:46:42 gateway dns-resolver[4407]: Adding REF_NtpPool
    2016:04:24-11:46:42 gateway dns-resolver[4407]: DNS server failed to contact!
    2016:04:24-11:46:43 gateway dns-resolver[4407]: Adding REF_DefaultSophosUTMSupportHost
    2016:04:24-11:46:43 gateway dns-resolver[4407]: Adding REF_NetDnsSophoLivec
    2016:04:24-11:46:43 gateway dns-resolver[4407]: Adding REF_NtpPool
    2016:04:24-11:46:43 gateway dns-resolver[4407]: DNS server failed to contact!
    2016:04:24-11:47:01 gateway /usr/sbin/cron[7616]: (root) CMD (  nice -n19 /usr/local/bin/gen_inline_reporting_data.plx)
    2016:04:24-11:47:43 gateway dns-resolver[4407]: DNS server failed to contact!
    2016:04:24-11:48:43 gateway dns-resolver[4407]: DNS server failed to contact!

    ETHTOOL ETH1

    gateway:/root # ethtool eth1
    Settings for eth1:
            Supported ports: [ TP ]
            Supported link modes:   10baseT/Half 10baseT/Full
                                    100baseT/Half 100baseT/Full
                                    1000baseT/Full
            Supported pause frame use: No
            Supports auto-negotiation: Yes
            Advertised link modes:  1000baseT/Full
            Advertised pause frame use: No
            Advertised auto-negotiation: Yes
            Speed: 1000Mb/s
            Duplex: Full
            Port: Twisted Pair
            PHYAD: 1
            Transceiver: internal
            Auto-negotiation: on
            MDI-X: on (auto)
            Supports Wake-on: pumbg
            Wake-on: g
            Current message level: 0x00000007 (7)
                                   drv probe link
            Link detected: yes

  • I didn't think to ask... Is the cable modem configured for bridge mode or is it acting like a router?

  • I just noticed you don't have your WAN interface set as the IPv4 default gateway... It should be checked off and may be part of the issue.

  • I needed to check the "IPv4" gateway box... but that wasn't the issue.  I think the underlying issue is the DHCP client settings for the external interface.  It doesn't wait long enough for a response from a DHCP server.  That is why every other machine or router I have can work on the cable modem but not the UTM.

    I had my ISP change my modem back to Router mode instead of Bridged mode.  So now, my modem is a DHCP client and also a DCHP server.  My UTM is a DCHP client to my modem and acts as a DCHP server to my home network.  I hate the "double NATing"    It is similar to what I had to do years ago to get around an Intel NIC bug in Astaro.

    I need a break from this for a little while and my family is tired of the internet connection bouncing like a rubber ball.  The root cause of this could be slow DCHP responses from my ISP but good luck explaining that to them.  I also just dropped $350 on a new PC for the UTM to run on which might not have been necessary, but the old hardware was 8 years old or more I think...

    Anyway... I will be slowing down on this and letting the dust settle, but would be interested in hearing your thoughts of increasing the DHCP client "wait time" in the external NIC if that is an option.

    Thanks for all the good troubleshooting advice.

    Bob

Reply
  • I needed to check the "IPv4" gateway box... but that wasn't the issue.  I think the underlying issue is the DHCP client settings for the external interface.  It doesn't wait long enough for a response from a DHCP server.  That is why every other machine or router I have can work on the cable modem but not the UTM.

    I had my ISP change my modem back to Router mode instead of Bridged mode.  So now, my modem is a DHCP client and also a DCHP server.  My UTM is a DCHP client to my modem and acts as a DCHP server to my home network.  I hate the "double NATing"    It is similar to what I had to do years ago to get around an Intel NIC bug in Astaro.

    I need a break from this for a little while and my family is tired of the internet connection bouncing like a rubber ball.  The root cause of this could be slow DCHP responses from my ISP but good luck explaining that to them.  I also just dropped $350 on a new PC for the UTM to run on which might not have been necessary, but the old hardware was 8 years old or more I think...

    Anyway... I will be slowing down on this and letting the dust settle, but would be interested in hearing your thoughts of increasing the DHCP client "wait time" in the external NIC if that is an option.

    Thanks for all the good troubleshooting advice.

    Bob

Children
  • If you look at the logs your UTM is trying to pull it's IP address from 255.255.255.255, and that does not sound right. Given the model of your modem I'm assuming you have Comcast. It's highly likely they did not place your modem into bridge mode properly since your modem has both the telephone adapter and wifi. If you don't have telephone service on your modem I would highly recommend picking up an Arris SB6121 or SB6141 and returning the 862. Having a standard cable modem will work better with UTM when there's no configuration interference between your cable connection and your UTM.

  • The initial request by a DHCP client is a broadcast, which is why the 255.255.255.255, so I think we are OK there.  It's easy to tell when they put the modem in router mode, because it starts handing out 10.0.0.1 addresses to all of the clients on my network.  I can live with it like this - but not preferred.  Now I will have to do some port forwarding on the Modem if I want to use my VPN again.

    Thanks again for the help.

    Bob

  • Just setting the UTM to fixed speed/duplex doesn't fix the modem - try setting both to 100/Full and hard rebooting both.  I've also had situations where that didn't solve the problem, but doing the same with 100/Half did. See #7 in

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hey - nice to see your name again Bob - thanks for the reply.

    I am 99% convinced this is simply a DHCP timing issue.  The same modem, the same port, the same NIC on the UTM - NO issues when the Modem is in Router mode instead of Bridge mode.  Even in bridge mode, I am getting no packet errors/drops.

    In Router mode, my modem provides a DCHP address almost immediately, obviously since it is the DHCP server.  In bridge mode, let's just say my stellar ISP (which shall remain nameless but might sound a lot like Earthink) can take awhile to respond to a DHCPREQUEST.  I have to do some actual measurements - but I'd bet a small coffee on it. 

    I'd like to know how/where the UTM sets its dhclient settings... I think the UTM gives up too easily trying to get an IP address.  Anyway - again, no negotiation issues, no speed issues, no dropping - the only difference is who gives me an IP address.

    Take care,  Bob Blank

  • Since this is a home device, you don't risk losing Sophos Support by doing the following yourself.  You can change the timeout for eth1 as root at the command line with edit /var/chroot-dhcpc/etc/eth1.conf.  Any better luck now, Bob?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Thanks Bob - that was the settings location I was looking for.  I'll have to try it and let you know.  Family is a little disgruntled with me right now as I have taken down our internet access more than a few times... might have to test early on Sat morning. :-)