Discussion:
How to Renew the IP Lease using DHCP on SUN Solaris
(too old to reply)
d***@yahoo.com
2005-11-08 00:57:54 UTC
Permalink
I setup the machine following guidelines on Rich Teer's webpage.
http://www.rite-group.com/consulting/solaris_dhcp.html

After a reboot, ip is assigned; hostname becomes "unknown", but I have
a little script in /etc/rc2.d that takes care of setting back the
proper hostname. So far, so good.

The problem is that the lease is NOT being renewed in time. For
example, on 11/06 morning, running "ifconfig hme0 dhcp status" returned
the following:

Interface State Sent Recv Declined Flags
hme0 BOUND 60 2 0
(Began, Expires, Renew) = (11/06/2005 02:56, 11/07/2005 02:56,
11/06/2005 15:25)

This means that lease was obtained at 2:56AM on 11/6, and is set to
expire in 24 hours from the time lease was obtained. However, the lease
was NOT renewed up until about 3:39AM on 11/7, about 1 hour and 43
minutes after the lease expired. This is illustrated below.

Interface State Sent Recv Declined Flags
hme0 BOUND 63 2 0
(Began, Expires, Renew) = (11/07/2005 03:39, 11/08/2005 03:39,
11/07/2005 15:39)

Why is this happening? How can I make sure that the lease is renewed in
time? Also, what does "Renew" time mean in the status? If need be, I
can setup a cron job, or "sleep-renew-sleep" type of script that will
run all the time, but how do I tell "ifconfig" to do that? The only
options are start and drop -- there's no renew option..

Thanks in advance for your suggestions.
Logan Shaw
2005-11-08 03:47:08 UTC
Permalink
Post by d***@yahoo.com
The problem is that the lease is NOT being renewed in time. For
example, on 11/06 morning, running "ifconfig hme0 dhcp status" returned
Interface State Sent Recv Declined Flags
hme0 BOUND 60 2 0
(Began, Expires, Renew) = (11/06/2005 02:56, 11/07/2005 02:56,
11/06/2005 15:25)
This means that lease was obtained at 2:56AM on 11/6, and is set to
expire in 24 hours from the time lease was obtained. However, the lease
was NOT renewed up until about 3:39AM on 11/7, about 1 hour and 43
minutes after the lease expired. This is illustrated below.
Interface State Sent Recv Declined Flags
hme0 BOUND 63 2 0
(Began, Expires, Renew) = (11/07/2005 03:39, 11/08/2005 03:39,
11/07/2005 15:39)
Why is this happening? How can I make sure that the lease is renewed in
time?
Also, what does "Renew" time mean in the status?
The data you've provided doesn't convince me there is necessarily a problem.

Yes, you showed two leases and the second one you show started after the
first one you show expired. That, however, doesn't mean that there wasn't
another renewal somewhere in the intervening time.

In fact, part of the design of the DHCP system is that clients should renew
leases long before they expire rather than waiting until the last minute.
The reason is, when the lease expires, they are no longer allowed to use
that IP address, which will disrupt network communications if it happens.
And since a DHCP server might be down temporarily, it is not always
possible to renew at the last minute. Basically, the earlier you renew,
the bigger safety margin you have against being forced to give up your
IP address.

And that's what the "Renew" column is. It's the time at which the client
will make its first attempt to renew its lease.

For example, in the case you gave, the first lease starts at 2:56 on 11/06
and lasts 24 hours, but the client plans to renew it right about 12.5
hours later. If it does that and the server responds the first time
and everything happens instantaneously, it will probably have a new
24-hour least starting at about 15:25, probably again with another 12.5
hour delay until time to try to renew[1]. Anyway, 12.5 hours times 2 is
25 hours, which is quite close to the time different between the first
lease start you show and the second one you show.

