Wan DHCP lease time too low (10 minutes)

I have asus rt-n13UB1 running OpenWrt 18.06.1. The ISP has provided with a router modem combo that I cannot avoid. My setup is as follows.
ISP Modem Router (192.168.1.1)-> DMZ giving public WAN IP (X.YY.ZZZ.IP) to openwrt (10.10.0.1). I have noticed that although lease time on ISP router is set up as 24 hours. openwrt is requesting to renew too frequently. Here is the snippet from the log. How do I fix this? It is filling up my log. Is this a bug in ISP router or openwrt?

Oct 11 17:41:34 10.10.0.1 openrouter netifd: wan (957): udhcpc: sending renew to 192.168.1.1
Oct 11 17:46:34 10.10.0.1 openrouter netifd: wan (957): udhcpc: sending renew to 192.168.1.1
Oct 11 17:51:34 10.10.0.1 openrouter netifd: wan (957): udhcpc: sending renew to 192.168.1.1
Oct 11 17:56:34 10.10.0.1 openrouter netifd: wan (957): udhcpc: sending renew to 192.168.1.1
Oct 11 18:01:34 10.10.0.1 openrouter netifd: wan (957): udhcpc: sending renew to 192.168.1.1
Oct 11 18:06:34 10.10.0.1 openrouter netifd: wan (957): udhcpc: sending renew to 192.168.1.1
Oct 11 18:11:34 10.10.0.1 openrouter netifd: wan (957): udhcpc: sending renew to 192.168.1.1
Oct 11 18:16:34 10.10.0.1 openrouter netifd: wan (957): udhcpc: sending renew to 192.168.1.1
.
.
Oct 11 18:21:34 10.10.0.1 openrouter netifd: wan (957): udhcpc: lease of XX.YY.ZZZ.IP obtained, lease time 600
------------------------------
Update:  This is old issue with [dd-wrt](https://svn.dd-wrt.com/ticket/973). I added the firewall rule but I am still having issues. 

The first thing I'd do is run tcpdump or wireshark and see if the upstream router is truly giving a valid lease. It may be that OpenWrt is getting something half-baked and trying to get a "real" lease every five minutes.

Does the five-minute request pattern start immediately after you first get a lease, or after some time?

There's nothing in the DHCP RFC/spec that prohibits a client from trying to renew its lease prior to "T1" ("time to renew", in human terms). The client behavior starts in section 4.4 of that document.

The firewall rule to allow DHCP responses that are "slow" should already be present in the OpenWrt "default" rules, as far as I know.

ACCEPT     udp  --  anywhere             anywhere             udp dpt:bootpc /* !fw3: Allow-DHCP-Renew */

What is reported by ifstatus wan | jsonfilter -e @.data.leasetime ?

1 Like

600

The lease time is actually 10 minutes not 5. I corrected the title. The same is reflected in the status page where the lease remaining goes down from 10 to 0 and renews.

Can the client request lease time to the host?

https://openwrt.org/docs/guide-user/network/ipv4/start#protocol_dhcp

# udhcpc --help
...
        -O OPT          Request option OPT from server (cumulative)
        -x OPT:VAL      Include option OPT in sent packets (cumulative)
                        Examples of string, numeric, and hex byte opts:
                        -x hostname:bbox - option 12
                        -x lease:3600 - option 51 (lease time)
                        -x 0x3d:0100BEEFC0FFEE - option 61 (client id)
...

Thanks, tried following on the command line. It works, but I still get lease of 600.

udhcpc -i eth0.2 -x lease:3600
udhcpc: started, v1.28.3
udhcpc: sending discover
udhcpc: sending select for xx.yy.zz.ip
udhcpc: lease of xx.yy.zz.ip obtained, lease time 600
udhcpc: ifconfig eth0.2 xx.yy.zz.ip netmask 255.255.252.0 broadcast +
udhcpc: setting default routers: xx.yy.zz.1

Looks like udhcpc can't override received options, but some DHCP-clients can:
https://man.cx/dhclient.conf(5)#heading7
By the way, OpenWrt has package isc-dhcp-client-ipv4.

dhcpcd (by Ray Marples) is what I use when not using udhcpc. There are some "challenges" with ISC dhclient and requesting IA_PD length (or at least were last I looked into it). Some distros call it dhcpcd5 and it appears to be available for current OpenWrt as the dhcpcd package.

Do I need to compile my own image to use dhcpd?

BTW I directly connected my laptop and confirmed that they are indeed giving out 10 minute lease.

