Thread Info
  • State Suggested Answer
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 26 replies
  • Answers 1 answer
  • Subscribers 10 subscribers
  • Views 72585 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DHCP issues on External Interface with ISP

bblank

I have been using UTM for many years now... 6+?  When I first started, there were issues with certain Intel nics when used with DHCP and Cable Modems.

Lately, I have been having problems again.  I have had MANY calls with my ISP, I even went ahead and bought new hardware for my UTM.  Same problem.  I rarely get an IP address from my ISP and when I do, the external interface will only stay "up" for a brief period - and then drop again.

I plugged my "Gateway desktop" directly into my Cable Modem and it ran without an issue for 3 days.  Then I added an ASUS RT-N66 in as a "router".  That ran fine for a week - with A LOT of traffic going through it. 

I add the UTM and BAM!  I am back down again.

My question is - WHERE do I begin to troubleshoot this?  confd logs?  TCPDUMP?  My UTM seems happy to get a DCHP address from my ASUS if I test it that way...  I don't want to bail on Sophos, but I don't know what else to do.  Many years ago, I put an old router between my Cable Modem and my Sophos machine.  I really don't want to do that again.

UTM 9.355-1       

External NIC is an Intel Gigabit PCIe   EXPI9301CT

Quad core i3 with 4GB RAM, 160 GB HDD

Thoughts?  Advice, Similar issues?



This thread was automatically locked due to age.
  • 0 in reply to bblank

    I didn't think to ask... Is the cable modem configured for bridge mode or is it acting like a router?

  • 0 in reply to bblank

    I just noticed you don't have your WAN interface set as the IPv4 default gateway... It should be checked off and may be part of the issue.

  • 0 in reply to Dlabun

    I needed to check the "IPv4" gateway box... but that wasn't the issue.  I think the underlying issue is the DHCP client settings for the external interface.  It doesn't wait long enough for a response from a DHCP server.  That is why every other machine or router I have can work on the cable modem but not the UTM.

    I had my ISP change my modem back to Router mode instead of Bridged mode.  So now, my modem is a DHCP client and also a DCHP server.  My UTM is a DCHP client to my modem and acts as a DCHP server to my home network.  I hate the "double NATing"    It is similar to what I had to do years ago to get around an Intel NIC bug in Astaro.

    I need a break from this for a little while and my family is tired of the internet connection bouncing like a rubber ball.  The root cause of this could be slow DCHP responses from my ISP but good luck explaining that to them.  I also just dropped $350 on a new PC for the UTM to run on which might not have been necessary, but the old hardware was 8 years old or more I think...

    Anyway... I will be slowing down on this and letting the dust settle, but would be interested in hearing your thoughts of increasing the DHCP client "wait time" in the external NIC if that is an option.

    Thanks for all the good troubleshooting advice.

    Bob

  • 0 in reply to bblank

    If you look at the logs your UTM is trying to pull it's IP address from 255.255.255.255, and that does not sound right. Given the model of your modem I'm assuming you have Comcast. It's highly likely they did not place your modem into bridge mode properly since your modem has both the telephone adapter and wifi. If you don't have telephone service on your modem I would highly recommend picking up an Arris SB6121 or SB6141 and returning the 862. Having a standard cable modem will work better with UTM when there's no configuration interference between your cable connection and your UTM.

  • 0 in reply to Dlabun

    The initial request by a DHCP client is a broadcast, which is why the 255.255.255.255, so I think we are OK there.  It's easy to tell when they put the modem in router mode, because it starts handing out 10.0.0.1 addresses to all of the clients on my network.  I can live with it like this - but not preferred.  Now I will have to do some port forwarding on the Modem if I want to use my VPN again.

    Thanks again for the help.

    Bob

  • 0 in reply to bblank

    Just setting the UTM to fixed speed/duplex doesn't fix the modem - try setting both to 100/Full and hard rebooting both.  I've also had situations where that didn't solve the problem, but doing the same with 100/Half did. See #7 in

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hey - nice to see your name again Bob - thanks for the reply.

    I am 99% convinced this is simply a DHCP timing issue.  The same modem, the same port, the same NIC on the UTM - NO issues when the Modem is in Router mode instead of Bridge mode.  Even in bridge mode, I am getting no packet errors/drops.

    In Router mode, my modem provides a DCHP address almost immediately, obviously since it is the DHCP server.  In bridge mode, let's just say my stellar ISP (which shall remain nameless but might sound a lot like Earthink) can take awhile to respond to a DHCPREQUEST.  I have to do some actual measurements - but I'd bet a small coffee on it. 

    I'd like to know how/where the UTM sets its dhclient settings... I think the UTM gives up too easily trying to get an IP address.  Anyway - again, no negotiation issues, no speed issues, no dropping - the only difference is who gives me an IP address.

    Take care,  Bob Blank

  • 0 in reply to bblank

    Since this is a home device, you don't risk losing Sophos Support by doing the following yourself.  You can change the timeout for eth1 as root at the command line with edit /var/chroot-dhcpc/etc/eth1.conf.  Any better luck now, Bob?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Thanks Bob - that was the settings location I was looking for.  I'll have to try it and let you know.  Family is a little disgruntled with me right now as I have taken down our internet access more than a few times... might have to test early on Sat morning. :-)

Unfiltered HTML