[ previous ] [ next ] [ threads ]
 
 From:  "David Kitchens" <spider at webweaver dot com>
 To:  "'CygnusX1'" <cygnusx1 at insightbb dot com>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Cable modem issue with m0n0wall - part1of 2
 Date:  Fri, 6 Aug 2004 00:05:20 -0400
As a long time Comcast user, I've always had good luck getting things hooked
up to them. The BIGGEST thing to do when switching pc's, routers, or
firewalls with Comcast is to turn off and unplug the power from the cable
modem for at least 5 minutes. The Motorola and Toshiba units they use here
in MI have memory in them that will hold a MAC address until it is powered
down for several minutes. I just moved from my house and am staying with my
parents till my new home is ready and I simply unplugged my Soekris/M0n0 and
brought it across town, powered down the parents modem and by the time my
computer was setup and my switch installed, the modem had cleared its' MAC
and m0n0wall came up just fine. I have experienced this same behavior with
several client installs as well. Doing a quick cable change from pc to
monowall will fail everytime unless the modem is unplugged.

Dave

> -----Original Message-----
> From: CygnusX1 [mailto:cygnusx1 at insightbb dot com] 
> Sent: Thursday, August 05, 2004 11:42 PM
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: Re: [m0n0wall] Cable modem issue with m0n0wall - part1of 2
> 
> I thought this went..was still to big. Broke it up in two 
> parts....also in response to Mr. Wright: the spoofed MAC is 
> there because Insight locked onto a MAC. During my initial 
> setup 18 months ago, I did the install with my PC, an hour 
> later, I put a Linksys router in place with the MAC of my PCs 
> NIC, not to long after that I did the same with m0n0wall. I 
> will remove this now that I am on Comcast and see what 
> happens. In addition, when my sync is lost (according to the 
> modem log), I still have connectivity but I have heavy spurts 
> of packet loss. I will try and pay close attention to the 
> modem lights for a bit, but they appear to indicate all is 
> well. And, I am not trying to be difficult, but, before I go 
> to the wall with Comcast, I need a better understanding of 
> what is happening. Maybe Comcast is different, but Insight 
> would first tell me to plug the PC in with no firewall and if 
> it worked, they would be done.
> 
> Thanks for replying Justin and thank you for any help. I hope 
> I have included enough info to provide a good picture of the 
> situation.
> I do not know what is going on here, but, I want to reiterate 
> that a WinXP machine hooked straight to the cable modem works 
> flawlessly. In the firewall log, I noted some blocked ICMP 
> packets from the DHCP server noted in dhclient.leases. I have 
> tried allowing all traffic from the UBR and the DHCP server 
> to reach the m0n0wall...this didn't seem to work. My firewall 
> rules are default except I have allowed SSH from my work IP 
> address into the network.
