dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
9314
share rss forum feed

SinNombre

join:2004-09-16
Charlotte, NC

[Config] 2611 dhcp on Time Warner/ Road Runner

Tried hooking up my Cisco 2611 to my cable internet yesterday using a simple dhcp config on the WAN interface, but TW/ RR keeps setting me up with a non-routeable IP for some reason. Been using a Cisco PIX at home for a couple years using DHCP and haven't had this kind of issue.

Following is the config from the 2611 and the 'debug dhcp detail'.

Lestat#show run
Building configuration...

!
version 12.2
service timestamps debug uptime
service timestamps log datetime
service password-encryption
!
hostname Lestat
!
logging buffered 10000 debugging
enable secret 5 $1$QyHxxxxxxxxxxxxxxx
!
ip subnet-zero
no ip source-route
!
!
no ip domain-lookup
ip name-server 209.244.0.3
ip name-server 209.244.0.4
ip name-server 24.25.5.150
ip name-server 24.25.5.149
ip name-server 24.93.67.126
ip name-server 24.93.67.127
ip dhcp excluded-address 10.10.18.27
!
ip dhcp pool LAN
network 10.10.x.x 255.255.x.x
dns-server 24.25.5.149 24.25.5.150
default-router 10.10.x.x
!
ip ssh time-out 120
ip ssh authentication-retries 3
!
call rsvp-sync
!
!
!
!
!
!
!
!
interface Ethernet0/0
description Internet
ip address dhcp
ip nat outside
half-duplex
no cdp enable
!
interface Serial0/0
no ip address
shutdown
no fair-queue
!
interface Ethernet0/1
description LAN
ip address 10.10.x.x 255.255.x.x
ip nat inside
half-duplex
!
ip nat log translations syslog
ip nat inside source list 1 interface Ethernet0/0 overload
ip classless
no ip http server
no ip pim bidir-enable
!
!
logging history debugging
logging trap debugging
access-list 1 permit 10.10.x.x 0.0.0.255
!
dial-peer cor custom
!
!
!
!
!
line con 0
exec-timeout 15 0
password 7 xxxxxxxxxxx
logging synchronous limit 500
login
line aux 0
exec-timeout 0 0
line vty 0 4
exec-timeout 0 0
password 7 1105xxxxxxxxxxxxxx
login
!
end

Portion of the dhcp debug detail:

00:02:02: DHCP Offer Message Offered Address: 10.224.5.11
00:02:02: DHCP: Lease Seconds: 513118
00:02:02: DHCP: Server ID Option: 24.25.4.128
00:02:02: DHCP: offer received from 24.25.4.128
00:02:02: DHCP: SRequest attempt # 1 for entry:
00:02:02: Temp IP addr: 10.224.5.11 for peer on Interface: Ethernet0/0
00:02:02: Temp sub net mask: 255.255.192.0
00:02:02: DHCP Lease server: 24.25.4.128, state: 2 Requesting
00:02:02: DHCP transaction id: 207
00:02:02: Lease: 513118 secs, Renewal: 0 secs, Rebind: 0 secs
00:02:02: Next timer fires after: 00:00:01
00:02:02: Retry count: 1 Client-ID: cisco-000c.3053.ac9f-Et0/0
00:02:02: DHCP: SRequest- Server ID option: 24.25.4.128
00:02:02: DHCP: SRequest- Requested IP addr option: 10.224.5.11
00:02:02: DHCP: SRequest placed lease len option: 513118
00:02:02: DHCP: SRequest: 326 bytes
00:02:02: DHCP: SRequest: 326 bytes
00:02:02: B'cast on Ethernet0/0 interface from 0.0.0.0
00:02:02: DHCP: Received a BOOTREP pkt
00:02:02: DHCP: Scan: Message type: DHCP Ack
00:02:02: DHCP: Scan: Server ID Option: 24.25.4.128 = 18190480
00:02:02: DHCP: Scan: Lease Time: 513117
00:02:02: DHCP: Scan: Subnet Address Option: 255.255.192.0
00:02:02: DHCP: Scan: DNS Name Server Option: 24.93.67.126, 24.93.67.127, &24.93.67.38&
00:02:02: DHCP: Scan: Domain Name: carolina.rr.com
00:02:02: DHCP: Scan: Router Option: 10.224.0.1
00:02:02: DHCP: Scan: Bootfile Name: autoprov.bin@CuAFC909OJexVGliYS5LYil5BDoFPHFU
00:02:02: DHCP: rcvd pkt source: 10.224.0.1, destination: 255.255.255.255
00:02:02: UDP sport: 43, dport: 44, length: 384
00:02:02: DHCP op: 2, htype: 1, hlen: 6, hops: 0
00:02:02: DHCP server identifier: 24.25.4.128
00:02:02: xid: 207, secs: 0, flags: 8000
00:02:02: client: 0.0.0.0, your: 10.224.5.11
00:02:02: srvr: 24.25.5.104, gw: 10.224.0.1
00:02:02: options block length: 136