So, to me the most likely explanation is that the lease is being
renewed every 12.5 hours.
Post by d***@yahoo.com
If need be, I
can setup a cron job, or "sleep-renew-sleep" type of script that will
run all the time, but how do I tell "ifconfig" to do that? The only
options are start and drop -- there's no renew option..
There is an "extend" option, but I don't think you need to use it.

If you're concerned about it or if you just want to watch what's going
on, I would just monitor the activity by doing this:

snoop -t r udp and port bootpc and not broadcast

Just leave that running for a few days and see what you see. My guess
is you will see a renewal about every 12.5 hours. Actually, now that
I think about it, the target time to try the first lease renewal might
be somewhat random, so it might not be exactly every 12.5 hours, but
the point is, this is a way you can observe the actual lease renewal
requests and server responses so that you can know whether it's really
behaving correctly or not.

- Logan
Dave Miner
2005-11-08 20:42:28 UTC
Permalink
Logan Shaw wrote:
...
Post by Logan Shaw
So, to me the most likely explanation is that the lease is being
renewed every 12.5 hours.
Logan's quite right about what probably happened. I'll just add that,
if the lease had actually failed to renew, you would find plenty of
messages in /var/adm/messages from dhcpagent reporting on what did happen.

Dave
d***@yahoo.com
2005-11-09 01:50:42 UTC
Permalink
Dave,

The VPN connection died exactly at the expire time of the first lease.
That's how I know that the connection did not renew. I also tried to
use the "ifconfig hme0 dhcp extend" command, but it did not renew the
lease when it was just a few hours.

When I plu in a Windows PC in the same DSL modem, Windows XP renews
leases for just 1 hour, but it renews before the lease expires.

On Solaris, the lease IS being renewed byitself, but not before it
expires. I will try the snoop command and report. Is there a way I can
request the lease to be for a desired time (say 15 minutes for testing
purposes, and 1 week for actual usage)?
John Serafin
2005-11-09 03:52:20 UTC
Permalink
Post by d***@yahoo.com
Dave,
The VPN connection died exactly at the expire time of the first lease.
That's how I know that the connection did not renew. I also tried to
use the "ifconfig hme0 dhcp extend" command, but it did not renew the
lease when it was just a few hours.
When I plu in a Windows PC in the same DSL modem, Windows XP renews
leases for just 1 hour, but it renews before the lease expires.
On Solaris, the lease IS being renewed byitself, but not before it
expires. I will try the snoop command and report. Is there a way I can
request the lease to be for a desired time (say 15 minutes for testing
purposes, and 1 week for actual usage)?
If it's a DSL, why not get one of those DSL/cable "router" thingies?
then you get a firewal and you can give the Sun a static IP address
and give several computers at once internet access.
--
John P. Serafin | This message not checked for viruses, etc. If your
jps at pobox com | system can't handle plain text, that's your problem.
John Howells
2005-11-09 08:42:48 UTC
Permalink
Post by d***@yahoo.com
The VPN connection died exactly at the expire time of the first lease.
That's how I know that the connection did not renew.
I am slightly puzzled at that statement, as it is not how the DHCP
client is behaving for me, using Solaris 8 systems as both DHCP client
and DHCP server.

With a lease time of 360 seconds I see:

Wed Nov 9 05:17:25 FKST 2005
Interface State Sent Recv Declined Flags
bge3 BOUND 2 2 0
(Began, Expires, Renew) = (11/09/2005 05:15, 11/09/2005 05:21,
11/09/2005 05:18)
Wed Nov 9 05:17:55 FKST 2005
Interface State Sent Recv Declined Flags
bge3 BOUND 2 2 0
(Began, Expires, Renew) = (11/09/2005 05:15, 11/09/2005 05:21,
11/09/2005 05:18)
Wed Nov 9 05:18:25 FKST 2005
Interface State Sent Recv Declined Flags
bge3 BOUND 1 1 0
(Began, Expires, Renew) = (11/09/2005 05:18, 11/09/2005 05:24,
11/09/2005 05:21)
Wed Nov 9 05:18:55 FKST 2005
Interface State Sent Recv Declined Flags
bge3 BOUND 1 1 0
(Began, Expires, Renew) = (11/09/2005 05:18, 11/09/2005 05:24,
11/09/2005 05:21)

on the client. That is, the renewal happens as expected at half the
lease time. This is as recommended by RFC2131, that (ignoring the
transition to rebinding state) the renewal should be done at half the
lease time (plus a "fuzz" factor). This also recommends that on failure
to renew there should be further renewals each at half the time of the
previous attempt.