>  
> 
> ***********************************************
> config.xml
> <?xml version="1.0"?>
> <m0n0wall>
>    <version>1.4</version>
>    <system>
>        <hostname>pluto</hostname>
>        <domain>alpha.local</domain>
>        <dnsallowoverride/>
>        <password>xxxxx</password>
>        <timezone>America/Indiana/Indianapolis</timezone>
>        <time-update-interval>300</time-update-interval>
>        <timeservers>ntp-2.mcs.anl.gov</timeservers>
>        <webgui>
>            <protocol>https</protocol>
>            <certificate>SNIP</certificate>
>            <private-key>SNIP</private-key>
>            <port/>
>        </webgui>
>        <username>admin</username>
>        <dnsserver>68.x.x.x</dnsserver>
>        <dnsserver>68.x.x.x</dnsserver>
>    </system>
>    <interfaces>
>        <lan>
>            <if>xl0</if>
>            <ipaddr>192.168.0.1</ipaddr>
>            <subnet>24</subnet>
>        </lan>
>        <wan>
>            <if>dc0</if>
>            <blockpriv/>
>            <spoofmac>xx.xx.xx.xx.xx.xx</spoofmac>
>            <mtu/>
>            <ipaddr>dhcp</ipaddr>
>            <dhcphostname/>
>        </wan>
>    </interfaces>
>    <staticroutes/>
>    <pppoe/>
>    <pptp/>
>    <dyndns>
>        <type>dyndns</type>
>        <username/>
>        <password/>
>        <host/>
>        <mx/>
>    </dyndns>
>    <dhcpd>
>        <lan>
>            <enable/>
>            <range>
>                <from>192.168.0.100</from>
>                <to>192.168.0.200</to>
>            </range>
>            <defaultleasetime>2618784</defaultleasetime>
>            <maxleasetime>3628800</maxleasetime>
>        </lan>
>    </dhcpd>
>    <pptpd>
>        <mode>off</mode>
>        <redir/>
>        <localip>snip</localip>
>        <remoteip>snip</remoteip>
>        <radius>
>            <server/>
>            <secret/>
>        </radius>
>        <req128/>
>        <user>
>            <name>snip</name>
>            <password>xxxxx</password>
>        </user>
>    </pptpd>
>    <dnsmasq>
>        <enable/>
>        <regdhcp/>
>    </dnsmasq>
>    <snmpd>
>        <syslocation/>
>        <syscontact/>
>        <rocommunity>public</rocommunity>
>    </snmpd>
>    <diag>
>        <ipv6nat>
>            <ipaddr/>
>        </ipv6nat>
>    </diag>
>    <bridge/>
>    <syslog>
>        <nentries>1000</nentries>
>        <remoteserver>192.168.0.x</remoteserver>
>        <filter/>
>        <dhcp/>
>        <system/>
>        <enable/>
>        <reverse/>
>    </syslog>
>    <nat>
>        <rule>
>            <protocol>tcp</protocol>
>            <external-port>22</external-port>
>            <target>192.168.0.x</target>
>            <local-port>22</local-port>
>            <interface>wan</interface>
>            <descr>Jupiter SSH</descr>
>        </rule>
>    </nat>
>    <filter>
>        <rule>
>            <type>pass</type>
>            <interface>wan</interface>
>            <protocol>tcp</protocol>
>            <source>
>                <address>x.x.x.x</address>
>            </source>
>            <destination>
>                <address>192.168.0.x</address>
>                <port>22</port>
>            </destination>
>            <log/>
>            <descr>NAT Jupiter SSH</descr>
>        </rule>
>        <rule>
>            <type>pass</type>
>            <interface>wan</interface>
>            <source>
>                <address>10.92.92.1</address>
>            </source>
>            <destination>
>                <address>68.x.x.x</address>
>            </destination>
>            <log/>
>            <descr>DHCP blah to UBR</descr>
>            <disabled/>
>        </rule>
>        <rule>
>            <type>pass</type>
>            <interface>wan</interface>
>            <source>
>                <address>172.30.58.34</address>
>            </source>
>            <destination>
>                <address>68.x.x.x</address>
>            </destination>
>            <log/>
>            <descr>DHCP server Comcast</descr>
>            <disabled/>
>        </rule>
>        <rule>
>            <type>pass</type>
>            <descr>Default LAN -&gt; any</descr>
