Page 1 of 2 12 LastLast
Results 1 to 10 of 19
  1. #1
    Newbie
    Join Date
    Jan 2016
    Posts
    7

    Default External interface DHCP increase renewal time

    Hi,
    I have a simple home network running untangle in pretty much out of the box settings, it been running now for about 6 years with impressive up times and very reliable.

    Alas my ISP in Australia has force me into a new hardware setup due to National broadband roll out.
    This new supplied router from ISP has an inbuilt fail over SIM card. Due to constant issues with the cable coax, it appears to be using the SIM mobile back up a lot. I have put this ISP's router into bridge mode so it does not do anything in terms of firewall or routing. This is then connected to my WAN on the UT box.

    I have been finding now that my internet is dropping out, on investigation my untangle external interface DHCP is not updating itself when the ISP address is changing. If I manually force a renewal of the DHCP it pick up the new ISP address and all works again until the sim card modem drops out and reconnects but gets a new external IP address again.

    Is there a way to force my external interface IP to aggressively check for a change? (Scavenging interval?)
    Should it be doing this if it detects the WAN interface has gone down or changed?
    Is there a better way of setting this up?

    Note over the last 6 years, my external IP address from my ISP hardly changed, only when they had an outage, UT would normally reconnect happily once ISP service was restored, no need for me to go in and manually refresh DHCP UT would do it itself. I have a small program that monitors a change in external IP that emails me, so I can update OPEN VPN clients to the new address.

    ut.jpg
    Attached Images Attached Images
    Last edited by exup1000; 08-23-2019 at 04:52 AM. Reason: added network design sketch

  2. #2
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,185

    Default

    Your ISP needs to get their brains screwed in...

    The fail over you're describing simply cannot work while that edge device is in bridge mode. No device, and I mean exactly that NO DEVICE will ever check for a new IP address via DHCP any more frequently than 50% of the DHCP lease period.

    What you need to do is configure the ISP device as a router, and make Untangle a bridge behind it. Because the ISP device is the only thing you've got that knows when it's connected to one thing or the other, and it must route between them.

    So when I say the ISP needs to grow a brain, I mean they never should have allowed you to attempt a bridge with a dual WAN setup on their gear, it simply will not work.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #3
    Untangle Ninja
    Join Date
    Jan 2011
    Posts
    1,192

    Default

    it'd be an unsupported hack, but you could setup a cron job to do a dhcp renewal every minute

  4. #4
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    8,515

    Default

    Changing IPs via DHCP technically should route the existing IPs until the client's DHCP timeouts and accepts the new IP. The ISP should not remix the IPs at will but it is the hand that is dealt.

    Renewing DHCP every minute will be havoc with your traffic. It would be best to link it to WAN down event.
    Last edited by jcoffin; 08-23-2019 at 11:36 AM.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  5. #5
    Untangle Ninja
    Join Date
    Jan 2011
    Posts
    1,192

    Default

    Quote Originally Posted by jcoffin View Post
    Renewing DHCP every minute will be havoc with your traffic.
    I thought a DHCP renewal ("dhclient eth0"?) would have no effect on the IP stack if nothing changed?

  6. #6
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,185

    Default

    If I recall correctly, it basically restarts networking on the interface in question.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  7. #7
    Untangle Ninja
    Join Date
    Jan 2011
    Posts
    1,192

    Default

    Quote Originally Posted by sky-knight View Post
    If I recall correctly, it basically restarts networking on the interface in question.
    well then that would be bad

  8. #8
    Newbie
    Join Date
    Jan 2016
    Posts
    7

    Default

    Quote Originally Posted by sky-knight View Post
    Your ISP needs to get their brains screwed in...

    The fail over you're describing simply cannot work while that edge device is in bridge mode. No device, and I mean exactly that NO DEVICE will ever check for a new IP address via DHCP any more frequently than 50% of the DHCP lease period.

    What you need to do is configure the ISP device as a router, and make Untangle a bridge behind it. Because the ISP device is the only thing you've got that knows when it's connected to one thing or the other, and it must route between them.

    So when I say the ISP needs to grow a brain, I mean they never should have allowed you to attempt a bridge with a dual WAN setup on their gear, it simply will not work.
    OK, that does make sense and renewing the DHCP more frequently will also cause more issues. So it begs the question, do I really need to continue with the UT box. Seeing my requirements are very minimal and the generic ISP router has most of the features.

    DHCP
    Fix IP addresses
    Firewall

    The only thing it does not have is Open VPN, but I can look at setting that up on one of my servers.
    Time will tell if this little white box has the stability and reliability of my UT box. The whole reason me moving to UT years ago was these little ISP routers kept die-ing, as in the routing would stop. Rebooting the boxes daily would fix the issue. Perhaps the tech has moved on, seeing Rasp Pi 4 has a quad core 4GB of RAM. Maybe this has trickled down into the device.

    In case anyone is interested the router is "Telstra Smart Modem Gen 2 with Voice Backup" looking up the MAC Vendor ID it appears it is a Technicolor DJA0231 device from Belgium, rebranded for our ISP.
    Last edited by exup1000; 08-23-2019 at 04:01 PM.

  9. #9
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,185

    Default

    I can't tell you if Untangle makes more sense or not. I use Untangle not for stability, but control. It is a UTM after all. And yes, ISP routers fry... they do that.

    But the fact remains that there is no such thing as an multi-wan bridge!

    So if you want Untangle to be a router to define the edge of your network independently of the ISP it can be done. You just then use Untangle as a NAT'less router, behind the ISP's router that is also doing multi-WAN. If your configuration is what I think it is, all this requires is to configure the ISP router with a LAN IP range that is different than you real LAN, statically or dynamically configure Untangle's external interface to work within that IP range, and uncheck the NAT box on the WAN interface.

    But if you aren't using Untangle to be well... Untangle... what's the point indeed!

    And as a matter of theory crafting, another possible idea would be to connect two WAN interfaces on Untangle to the ISP gear and see if you can't get each one to attach to a specific Internet connection. If you can bridge two separate WANs into Untangle, and then enable Untangles multi-wan features, that would work. But that's a mighty big if.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  10. #10
    Newbie
    Join Date
    Jan 2016
    Posts
    7

    Default

    Well after trying to stick it out with the whitebox router from Telstra, due to some limitations, I have put back the UT box and will live with the odd outage.

    As I have the free version of UT I dont think I can enable the WAN failover app, that is part of the paid service I think.

    anyway thanks for helping.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2