If the DHCP server is now disabled I see:

Wed Nov 9 05:20:25 FKST 2005
Interface State Sent Recv Declined Flags
bge3 BOUND 1 1 0
(Began, Expires, Renew) = (11/09/2005 05:18, 11/09/2005 05:24,
11/09/2005 05:21)
Wed Nov 9 05:20:55 FKST 2005
Interface State Sent Recv Declined Flags
bge3 BOUND 1 1 0
(Began, Expires, Renew) = (11/09/2005 05:18, 11/09/2005 05:24,
11/09/2005 05:21)
Wed Nov 9 05:21:25 FKST 2005
Interface State Sent Recv Declined Flags
bge3 RENEWING 1 0 0 [BUSY]
(Began, Expires, Renew) = (11/09/2005 05:18, 11/09/2005 05:24,
11/09/2005 05:21)
Wed Nov 9 05:21:55 FKST 2005
Interface State Sent Recv Declined Flags
bge3 RENEWING 1 0 0 [BUSY]
(Began, Expires, Renew) = (11/09/2005 05:18, 11/09/2005 05:24,
11/09/2005 05:21)
Wed Nov 9 05:22:25 FKST 2005
Interface State Sent Recv Declined Flags
bge3 RENEWING 2 0 0 [BUSY]
(Began, Expires, Renew) = (11/09/2005 05:18, 11/09/2005 05:24,
11/09/2005 05:21)
Wed Nov 9 05:22:55 FKST 2005
Interface State Sent Recv Declined Flags
bge3 RENEWING 2 0 0 [BUSY]
(Began, Expires, Renew) = (11/09/2005 05:18, 11/09/2005 05:24,
11/09/2005 05:21)
Wed Nov 9 05:23:25 FKST 2005
Interface State Sent Recv Declined Flags
bge3 RENEWING 2 0 0
(Began, Expires, Renew) = (11/09/2005 05:18, 11/09/2005 05:24,
11/09/2005 05:21)
Wed Nov 9 05:23:55 FKST 2005
Interface State Sent Recv Declined Flags
bge3 REBINDING 3 0 0 [BUSY]
(Began, Expires, Renew) = (11/09/2005 05:18, 11/09/2005 05:24,
11/09/2005 05:21)
Wed Nov 9 05:24:25 FKST 2005
Interface State Sent Recv Declined Flags
bge3 SELECTING 6 0 0 [BUSY]

That is, the system changes to the RENEWING state at the expected time,
well before the lease is due to expire, and a snoop on the server shows
that the expected DHCPREQUEST messages arrive at:

5:21:08
5:22:17
5:23:26

and the client changes to issuing DHCPDISCOVER messages at

5:24:08
5:24:12
5:24:21

so the client continues to attempt to renew, as expected, up to and
beyond the time when the lease is due to expire, changing from REQUEST
to DISCOVER messages when it enters the REBINDING state, exactly as
required by RFC2131.

John Howells
Logan Shaw
2005-11-09 09:03:20 UTC
Permalink
Post by d***@yahoo.com
The VPN connection died exactly at the expire time of the first lease.
That's how I know that the connection did not renew. I also tried to
use the "ifconfig hme0 dhcp extend" command, but it did not renew the
lease when it was just a few hours.
That's odd. It works for me when I do a "dhcp extend". I can confirm
that my Solaris system (the DHCP client) sends out a request packet
and the server sends back an ACK. (Curiously, it gets back two ACKs,
and they look identical according to "snoop -v". I wonder if the
server is sending two on purpose to reduce the odds that the ACK isn't
received. It is UDP, and packets can get dropped, after all.)