00:02:02: DHCP Ack Message
00:02:02: DHCP: Lease Seconds: 513117
00:02:02: DHCP: Server ID Option: 24.25.4.128
00:02:05: DHCP Proxy Client Pooling: ***Allocated IP address: 10.224.5.11
00:02:05: Allocated IP address = 10.224.5.11 255.255.192.0

00:02:29: DHCP: QScan: Purging entry
00:02:29: DHCP: deleting entry 820E5708 10.224.5.11 from list
00:02:29: Temp IP addr: 10.224.5.11 for peer on Interface: unknown
00:02:29: Temp sub net mask: 255.255.192.0
00:02:29: DHCP Lease server: 24.25.4.128, state: 8 Purging
00:02:29: DHCP transaction id: DCD
00:02:29: Lease: 513220 secs, Renewal: 256610 secs, Rebind: 449067 secs
00:02:29: Temp default-gateway addr: 10.224.0.1
00:02:29: No timer running
00:02:29: Retry count: 0 Client-ID:

FYI - I've done the following so far: shut/ no shut on the e0/0 interface several times, reloaded the Cisco and restarted the cable modem several times in various combinations. I've also substituted the PIX mac address for the 2611 address, too, with the only result being a different IP.

Is this some weird TW/ RR issue in Charlotte or do I need to tweak the config a little more?

thanks!


dervari2

join:2000-01-17
Atlanta, GA
Sounds like you could be in their Walled Garden or they are doing double NAT.

SinNombre

join:2004-09-16
Charlotte, NC

2 edits
reply to SinNombre
What's their Walled Garden and how do I get out of it?

When I put the PIX back into the connection, it comes right back up with it's same old IP address...

[update] Made the mistake of calling RR tech support. (They made the suggestion that I call Linksys.) LOL


RyanG1
Premium
join:2002-02-10
San Antonio, TX
kudos:1
reply to SinNombre
a walled garden simply means that when you connect a modem to their network that isnt authenticated with them, you get assigned an internal IP so you can goto their setup site and register the modem to get full service. RR as far as i know, does not use this as most franchises do not offer the ability to own your own modem.

Did you reboot the modem before you connected the 2611?

It almost looks like the headend is assigning you an IP in the range for their modems because it thinks your router is a modem.

When i had RR a year or so ago, that occured out of the blue for some reason, and a simple reboot of the PC/router and the modem solved it. You could tell because in the DHCP information received it showed a TFTP server and a config file it wanted me to download.

Ryan
--
call me on FWD: 654674

SinNombre

join:2004-09-16
Charlotte, NC
I kind of figured that's what a walled garden was...

The thought had occured to me it was giving me an ip from the modem pool, although "why" is a very good question here. The debug shows a temp gateway of 10.224.0.1 which is what I hit on a traceroute away from the network when I'm running normally, like when the PIX is plugged in and I have a routeable IP (see below):

Temp IP addr: 24.74.x.x for peer on Interface: outside
Temp sub net mask: 255.255.x.x
DHCP Lease server: 24.25.4.128, state: 3 Bound
DHCP transaction id: 0x65CC
Lease: 84627 secs, Renewal: 42313 secs, Rebind: 74048 secs
Temp default-gateway addr: 24.74.128.1
Next timer fires after: 42129 seconds
Retry count: 0 Client-ID: cisco-000c.3053.ac9f-outside

I've rebooted the modem several times. Left it off a few minutes once just to be sure and then turned it back on. In any case, put the PIX back in and I have Internet.

Used an acl to only allow udp from the "normal" dhcp server and the gateway and I get all zeros on the debug. Take out the acl with all of that stuff and I instantly get the 10.224.5.11 address.

Anyone else?


