New CMTS, new problems for DHCP Client

[Spc]

So my ISP just changed old CMTS ( DOCSIS 3.0) to new Cisco CMTS (DOCSIS 3.1).
I am using ASUS RT-AC68U and ASUS RT-N66U.

New CMTS is Cisco cBR-8:
https://www.cisco.com/c/en/us/products/video/cbr-series-converged-broadband-routers/index.html

Me and alot of my friends that are on this ISP have huge problems, it takes 30-120 minutes to obtain IP address sometimes even longer.
I have tried many routers and many open source firmwares for different routers including asus, linksys, tp-link and ohters.

What happens is that for example asus routers with asus default firmware can't get IP address for 120 minutes or more, same goes with dd-wrt, while dd-wrt doesn't display any error message it just displayes 0.0.0.0 as ip address, asus firmware says:
Internet status:
Your ISP's DHCP does not function properly.

and it stays this way for 120minutes after that it somehow obtains an IP address

DHCP LOG from TP-LINK router:
http://www.netsky.org/telemach/DHCP/DHCPLOG24.txt

I went through the DHCP client logs and folowing things happen:
1. If DHCP client sends "REQUEST" it doesn't get "ACK" back, no IP obtained.
2. DHCP "REQUEST" is send 13 times over the day but no IP is obtained (see log).
3. Lease time is 24 hours, 1 day (86400 seconds).
4. DHCP client can only obtain IP address if it sends "BROADCAST REQUEST".
5. If DHCP client "BROADCASTS REQUEST" (udhcpc -B) it gets IP address instantly in less than 1 second.
6. ISP's DHCP Server only sends "ACK" back if my DHCP client sends "BROADCAST REQUEST" if I only send "REQUEST" it does not work.
7. If i don't get "ACK" back from DHCP server, my internet traffic is blocked on CMTS side, so even if i enter ip manually (i have static ip bound to my mac) traffic is always blocked.
8. Conclusion is that if i don't broadcast request i do not get IP address and my internet traffic is blocked forever.

Now i've seen that asus firmware has agressive setting which does not help at all so maybe Asuswrt-Merlin can add expert settings to DHCP Client settings, i suggest following changes for AsusWRT-Merlin:
1. DHCP Client manual settings
2. Keep all logs of DHCP client requests and DHCP server replies in special DHCP client log.
3. User can now activate manual advanced settings for DHCP Client (normal, agressive, manual) and specify uDHCPc "Broadcast Request" frequency in seconds (range should be 1 second to max lease time) , this should warn user that some ISP's ban users for DDoS-ing their DHCP servers with red text, but user can then set broadcast requests time manually if it's needed.
4. When router starts AsusWRT-Merlin should always first try to send "BROADCAST REQUEST" to obtain IP address (uDHCPc -B).


I know you can create scripts, which i will definitely try, but some users are not that experienced and just want a simple "click and set" solution. AsusWRT-Merlin is really awesome because it even includes nano and if you can implement this DHCP client feature it would be awesome and solve alot of problems with some ISP providers.

Thank you very much and have a very nice Christmas everyone.







Images:

DD-WRT (Router1):

Lease never gets refreshed (Router2):

 

[sfx2000]

So my ISP just changed old CMTS ( DOCSIS 3.0) to new Cisco CMTS (DOCSIS 3.1).
I am using ASUS RT-AC68U and ASUS RT-N66U.

New CMTS is Cisco cBR-8:
https://www.cisco.com/c/en/us/products/video/cbr-series-converged-broadband-routers/index.html

Me and alot of my friends that are on this ISP have huge problems, it takes 30-120 minutes to obtain IP address sometimes even longer.
I have tried many routers and many open source firmwares for different routers including asus, linksys, tp-link and ohters.

If possible...

1) Share the name of the ISP - this can be useful when debugging other issues related to that ISP
2) What is the CM Vendor/Model in use - for example Motorola SB6183 or similar

 

[Deleted member 22229]

Make sure your modem is at least d-3.0 and it may also help to do a factory reset on the modem after a new CMTS install. That is not just a power cycle but depressing the indented button on the back till the lights begin to cycle then release and wait for resync.

 

[Spc]

My ISP is: http://www.telemach.si

I have been in contact with their network engineers and they do not know exactly what the problem is.
I had the same problem 7 years ago (when they changed to DOCSIS 3.0 CMTS), so my ISP decided back then to manually enter static route for my IP into CMTS and it worked flawlessly until this new DOCSIS 3.1 CTMS.

Before they changed CMTS me and my neighbours were all given static routes in CMTS so that even manually entered IP addresses worked, but now they don't want to do this anymore and from now on it's DHCP only.