Anyway, I would definitely do the snoop and see what you get. My guess
is that dhcpagent is trying to send the request to renew, but either
it's not getting through or no reply is coming for whatever reason.

It's definitely unusual that the "dhcp extend" you're doing isn't
succeeding in renewing the lease. It seems likely that whatever is
preventing it from doing the renewal is also preventing the dhcpagent
from doing the renewal at the scheduled time. If so, it should be
possible to diagnose just by doing an "ifconfig .... dhcp extend" while
running snoop instead of waiting until dhcpagent gets around to doing
a renewal (which would take much more time).
Post by d***@yahoo.com
When I plu in a Windows PC in the same DSL modem, Windows XP renews
leases for just 1 hour, but it renews before the lease expires.
That's weird. Makes it sound like some kind of protocol incompatibility
or perhaps it is necessary for the client to run some additional software
to authenticate and without this hypothetical software the DHCP server
refuses to play ball.

- Logan
John Howells
2005-11-09 09:32:15 UTC
Permalink
Post by Logan Shaw
That's odd. It works for me when I do a "dhcp extend". I can confirm
that my Solaris system (the DHCP client) sends out a request packet
and the server sends back an ACK. (Curiously, it gets back two ACKs,
and they look identical according to "snoop -v". I wonder if the
server is sending two on purpose to reduce the odds that the ACK isn't
received. It is UDP, and packets can get dropped, after all.)
When I do that with Solaris 8 as client and server I get only one ACK.

John Howells
Logan Shaw
2005-11-09 10:12:11 UTC
Permalink
Post by John Howells
Post by Logan Shaw
That's odd. It works for me when I do a "dhcp extend". I can confirm
that my Solaris system (the DHCP client) sends out a request packet
and the server sends back an ACK. (Curiously, it gets back two ACKs,
and they look identical according to "snoop -v". I wonder if the
server is sending two on purpose to reduce the odds that the ACK isn't
received. It is UDP, and packets can get dropped, after all.)
When I do that with Solaris 8 as client and server I get only one ACK.
That's more like what I'd expect. Unfortunately, since I have no idea
what kind of DHCP server I'm using, I can't report what it is. It's
just whatever the ISP (which is a cable company) has decided to use.

- Logan
John Howells
2005-11-09 10:52:28 UTC
Permalink
Post by Logan Shaw
That's more like what I'd expect. Unfortunately, since I have no idea
what kind of DHCP server I'm using, I can't report what it is. It's
just whatever the ISP (which is a cable company) has decided to use.
I'm in the fortunate position of having full control of client and
server!

John Howells
Dave Miner
2005-11-09 17:26:44 UTC
Permalink
Post by d***@yahoo.com
Dave,
The VPN connection died exactly at the expire time of the first lease.
That's how I know that the connection did not renew. I also tried to
use the "ifconfig hme0 dhcp extend" command, but it did not renew the
lease when it was just a few hours.
When I plu in a Windows PC in the same DSL modem, Windows XP renews
leases for just 1 hour, but it renews before the lease expires.
Interesting.
Post by d***@yahoo.com
On Solaris, the lease IS being renewed byitself, but not before it
expires. I will try the snoop command and report. Is there a way I can
request the lease to be for a desired time (say 15 minutes for testing
purposes, and 1 week for actual usage)?
No, you can't specify a requested lease time via ifconfig or anything.
Many servers will ignore it anyway.

So is there anything in /var/adm/messages? dhcpagent should be logging
messages if the lease expires. Various ISP's do odd things - my cable
provider (Charter) will renew a lease without actually extending the
time until expiration, so I get messages in the log every day noting
that fact, though it eventually does renew later on.

The snoop output would be helpful.

As someone else mentioned, a firewall (Sunscreen or IPfilter) can also
get in the way. It's easy to get those misconfigured.

Dave

Loading...