From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 3E4F71389FE for ; Fri, 31 Oct 2014 09:53:35 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 5149EE08AF; Fri, 31 Oct 2014 09:53:28 +0000 (UTC) Received: from mail-wi0-f181.google.com (mail-wi0-f181.google.com [209.85.212.181]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id CD24EE0883 for ; Fri, 31 Oct 2014 09:53:26 +0000 (UTC) Received: by mail-wi0-f181.google.com with SMTP id n3so820738wiv.2 for ; Fri, 31 Oct 2014 02:53:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:reply-to:to:subject:date:user-agent:references:in-reply-to :mime-version:content-type:content-transfer-encoding:message-id; bh=f1Rh2CnydJU2EIcv4+HVUR08F9+2C15hKAbPf+UNlcw=; b=FqZA4NQ1L2HRUmTLhEpAfSdAQ9KQ6k+aO0kmqo5Ie/5A0znxjbrZ60QoqpRKZ8tbmP KYcP9wkDvtl6hFQIJFNcuGcfVCCBcidMtUhiCQeRw6zep0NbG06eGdpHiaR/RxLuyUku nTnt/Wjag6VKY7/98oUApYC5bUXMVQ9zH1eR5UVkvyHriXfFGFzSUaNddYf+Tg7vvp47 mCsGfQ7lyOKGzFIYjbo+KqojInMxwouBhFnI+ap3/FbVOo+oXdJSYqOI2DLdxQRDCUVz rsrFkzde9Og54pe65yyrRCFnTkDhafhZ2xO10oS5IqV/VoKazkPOBY3IMn+mhwxVF1gU YRbg== X-Received: by 10.180.104.99 with SMTP id gd3mr2734738wib.10.1414749205432; Fri, 31 Oct 2014 02:53:25 -0700 (PDT) Received: from dell_xps.localnet (230.3.169.217.in-addr.arpa. [217.169.3.230]) by mx.google.com with ESMTPSA id hk9sm11466243wjb.46.2014.10.31.02.53.23 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 31 Oct 2014 02:53:24 -0700 (PDT) From: Mick To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Strange behaviour of dhcpcd Date: Fri, 31 Oct 2014 09:53:12 +0000 User-Agent: KMail/1.13.7 (Linux/3.16.5-gentoo; KDE/4.12.5; x86_64; ; ) References: <20141028004458.16d1bbbc@marcec.fritz.box> <20141028193156.7b55437b@marcec.fritz.box> <1639884.UKlFl08jV7@andromeda> In-Reply-To: <1639884.UKlFl08jV7@andromeda> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart1689785.7fWdYWutqm"; protocol="application/pgp-signature"; micalg=pgp-sha256 Content-Transfer-Encoding: 7bit Message-Id: <201410310953.21407.michaelkintzios@gmail.com> X-Archives-Salt: 67e6438c-a184-44c2-b035-bff97156c926 X-Archives-Hash: 57acb8c3ee1be507e82e414e89d883a2 --nextPart1689785.7fWdYWutqm Content-Type: Text/Plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable On Friday 31 Oct 2014 06:52:54 J. Roeleveld wrote: > On Tuesday, October 28, 2014 07:31:56 PM Marc Joliet wrote: > > Am Tue, 28 Oct 2014 16:28:37 +0000 > > (I found a copy here: > > http://www.kabelfernsehen.ch/dokumente/quicknet/HandbuchTHG570.pdf) > > refers > >=20 > > to "Transparent bridging for IP traffic", and AFAICT makes no mention of > > routing. It does explicitly say that it gets an IP address from the IS= P, > > so I suspect that it acts as a bridge for all IP clients (like the "IP > > Client Mode" in Fritz!Box routers). So it sounds to me that the DHCP > > packets likely come from a server beyond the router. Is this the half > > bridge mode you alluded to? >=20 > Not sure about half-bridge mode. But most cable-modems work in bridge-mod= e. > (If they have more then 1 ethernet-port, they act as routers) Yes, it seems to be a fully bridged modem. A PC or router behind it will b= e=20 accessible from the Internet using your public IP address provided by the I= SP. In a fully bridged mode the modem only manages encapsulation of your LAN ho= sts=20 ethernet packets (using DOCSIS frames in the case of cable, or ATM frames i= n=20 the case of ADSL). PPPoE or any other authentication method is undertaken = by=20 the PC or by the router behind it. There's no NAT'ing or routing performed= by=20 the modem - it is just a transparent bridge. In a typical half bridged mode the modem performs encapsulation of