# Solved: DNS client lease expires every hour, or 30 minutes. (Router hates Vista clien



## metalmadness (Aug 31, 2009)

So, here's the problem. Most of the time, DNS client leases should last for an entire day (24 hours) and must update by UDP (right? correct me if i'm wrong), or otherwise the WAN connection gets cut. IE: loses connections to your favorite IM client, the Internet, or anything similar. The problem here is the DNS leases go only through for an hour, and then the connection goes kaput. I've tried Static IP addressing, router reset/reboot, but nothing else came up. And it seems that ONLY the wireless clients get these problems, except for a computer running Windows XP, connected through LAN. The router used here is a Linksys wrt300n router, running DD-WRT (after bricking it due to a failed ROM flash with the last official Linksys firmware issued for v1 models).

The nutshell: An XP client gets a DNS client lease lasting for 24 hours. Checked everything, seems to be running fine. The Vista clients get only a 60 minute lease from the router. Ugh.

Any insights here? If anyone here wants to see my DD-WRT settings, I'll post them as soon as somebody replys here. K? 

C:\>ipconfig /allcompartments /all

Windows IP Configuration

==============================================================================
Network Information for Compartment 1 (ACTIVE)
==============================================================================
Host Name . . . . . . . . . . . . : SYSADMIN
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR5007 802.11b/g WiFi Adapter
Physical Address. . . . . . . . . : 00-22-69-57-04-4A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a097:764b:f186:65d3%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.15(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
* Lease Obtained. . . . . . . . . . : Sunday, August 30, 2009 8:38:38 PM
Lease Expires . . . . . . . . . . : Sunday, August 30, 2009 9:43:20 PM*
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DNS Servers . . . . . . . . . . . : 156.154.70.22
156.154.71.22
192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8102E Family PCI-E Fast Ethernet NIC
Physical Address. . . . . . . . . : 00-1E-68-CD-DD-18
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{7DE5B78B-BB61-4D13-B299-4E69F174273F}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{7DE5B78B-BB61-4D13-B299-4E69F174273F}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 18:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{F4EFF952-1527-47FB-91BE-3F7EBA28B76F}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

C:\>


----------



## TerryNet (Mar 23, 2005)

FWIW the lease is for the entire IP configuration, not just the DNS server.

The router assigns the lease time, so unless there is something special (and unusual to me) in your firmware it's really unexpected for ethernet and wireless connections, or different operating systems, to get different times.

192.168.2.1 is not the default LAN IP for (most) Linksys routers. Is it the default for the DD-WRT? Or you assigned it? Are you sure the wireless PC you showed is connecting to the Linksys router?



> ... after bricking it due to a failed ROM flash ...


"Bricking" usually means making it inoperative. But you managed to get it working again?


----------



## hewee (Oct 26, 2001)

Your firewall has to have rights to get out and renew also.

What firewall do you have?

So the firewall will show the modem or router and you got to give it the right.


----------



## metalmadness (Aug 31, 2009)

hewee said:


> Your firewall has to have rights to get out and renew also.
> 
> What firewall do you have?
> 
> So the firewall will show the modem or router and you got to give it the right.


It's a Linksys WRT300N running on the latest (WIP, #12672) build of DD-WRT. Don't know what you meant by "...firewall will show the modem or router", but I'm quite sure it has both router + firewall functions, since it includes SPI firewall and some advanced routing features the stock Linksys wrt300n v1 firmware didn't offer, including the last 1.03.6 release.



TerryNet said:


> FWIW the lease is for the entire IP configuration, not just the DNS server.
> 
> The router assigns the lease time, so unless there is something special (and unusual to me) in your firmware it's really unexpected for ethernet and wireless connections, or different operating systems, to get different times.
> 
> 192.168.2.1 is not the default LAN IP for (most) Linksys routers. Is it the default for the DD-WRT? Or you assigned it? Are you sure the wireless PC you showed is connecting to the Linksys router?


It's been set to 192.168.2.1 for the past 2 1/2 years until last April 2009 when it stopped connecting to the 'net with the old 0.93.9 firmware. Tried to update it to 1.03.6. So this is the part where things went downhill. I accidentally flashed it with another firmware that was actually coded for the v1.1 wrt300n's, hence the brick. Got it back running with a jtag fix, done by a friend (don't have access to a soldering tool right now).