My log level is set up for error, I still see dhcp renewal in the logs every 10 minutes. Is there any option to suppress just dhcp renewal message?

Default logging in OpenWrt isn't very sophisticated. Installing something like syslog-ng and logrotate is a possibility, but perhaps more complex than using dhcpcd. It does provide the advantage of better control over your logs in general. Many people, myself included, find the wireless-related logging overly verbose in day-to-day operation.

Installing dhcpcd may not get you a longer lease, if your laptop is only getting a 10-minute lease.

All three of those should be available as OpenWrt packages, that could be installed without building an image, assuming you have sufficient free space. None of the three are, as far as I know, integrated with LuCI, so some command-line configuration would be required.

Hi,
I can't see a fix for this issue. I have the same but worse.

Sat Dec 15 10:16:59 2018 daemon.notice netifd: wan (1250): udhcpc: sending renew to 0.0.0.0
Sat Dec 15 10:16:59 2018 daemon.notice netifd: wan (1250): udhcpc: lease of 192.168.10.2 obtained, lease time 30
Sat Dec 15 10:17:14 2018 daemon.notice netifd: wan (1250): udhcpc: sending renew to 0.0.0.0
Sat Dec 15 10:17:14 2018 daemon.notice netifd: wan (1250): udhcpc: lease of 192.168.10.2 obtained, lease time 30
Sat Dec 15 10:17:29 2018 daemon.notice netifd: wan (1250): udhcpc: sending renew to 0.0.0.0
ifstatus wan | jsonfilter -e @.data.leasetime
30

Request every 15 seconds.

udhcpc -i eth0.2 -x lease:3600
udhcpc: started, v1.28.3
udhcpc: sending discover
udhcpc: sending select for 192.168.10.2
udhcpc: lease of 192.168.10.2 obtained, lease time 30
udhcpc: ifconfig eth0.2 192.168.10.2 netmask 255.255.255.252 broadcast +
udhcpc: setting default routers: 192.168.10.1

Not possible to change the lease time.
Did you fix the issue, how ?

  • Your ISP is issuing a Private IP?
  • It was noted above you cannot alter a lease time issue by an upstream server, you must ask the owner of that upstream DHCP server.

Yes, ISP is issuing a private IP. For more see first post here
I'll inform him and ask for longer lease.
Thank you

Are you the OP?

If so, please refrain from creating mutiple accounts.
In any case, hope your ISP fixes your lease.

metric != Toutatis

My problem still persists. I am on DMZ of ISP modem/Router. My ISP has told me that they cannot do anything about it. I am rebooting router every morning on a cron job to clear the log. Is there any harm to onboard flash ROM by rebooting every night? i.e. is there any run-time persistence that gets stored in flash between reboots?

@Toutatis Please open new thread.

1 Like

The log doesn't get written to disk, though rebooting doesn't cause a problem there is also no real need. If you want better logging install a more substantial logging daemon.

Not only does the log not get written to flash in the default configuration, but it is a ring buffer -- it doesn't grow in size, just rolls off older entries as newer ones appear.

1 Like

So, if ISP cannot fix it, I am thinking another solution. Please let me know if it is feasible.

To avoid double NAT,

Option 1: I use the ISP router as DHCP server. I connect my openwrt router to the lan port of the ISP router. Use DHCP forwarding on openwrt (Is there such thing?). Now the clients are in the same subnet as the LAN portion of the ISP router.

Option 2: Disable DHCP server or limit the addresses on the ISP router (192.168.1.1). Use static address in the same LAN subnet of the ISP router for openwrt router (192.168.1.254) and configure my openwrt to provide the IP addresses in the same subnet. (192.168.1.50 to 192.168.1.60)

If I use any of these solutions, can I still use the local MAC filter, local DNS server, firewall, VPN (I will port forward to 192.168.1.254) and adblock functions on my openwrt router?

Your proposed solutions sound like double-NAT, but it is not clear if you're thinking you'd connect the ISP router LAN to the LAN port or WAN port of your OpenWrt device.

Normally you need to have a separate subnet and gateway to be able to perform firewall functions -- that is typically a function of the routing layer. DNS is not hard, though -- you can change the DNS entry of your DHCP server to advertise another DNS server that does not have to be the ISP router.

1 Like

It is normal for ISP to renew client DHCP leases so often. It is done to control vast network environment and for clients not to loose connectivity for a long time. Normal practice. Truncating Openwrt logs is a different matter...