your=20 packets AND authentication with the ISP's radius server. It also passes th= e=20 public IP address over to the host in the LAN, but it doesn't just bridge -= it=20 routes it. The half bridged modem acts as an arp proxy. Some implementati= ons=20 advertise more addresses on the LAN side than the public ISP's address and= =20 offer the host a different IP address to the ISP's (usually public IP + 1 w= ith=20 255.255.255.0 instead of 255.255.255.255). MSWindows machines work fine wi= th=20 this, but Linux won't work without setting a static route to the ISP's gate= way=20 and complains that the gateway is not on public-IP/32. Cisco routers barf = at=20 this problem too. > > Oh, and there are two powerline/dLAN adapters in between (the modem is > > in > >=20 > > the room next door), but direct connections between my computer and my > > brother's always worked, and they've been reliable in general, so I > > assume that they're irrelevant here. >=20 > Uh-oh... If you have multiple machines that can ask for a DHCP-lease, you > might keep getting a different result each time it tries to refresh. >=20 > > Furthermore, I found out the hard way that you *sometimes* need to > > reboot > >=20 > > the modem when connect a different client for the new client to get a > > response from the DHCP server (I discovered this after wasting half a d= ay > > trying to get our router to work, it would log timeouts during > > DHCPDISCOVER). I didn't think it was the modem because when we first g= ot > > it, I could switch cables around between my computer and my brother's a= nd > > they would get their IP addresses without trouble. *sigh* >=20 > That's a common flaw. These modems are designed with the idea that people > only have 1 computer. Or at the very least put a router between the modem > and whatever else they have. > Please note, there is NO firewall on these modems and your machine is ful= ly > exposed to the internet. Unless you have your machine secured and all > unused services disabled, you might as well assume your machine > compromised. Yes, the way these modems work you may need to reboot the modem so that it= =20 flushes its arp cache if you start reconnecting machines to it. > I once connected a fresh install directly to the modem. Only took 20 > seconds to get owned. (This was about 9 years ago and Bind was running) >=20 > > - At the time there was no router, just the modem. We now have a > > Fritz!Box > >=20 > > 3270 with the most recent firmware, but we got it after I "solved" th= is > > problem. > >=20 > > - I don't know whether we have an IP block or not; I suspect not. At t= he > > very least, we didn't make special arrangements to try and get one. >=20 > Then assume not. Most, if not all, ISPs charge extra for this. (If they > even offer it) You would typically have two IP addresses with a half bridged modem, but on= ly=20 one of these would be usable by the PC/router in your LAN. Personally I fi= nd=20 all this a bothersome faff and only buy and set up modems in fully bridged= =20 mode, so that they get out of the way and let me route things using a route= r. =2D-=20 Regards, Mick --nextPart1689785.7fWdYWutqm Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAABCAAGBQJUU1wRAAoJELAdA+zwE4YeUKEH/0TlLUterU4gle+0qy7z2T+r M/vCr7kawNTloB1F7Rx5TWP13qjT3hyNkNHZeuz8zrcATfzS8x56nb5bkstI+YQe cRLWglzUTzRg8xXhmnKUfkwV1NvursxMKfwb3A8LEGXMcS1t4l9K9zWB1qMvhLNT Q20j8KO11a0TCs1bg6eZbaCX2HTLu6pEFXm8hPnEbfqz+RKs0ybfF6rKHpNvONbh nXBJpOHpskMuBk6rCeBTj9dMLN6IShB/MPnDT0KKNF6JIxqGp6Fsdho7ghiARSOI rT8DZHkb7JjIhO4RTudCacoYehrOXtg+IHGGSDTbfq3b+G8WPvXlTl2N3VPCB2Q= =6Qi7 -----END PGP SIGNATURE----- --nextPart1689785.7fWdYWutqm--