I can set it to 192.168.0.1, but setting it to the original 192.168.1.1 address (default for the stock Linksys firmware) will not connect to the WAN, even with DHCP disabled and Static IP enforced. Odd enough? Absolutely. 

There's even more. Shutting off the XP client (wired to router) somewhat fixed the DNS client lease time, but turning it back on again will cause the router to give out the 60-minute leases to the wireless clients.

C:\>ipconfig /allcompartments /all

Windows IP Configuration

==============================================================================
Network Information for Compartment 1 (ACTIVE)
==============================================================================
Host Name . . . . . . . . . . . . : SYSADMIN
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR5007 802.11b/g WiFi Adapter
Physical Address. . . . . . . . . : 00-22-69-57-04-4A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a097:764b:f186:65d3%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.122(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
 *Lease Obtained. . . . . . . . . .:Monday, August 31, 2009 12:20:46 AM
Lease Expires . . . . . . . . . .:Tuesday, September 01, 2009 12:20:46 AM*
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DNS Servers . . . . . . . . . . . : 156.154.70.22
156.154.71.22
192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Disabled

P.S.: I'm getting sleepy, and I've run out of coffee to brew. Ugh....


----------



## TerryNet (Mar 23, 2005)

> setting it to the original 192.168.1.1 address (default for the stock Linksys firmware) will not connect to the WAN


That could be because your modem is actually a modem/router combo, which also uses the 192.168.1.x subnet.

Other than that, I have no ideas to add to this.


----------



## hewee (Oct 26, 2001)

Firewall see's what is hooked up to the computer.
Like firewall will see...
Computer-modem
Computer-router
Computer-router/modem combo

Again what firewall do you have?
Step-by-Step: Configuring ZoneAlarm Firewall
Look under "Firewall Section - Zones Tab"
http://www.dslwebserver.com/main/fr_index.html?/main/sbs-zonealarm-configure.html

Online Armor
Interfaces
http://www.tallemu.com/webhelp3/FWStd.html#interfaces
and
Computers List
http://www.tallemu.com/webhelp3/FWStd.html#complist

Your computer - modem or router or combo need to have rights so you need them to be in the trust zone. 
That way it can renew your IP address. If it can't renew it gives you a limited one that keeps running out of time.

Also if you ever take the router away or add a router you have to renew your IP address.

http://kb.mit.edu/confluence/pages/viewpage.action?pageId=3908237


----------



## metalmadness (Aug 31, 2009)

TerryNet said:


> Quote:
> setting it to the original 192.168.1.1 address (default for the stock Linksys firmware) will not connect to the WAN
> That could be because your modem is actually a modem/router combo, which also uses the 192.168.1.x subnet.
> 
> Other than that, I have no ideas to add to this.


I know that the WRT300n is a combination modem + router. Done already that with another WRT-series router on a friend (PPoE mode). Tried setting my modem to Bridged mode and let the WRT300N router do the PPoE transaction, but still no good results. However, there's something more.



hewee said:


> Firewall see's what is hooked up to the computer.
> Like firewall will see...
> Computer-modem
> Computer-router
> ...


Some people at the DD-WRT.com forums told me that firewalls like ZoneAlarm _are a bit unfriendly_ with DD-WRT firmware (emphasis mine). I don't know the exact details, but usually I set the router and modem IP's to whitelist them (back then, when I still have them).

It's been a long time that I've used the last commercially-available software firewall. I used to have Comodo and ZoneAlarm Firewall(s) installed, but after being fed up dealing with the authorization dialog boxes that appear when I connect to a network or install something, I simply removed it. Seems also to have sped up my Internet connection too, at the expense of NOT having a firewall (or even anti-virii/anti-spyware application). :up:

However, things look good for now. Here's the point: Disabling the NetBIOS connection (and its service through the services.msc box), rewriting the Winsock settings with *netsh int ip reset resetlog.txt* and adding this command (see quote below). apparently solved the short DHCP lease. I'll give out first the ipconfig /allcompartments /all results first.

