I am running 2.8.28 and I am seeing on a couple of my systems the private IP address that I assign clients going bad. I am using static ip’s and simple queues for bandwith control. I just had a third incident of a IP going bad. The first time I saw this was about six months ago. A client that has been running for about a year suddenly cant get the internet to come up. I replace equipment and still no go. I reassign a different IP and things are ok. The second time this happend, the client is new just a few days of up time, and WHAM-O the internet connection slows to a crawl. Just yesterday the third customer gets hit, after being up for a month. I reassign a new number and all is well. Any thoughts as to what is going on here? I has me stumped.
Mike
I’ve noticed this in two situations for myself - one is if you have any type of dynamic configuration going on. I haven’t figured out the areas that are getting updated, but if you have DHCP server that is not static running somewhere, some routes will get updated and all of a sudden they have internet. They can’t ping or get out otherwise but they can get internet.
I don’t know if you use the trasnparent proxy, but I do and I think it has something to with that.
Also, I use CB3’s and have always done the “clone MAC address” which makes the Bridge take on the MAC of the PC behind it. I started experiementing with not cloning, leaving the bridge with it’s own MAC and then putting multiple clients behind it using the MAC of the bridge. So under ARP, for static entries, instead of the client MAC entered with their IP, I would put the bridge (non cloned but native) MAC as the client MAC as well, because no matter what only one MAC will come accross from behind the bridge. This way I could have multiple devices. However then I noticed that devices I hadn’t setup with firewall rules could still get to the internet.
So just some food for thought. I think there is some relation to Dynamically generated entries, whether due to DHCP, being behind a bridge where it affects the MAC address and maybe the transparent proxy.
I’m still investigating.
Good Luck.
-Carus