[ale] Comcast DHCP
Scott McDonald
twopeanuts at gmail.com
Thu Mar 29 14:35:33 EDT 2007
I'm interested in hearing about what others are getting away with on comcast :)
Before I moved last month, I was renting a furnished room that
included comcast. The IP didn't change in the 6 months I was there -
lots of router reboots, power outages, etc... the gateway was a
linksys wifi hub combo. I had it configured for nat port redirection
so I could host my box there, ssh / dns / http in etc... worked like a
charm. While I was there, I would have sworn that comcast just using
dhcp to hand out static IPs. That is not the case.
After I moved and got my own comcast service, I had the same IP for
two weeks when my box was XP (cause linux doesn't have driver support
for my tv in card). Now I've ditched it and moved to 64bit linux host
with a slew of vmware guest desktops (cause I don't watch tv on the
computer anyway), my IP changes frequently - at least once ever 2-3
days. I've tried defining one of the dhcp IPs I got as static, that
worked for awhile then quit working. I had to switch back to dhcp to
get a new ip working again. So, there is definitely something going
on in the backend (probably mac based) to prevent static ip "abuse".
At least on the network I'm on now, if its different from the comcast
network I was on 3 miles away before I moved...sure seems like it. Its
either forcing dhcp changes based on time or on throughput. So I
wrote a script that runs every few minutes, it checks ifconfig output,
hacks it up with grep and awk, writes it to a tmp file, compares with
the old tmp file, and IF my ip has change it then uses lynx to call a
zoneedit.com url to update my zones with my new IP. Its changed once
since I finished the script setup earlier this week - it was almost
completely transparent... when it changed, I was at work with an sshfs
mount of my music partition which suddenly quit playing. About an
hour later, after my old dns A record expired, I was able to bring up
the sshfs mount again. The occasional website visitor would have
never noticed.
Yesterday I setup a little traffic.pl script to feed mrtg so I can
graph my eth0 on the host - and the virt interface on my vm guest web
server.
The host is of course running a firewall, using firestarter to open
ports when needed and vmware's nat.conf to redirect to guest ports.
In firestarter, I can also see 2 of my neighbors are constantly
passing traffic to eDonky and bittorrent ports on a couple of IPs.
Which being able to see their traffic didn't give me warm fuzzies, so
I went ahead and setup snort to drop traffic coming in eth0 based on
some public rulesets. I've been surprised at what snort has dropped
in the last 24hrs.
The host/gateway (physically connected to comcast cable modem):
http://twopeanuts.com/mrtg/bodhi.html
A vm guest webserver:
http://twopeanuts.com/mrtg/sidhartha.html
If anybody wants any of the scripts or config files I'm using in my
setup, shoot me an email.
More information about the Ale
mailing list