RyanG1
Premium
join:2002-02-10
San Antonio, TX
kudos:1
reply to SinNombre
you could try changing the mac address of the 2611 with the mac address of the PIX since thats all the DHCP server is seeing when it decides which pool to use.

int <if>
mac-address <H.H.H>

--
call me on FWD: 654674

SinNombre

join:2004-09-16
Charlotte, NC
Ryan - thanks, but that's been covered, too...

I've done the following so far: shut/ no shut on the e0/0 interface several times, reloaded the Cisco and restarted the cable modem several times in various combinations. I've also substituted the PIX mac address for the 2611 address, too, with the only result being a different IP.


RyanG1
Premium
join:2002-02-10
San Antonio, TX
kudos:1

1 edit
reply to SinNombre
Ah sorry brain fart.

EDIT:

one thing is for certain, it does think you are a modem:
00:02:02: DHCP: Received a BOOTREP pkt
00:02:02: DHCP: Scan: Message type: DHCP Ack
00:02:02: DHCP: Scan: Server ID Option: 24.25.4.128 = 18190480
00:02:02: DHCP: Scan: Lease Time: 513117
00:02:02: DHCP: Scan: Subnet Address Option: 255.255.192.0
00:02:02: DHCP: Scan: DNS Name Server Option: 24.93.67.126, 24.93.67.127, &24.93.67.38&
00:02:02: DHCP: Scan: Domain Name: carolina.rr.com
00:02:02: DHCP: Scan: Router Option: 10.224.0.1
00:02:02: DHCP: Scan: Bootfile Name: autoprov.bin@CuAFC909OJexVGliYS5LYil5BDoFPHFU

Telling you to goto 24.25.4.128 and download the modem config 'autoprov.bin'.

You could also try changing your client DHCP hostname in the 2611 just for the heck of it.

Ryan

elnino

join:2006-08-27
Akron, OH

1 edit
SinNombre, what version of the IOS are you running? Since I'll be hooking up a 1721 on RR next week, I was doing research to find out which IOS version I'd need and I came across this info that exactly describes your problem:

Older versions of IOS set the DHCP class to "infrastructure device" on Option 60. Most DHCP servers ignore it, but Cable modem providers listen to it. They assume that if a DHCP requests is from an infrastructure device that it is a cable modem.

The bug ID is CSCdx67972:
------------
A Cisco router running 12.1T, 12.2, 12.2T (up to 12.2(15)T9) and some early versions of 12.3(I think) IOS will incorrectly set the Class ID (Option 60) of a DHCP Discover Packet.

This only causes a problem when the following is true:

1) Router is setup to be a DHCP Client.
2) DHCP Server is looking at Option 60 to assign IP addresses
3) Router is connected behind a Cable Modem.

This is a rare problem that does not effect every customer running the router as a DHCP Client.
-----------

Basically, RR thinks your router is "their equipment" so it gives you an internal address on their network. My UBR925 at work actually has a 10.x.x.x on it's cable interface and on the internal interface it has a real routable IP. My suggestion is to upgrade the IOS on the router.

CM1970

join:2006-08-11
Marietta, GA
reply to SinNombre
What version and feature set of the IOS are you running?

SinNombre

join:2004-09-16
Charlotte, NC
Ryan:

Good eyes - I stared at that debug detail several times and completely missed the bootfile option it was looking for. Of course, it made sense to me that RR thought the Cisco was one of their nodes, but I couldn't figure out why...

ElNino - thanks for the info on the bug, which I hadn't thought of going to look for, yet. Here is the show ver from the 2611:

Lestat#show ver
Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-IK8S-M), Version 12.2(7c), RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2002 by cisco Systems, Inc.
Compiled Sat 11-May-02 04:25 by pwade
Image text-base: 0x80008088, data-base: 0x811DE08C

ROM: System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)

Lestat uptime is 12 minutes
System returned to ROM by power-on
System image file is "flash:c2600-ik8s-mz.122-7c.bin"

Let me know if you think the 12.2 (7c) falls under that category... if it does, I don't know where I would get a newer version of the IOS (no Smartnet here).

Anyone think cloning the mac adddress of my PIX and just setting up all the default gateways and DNS servers might do the trick?

Thanks!


RyanG1
Premium
join:2002-02-10
San Antonio, TX
kudos:1
reply to SinNombre
well if its the bug that was mentioned above where its setting the wrong option in the DHCP request, it wont matter what the mac address is set to, it will continually give you the internal IP.

Just need to wait for his reply as to what specific lines in the 12.2 IOS train are affected (if not all).