C:\Users\The Kitty's Box>ipconfig /allcompartments /all

Windows IP Configuration

==============================================================================
Network Information for Compartment 1 (ACTIVE)
==============================================================================
Host Name . . . . . . . . . . . . : SYSADMIN
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR5007 802.11b/g WiFi Adapter
Physical Address. . . . . . . . . : 00-22-69-57-04-4A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a097:764b:f186:65d3%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.122(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
*Lease Obtained. . . . . . . . . . : Tuesday, September 01, 2009 2:56:53 AM 
Lease Expires . . . . . . . . . . : Wednesday, September 02, 2009 2:56:53 AM*
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DNS Servers . . . . . . . . . . . : 156.154.70.22
156.154.71.22
192.168.2.1
_*NetBIOS over Tcpip. . . . . . . . : Disabled*_




> nvram set rc_firewall="iptables -I INPUT -p UDP -i vlan1 --dport 68 --sport 67 --source 156.154.70.22 -j logaccept"
> nvram set rc_firewall="iptables -I INPUT -p UDP -i vlan1 --dport 68 --sport 67 --source 156.154.71.22 -j logaccept"
> nvram commit


The skinny: Lease is expiring causing the connection to drop momentarily until the lease is renewed. It's supposed to be renewed by a UDP request from the client when reaching 50% of the lease time but responses from server are being blocked by the SPI firewall. They are being blocked because the response comes from a different address (wherein I used the DNS Advantage's servers instead of my ISP's) than the request was sent to (hence a loss of connection state and failure to pass the firewall). I can disable the SPI firewall, but that defeats the purpose of having a router with firewalling capabilites in the first place, right? If so, better use a hub.

The solution is to add a rule on the DD-WRT console that will allow the reply from the DHCP servers listed on the quote.


----------



## hewee (Oct 26, 2001)

OK it sounds like you have another DNS program and your firewall is blocking the renewing.
So it is still your firewall doing the blocking and some part of that program does not have the rights so see if you can find it.

With Firewalls if you delete that program then it will ask again.
But there may be components that were not deleted that was never given rights and it will not change them unless you delete the program from the firewall and lower the firewall setting to a learn mode and then that should find and change the other setting that is now keeping you from getting the modem renewed.

Not sure what SPI firewall is.

I got Online Armor Personal Firewall that is great.
I have the paid version that does more but the paid and free version are both top rated. 
http://www.matousec.com/projects/proactive-security-challenge/results.php


----------



## srhoades (May 15, 2003)

Why not just use those DNS servers in the DHCP scope that way your clients will get a DNS address of the router and the router uses your proffered DNS severs?

And I don't know if this will help or not
http://support.microsoft.com/kb/928233


----------



## metalmadness (Aug 31, 2009)

hewee said:


> OK it sounds like you have another DNS program and your firewall is blocking the renewing.
> So it is still your firewall doing the blocking and some part of that program does not have the rights so see if you can find it.
> 
> With Firewalls if you delete that program then it will ask again.
> ...


Again, there's NO firewall installed on the client and its associated plugins on my computer. Only the router does the firewalling job. According to Wikipedia (copypasted, emphasis not mine), SPI is defined as "a *stateful firewall* (any firewall that performs *stateful packet inspection* (*SPI*) or *stateful inspection*) is a firewall that keeps track of the state of network connections (such as TCP streams, UDP communication) traveling across it. The firewall is programmed to distinguish legitimate packets for different types of connections. Only packets matching a known connection state will be allowed by the firewall; others will be rejected."



srhoades said:


> Why not just use those DNS servers in the DHCP scope that way your clients will get a DNS address of the router and the router uses your proffered DNS severs?
> 
> And I don't know if this will help or not
> http://support.microsoft.com/kb/928233


Apparently, it does not work as easily on DD-WRT. Using the address of the router won't get them, because DNSMasq handles it a tad different. It's possible to do it on the stock Linksys firmware, though.

I've already used some of those netsh commands. Cited already earlier as the *netsh int ip reset resetlog.txt. *And on another note, I replaced the earlier nvram settings with nvram iptables -I INPUT -p UDP -i vlan1 --dport 68 --sport 67 -j logaccept. That accurately fits The Skinny I cited in my earlier posts.


----------



## srhoades (May 15, 2003)

How many clients are we talking about here? Are static IP's out of the question or is this just a battle more on principal?


----------



## hewee (Oct 26, 2001)

Well I do not know what else to do and it looks like srhoades may know more so hope he gets this fixed for you.


----------



## metalmadness (Aug 31, 2009)

I already got it working again. It now issues 24-hour DHCP leases...Re-flashed the firmware again with the latest build, and done a hard reset DD-WRT style. It meant:

30 seconds pressing the RESET button on the router
15 seconds unplugged
30 seconds pressing the RESET button while plugged in.

It's done!...For now.


----------



## hewee (Oct 26, 2001)

Good to hear


----------