>            <interface>lan</interface>
>            <source>
>                <network>lan</network>
>            </source>
>            <destination>
>                <any/>
>            </destination>
>        </rule>
>    </filter>
>    <shaper/>
>    <ipsec/>
>    <aliases/>
>    <captiveportal>
>        <page/>
>        <timeout>60</timeout>
>        <interface>lan</interface>
>        <idletimeout/>
>        <radiusip/>
>        <radiusport/>
>        <radiuskey/>
>    </captiveportal>
>    <wol>
>        <wolentry>
>            <interface>lan</interface>
>            <mac></mac>
>            <descr></descr>
>        </wolentry>
>        <wolentry>
>            <interface>lan</interface>
>            <mac></mac>
>            <descr></descr>
>        </wolentry>
>        <wolentry>
>            <interface>lan</interface>
>            <mac></mac>
>            <descr></descr>
>        </wolentry>
>    </wol>
> </m0n0wall>
> 
> 
> ***********************************************
> dhclient.leases
> lease {
>  interface "dc0";
>  fixed-address 68.x.x.x;
>  filename "msb3100_v1_silver_c01";
>  option subnet-mask 255.255.252.0;
>  option dhcp-lease-time 604800;
>  option routers 68.x.x.x;
>  option dhcp-message-type 5;
>  option domain-name-servers 68.x.x.x,68.x.x.x;  option 
> dhcp-server-identifier 172.30.58.34;  option domain-name 
> "xxx.xxx.indy.comcast.net";  renew 5 2004/8/6 17:48:40;  
> rebind 2 2004/8/10 03:11:25;  expire 3 2004/8/11 00:11:25; }
> 
> ************************
> Cable Modem Log (Ethernet cable was disconnected due to 
> storms until about 17:45)
> 2004-08-04 18:03:33    critical    Started Unicast 
> Maintenance Ranging - 
> No Response received - T3 time-out
> 2004-08-04 18:03:32    critical    Started Unicast 
> Maintenance Ranging - 
> No Response received - T3 time-out
> 2004-08-04 17:44:49    critical    Started Unicast 
> Maintenance Ranging - 
> No Response received - T3 time-out
> 2004-08-04 15:58:02    critical    Started Unicast 
> Maintenance Ranging - 
> No Response received - T3 time-out
> 2004-08-04 15:58:01    critical    Started Unicast 
> Maintenance Ranging - 
> No Response received - T3 time-out
> 2004-08-04 15:51:51    critical    Started Unicast 
> Maintenance Ranging - 
> No Response received - T3 time-out
> 2004-08-04 15:51:40    information    Authorized MAC addr:xx 
> xx xx xx xx xx
> 2004-08-04 15:51:39    information    Cable Modem Status set to 
> Registration Complete
> 2004-08-04 15:51:39    information    Received REG-RSP from CMTS
> 2004-08-04 15:51:39    information    Sending Registration Request
> 2004-08-04 15:51:39    information    Processing Configuration File
> 2004-08-04 15:51:36    information    DHCP: IP complete
> 2004-08-04 15:51:36    information    DHCP: Syslog server not 
> specified
> 2004-08-04 15:51:36    information    DHCP: Syslog server not 
> specified
> 2004-08-04 15:51:32    debug    DHCP_coldstart() successfully
> 2004-08-04 15:51:30    information    Beginning ranging 
> process. Initial 
> Power=49.00 dBmV
> 2004-08-04 15:51:26    information    Sync recovery loop is locked
> 2004-08-04 15:51:22    information    Scan Downstream Frequency...
> 2004-08-04 15:51:21    information    DHCP: back to initial state
> 2004-08-04 15:51:21    critical    Unicast Maintenance 
> Ranging attempted 
> - No response - Retries exhausted
> 2004-08-04 15:51:21    critical    Started Unicast 
> Maintenance Ranging - 
> No Response received - T3 time-out
> 2004-08-04 15:51:20    critical    Started Unicast 
> Maintenance Ranging - 
> No Response received - T3 time-out
> (THIS continues every 1 or 2 seconds for the previous 5 minutes)
> 
> 
> Justin Ellison wrote:
> 
> Just getting in on this thread - forgive me if I missed something...
> 
> If your cable modem is not coming online, then it has nothing 
> to do with
> m0n0wall, or any other box behind it.  T3 timeouts mean that the modem
> has lost communication from the CMTS, and it basically 
> reboots and tries
> to re-register. 
> Send your m0n0wall logs, as well as your modem logs.
> 
> Justin
> 
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
> 
>