DHCP Caching issue?



  • Hi,
     I'm on a cable modem network.  I am getting "walled Garden" DNS server address assignments from the cable company.  Supposedly they fixed this.  But it seems that when I get  an initial DNS assignment from the cable companies DHCP server, even if they change it, I still get the DNS entries assigned to my WAN interface for a long period of time.  Is there a place to flush these entries?  Is there a db file I can delete?  I've had similar strangeness with Linux routers and cable modem networks doing this.

    I can edit out the nameservers in resolv.conf, reboot and the bad servers keep getting dropped into resolv.conf

    Thanx!
    Les



  • Suggestion:

    Select your own DNS, say openDNS, (see http://www.opendns.com) and don't let your ISP override it. ( Under System -> General Setup, specify your selected DNS and uncheck the box Allow DNS server list to be overridden by DHCP/PPP on WAN).



  • @wallabybob:

    Suggestion:

    Select your own DNS, say openDNS, (see http://www.opendns.com) and don't let your ISP override it. ( Under System -> General Setup, specify your selected DNS and uncheck the box Allow DNS server list to be overridden by DHCP/PPP on WAN).

    That's one idea, but it doesn't address the basic problem.  I see this same problem with Little Linksys Routers.  I can set my own DNS on my LAN assignment DHCP.  That fixes it, but not really.  I cleaned out the  resolv.conf, nameserver files and lease files.  Eventually I got all the old entries, bounced the interface and it got the new DNS assignments.

    Problem is I don't know which file whack did it.  Also I would like to know if there is a command to flush all the old entries, kinda like a DNS Cache Flush for the DHCP entries.  That way I don't have to hunt them down each time.

    Do you know of any command to do this, or maybe a list of files to track down and vi?



  • What's the problem really with Wallabybob's solution? Can't you at least try it? It does exactly what you want which is to prevent the WAN dhcp overriding the dns servers you set yourself in System->General setup.



  • @kpa:

    What's the problem really with Wallabybob's solution? Can't you at least try it? It does exactly what you want which is to prevent the WAN dhcp overriding the dns servers you set yourself in System->General setup.

    I did it, it works fine.  But it's not a real fix for the issue now is it?



  • I'm curious about what you think the real fix might be.

    From your description it seems your ISP nominates as a DNS server a system that doesn't DNS serve. If you are looking for a fix for that then I suggest you are looking in the wrong place  ;D

    Maybe you think the real fix is for pfsense to rapidly take note of a change in the DNS server nominated by the ISP. I haven't looked at the standards documents - there may not be a mandated behaviour in this circumstance.  Your experience with the Linksys router suggests that it might be common implementation practice to not take quick notice of a change in DNS server on change of DHCP assigned address on the WAN interface. If thats the case, then regardless of what the standards might say, if the ISP wants to avoid annoying their customers, the pragmatic fix might be for them to stick with fixed IP addresses for the DNS servers. (There could be a lot of routers out there to change.)

    If you think pfSense is behaving wrongly I think its up to you to make the case for that.



  • @wallabybob:

    I'm curious about what you think the real fix might be.

    From your description it seems your ISP nominates as a DNS server a system that doesn't DNS serve. If you are looking for a fix for that then I suggest you are looking in the wrong place  ;D

    Maybe you think the real fix is for pfsense to rapidly take note of a change in the DNS server nominated by the ISP. I haven't looked at the standards documents - there may not be a mandated behaviour in this circumstance.  Your experience with the Linksys router suggests that it might be common implementation practice to not take quick notice of a change in DNS server on change of DHCP assigned address on the WAN interface. If thats the case, then regardless of what the standards might say, if the ISP wants to avoid annoying their customers, the pragmatic fix might be for them to stick with fixed IP addresses for the DNS servers. (There could be a lot of routers out there to change.)

    If you think pfSense is behaving wrongly I think its up to you to make the case for that.

    The real fix for me would be when the ISP changes their DHCP information that it is reflected on the next Up/Down cycle of the interface.  Even Windows will do that.  The Linksys Routers that have this issue are running Linux.

    You obviously are not familiar with "walled garden" provisioning systems.  When you hook up your cable modem to a new system, you are thrown into a "walled garden".  There is a DNS server that considers itself a Root server and answers all queries with the same answer, which is the Cable Companies provisioning page where they ask you all your acct info, etc.  Then once that is done, you HUP the equipment(powe cycle) and your DNS servers are switched to "REAL" DNS servers and you're off to the races.  That is one area where I'm seeing the issue.  The other scenario is if a DNS server is decommissioned or offline.  The DHCPD config is changed by the ISP, but the router 'remembers" the old settings for a "while", usually a number of hours.

    I would like a simple dhclient command to "Flush" the files or something similiar.  I'm asking if that is possible.  I haven't found it yet.  Instead of having to manually edit out the old entries and HUP or run dhclient.

    I'm not entirely sure where the problem lies.  I've only seen this on 'NIX based DHCP clients.  On Linksys gear, I've seen a power outage cause it to get confused for a few hours.  It's like there's a timer there that needs to time out before it will accept a reassignment.  It's not the DHCP server because Winodws Clients will get a DHCP assignment immediately off the same network.

    But really back to my original request.  I'm requesting if anyone knows a command line flush command that would necessitate a rewrite of the files instead of using the last known entries.  If I vi the files, and run dhclient on the if, it works fine.  I just don't work in UNIX anymore and it takes a while to track them down.  the fact that my background was in Solaris and not FreeBSD doesn't help either.



  • This is something that I see on Linux clients occasionally as well.  The update to /etc/resolv.conf is done by dhclient-script.  The dhclient-script looks ok and I don't see any obvious configuration directives for dhclient to get it to force an update of the resolver configuration file.

    The dhclient lease file is in /var/lib/dhclient/ on Linux.


  • Rebel Alliance Developer Netgate

    You probably just need to run dhclient again if the second attempt really does pull the proper addresses.

    You can try going to Status > Interfaces, then click Release, then Renew.


Log in to reply