My first modem was:
Cisco EPC3212 DOCSIS 3.0 ( Chipset: Broadcom BCM3380 DOCSIS 3.0 1st GEN 'Dual 32MHz Tunners')

They already gave me a new modem:
Technicolor EPC3208 DOCSIS 3.0 (Chipset: Broadcom BCM3382 DOCSIS 3.0 2nd GEN 'Single 96MHz Tunner' )

Modem has latest firmware:
Current Software Revision: e3200-ES-16-c1000r5593-160215c

All cables are CAT6a connected at 1GbE Full Duplex.


We also tried other modems and result is always the same, me and other neighbors have the exact same issues.

Yes we have tried to reset modems and network config, but it's a problem on ISP's DHCP relay server i think.
My ISP has been in contact with cisco since september but they still haven't resolved this issue.

So only "broadcast flag" works on DHCP request, same with my neighbours routers / modems.

So as long as i do "udhcpc -B" every 24 hours internet is not blocked and works fine, if i don't do it, CMTS blocks traffic because DHCP server didn't receive any DHCP requests (broadcasts).

 

[sfx2000]

My ISP is: http://www.telemach.si

I have been in contact with their network engineers and they do not know exactly what the problem is.
I had the same problem 7 years ago (when they changed to DOCSIS 3.0 CMTS), so my ISP decided back then to manually enter static route for my IP into CMTS and it worked flawlessly until this new DOCSIS 3.1 CTMS.

Probably just have them reprovision the modem in the new CMTS system.

 

[Spc]

They did that already

 

[sfx2000]

Your client is trying to rebind the DHCP assigned address - and this is where it is failing, and it goes back into initialization state.

Nothing can be done from the client side - I'm suspecting a load balancer configuration issue at the ISP - back when I was in telco space - we had multiple DHCP servers behind load balancers, and the LB config needs to pass the message back to the DHCP server.

Depending on what switches they're using in the plant, they may have to explicitly set routes there (juniper can use implicit routes, cisco needs the routes to be explicitly set - same with F5 vs. Cisco on the LB side for message passing)

 

[Spc]

Today i've created a cru scheduled task to set udhcpc -B every minute.
Router gets ip address every time a minute elapses, so now it's working correctly.

Maybe a DHCP lease time override would be nice to have in GUI of AsusWRT-Merlin for dhcp client, so that user can manually set when dhcp client sends broadcast.


I'll also contact my ISP and tell them to check load balancing issues like you suggested.

 

[RMerlin]

Router gets ip address every time a minute elapses, so now it's working correctly.

That would be ground for your ISP to blacklist your MAC, and precisely why I will not provide a manual override value to the webui.

 

[Spc]

That would be ground for your ISP to blacklist your MAC, and precisely why I will not provide a manual override value to the webui.

They already told me few months ago it's ok to do that, because they're also testing DHCP network.
DHCP is also being relay-ed which means i am not even getting to main DHCP server.

I think i am querying my modem by doing DHCP Broadcast and then my modem relays it to main DHCP server.

 

[RMerlin]

I think i am querying my modem by doing DHCP Broadcast and then my modem relays it to main DHCP server.

If it's a broadcast, then I would expect it to be sent either to the whole ISP-side subnet (the one that hosts their DHCP server, or at least their frontline router), or to the whole node (depending on their network architecture).

Some ISPs have been known in the past to blacklist MACs that issue too many DHCP requests. One ISP in particular would reject DHCP requests if you sent more than a few within a given period of time. That particular ISP was why I had to add the option to switch between aggressive (the format DHCP timeout values) and normal (more relaxed values). People using aggressive on that particular ISP network would be unable to obtain a DHCP lease in various scenarios - the ISP dropped all their DHCP requests, and required a minimal period of "quiet" to unblock them.

 

[Spc]

So what's "normal" period of time ?
10 minutes ? 1 hour ?

Because my TP-LINK router with default factory firmware sends 25 requests in 1 day.

 

[RMerlin]

So what's "normal" period of time ?
10 minutes ? 1 hour ?

Because my TP-LINK router with default factory firmware sends 25 requests in 1 day.

If you already have a lease, then it's something like half the life of the lease (so if the lease is for 24 hours, it's sent after roughly 12 hours - I forgot the exact calculation made, you'll have to look at the busybox code).

if the router doesn't have any lease, then normal mode will send 2 discovery packets 5 seconds apart, then it will wait 160 seconds before retrying again. Aggressive mode is 3 packets 3 seconds apart with a 20 seconds wait before retrying - that was tripping Charter's security measures.