Ryan
--
call me on FWD: 654674

elnino

join:2006-08-27
Akron, OH
reply to SinNombre
I don't have a full Cisco CCO login so I can't verify it in their 'bug toolkit', but it seems like that particular one is affected. Would anyone with a full CCO login please check an verify?

CM1970

join:2006-08-11
Marietta, GA
reply to SinNombre
From Cisco:

CSCdx67972 Bug Details

Headline
Class ID (Option 60) of DHCP packets incorrectly set

Product IOS

Feature DHCP

Severity 3

Severity help Status Resolved

First Found-in Version 12.1T, 12.2, 12.2T

First Fixed-in Version 12.2(11.3)T, 12.2(10.7)T04, 12.2(11.8), 12.2(11.8)S, 12.2(11.8)GLD, 12.2(11.08b)DA, 12.2(11)SSL(00.72), 12.2(13.3)B, 12.2(15)BW, 12.2(15)BZ, 12.2(15)BX, 12.2(15)ZN

Release Notes

A Cisco router running 12.1T or 12.2 IOS will incorrectly set the
Class ID (Option 60) of a DHCP Discover Packet.

This only causes a problem when the following is true:

1) Router is setup to be a DHCP Client.
2) DHCP Server is looking at Option 60 to assign IP addresses
3) Router is connected behind a Cable Modem.

This is a rare problem that does not effect every customer running
the router as a DHCP Client.

There is no work-around.


SinNombre

join:2004-09-16
Charlotte, NC
Guys, thanks - Google helped me piece together the rest of the information, and thanks for the complete bug report.

Got my hands on a couple versions of 12.3 for the 2600 - maybe tomorrow I can upload them and let you know what happens.


--
Insights welcomed.
Insidious conspiratorial allegations discouraged, but covertly smiled upon.

elnino

join:2006-08-27
Akron, OH
reply to CM1970
Thank you for the full bug report CM1970.

I'm pretty sure the 12.3 IOS line started from the 12.2(15)T release and since it looks like the bug was fixed in 12.2(11.3)T, everything in the 12.3 IOS versions should be fine.

If you're not sure which IOS version your router can handle, Cisco's IOS Software Selector »tools.cisco.com/ITDIT/ISTMAIN/servlet/index will give you the RAM and flash requirements for each feature set.

SinNombre

join:2004-09-16
Charlotte, NC
Sweet - back in bidness.

I loaded up 12.3 (16a) and the dhcp problem is gone. I have a copy of an earlier IOS release, but I didn't try that one.

Thanks fo the help guys!
--
Insights welcomed.
Insidious conspiratorial allegations discouraged, but covertly smiled upon.


RyanG1
Premium
join:2002-02-10
San Antonio, TX
kudos:1
reply to SinNombre
Glad to hear.

Ryan

Innuendo
Premium
join:2002-12-20
Evansville, IN
reply to SinNombre
said by SinNombre:

[update] Made the mistake of calling RR tech support. (They made the suggestion that I call Linksys.) LOL
Now that your problem is fixed I just had to go back and pull this nugget out of the thread & call attention to it.

You just know you're going to be in good hands with this ISP.

SinNombre

join:2004-09-16
Charlotte, NC
ha! I don't know how large ISPs get away with having such ill-informed, ill-trained staff.

(Funny story - several years back, in a different city with Charter HSI. Had an outage - called Charter - got some kid. He wanted the IP off my computer. I said which one - I have three. He said the one connected to the internet. I said all of them are - I'm using a router. I could hear him mumbling to himself "... router... router... router?" He didn't know what one was...or how to begin to help me!)

/ begin rant
When I worked tier one support for a regional ISP several years ago, we *had* to know the basics on routers, firewalls, T1, dsl, NAT, dhcp, static routes, port forwarding, classless IP routing, cabling, Ciscos, Netopias, Adtrans. We knew the default passwords and settings of every major soho Netgear and Linksys a customer could buy at a big box store and try to install behind our CPE. Why? Because we were *supposed to help our customers*! We would never say "You'll have to call Linksys..." I even helped a consultant/ "CCNP" research and configure a v.35 interface fora Cisco he was being paid $75 an hour to connect to our CPE.

If RR is training their techs to tell me to call Linksys because I have an issue with a Cisco router using dhcp, it just means they would rather bs me and blow me off than actually spend more than three minutes helping a customer... but I'm not telling anybody here anything they don't already know.



/end rant

--
Insights welcomed.
Insidious conspiratorial allegations discouraged, but covertly smiled upon.