Masquerade and dhcp lease renewal - what happens?
Henrik Nordstrom
hno at marasystems.com
Mon Oct 3 20:00:22 CEST 2005
On Mon, 3 Oct 2005, Henning Riis Rasmussen wrote:
> My ISP (Telia, Sweden) uses a DHCP lease time of 10 minutes leading to
> constant renewal of the lease.
>
> If I use "-j masquerade" instead of "-j snat" I cannot have any
> longlived connections (they all die with "new not syn" or "invalid").
Seems your DHCP server is resetting interface (down/up) on each renewal
then.
Does "tcpdump -i eth0" surive a renewal? If not you should defeintely look
into using another DHCP client.
> What is supposed to happen to the masquerade nat entries when a dhcp
> renewal happens, particularly one that doesn't actually change the IP
> address to a new one?
In 2.6.13 the connections is cleared from conntrack if the IP address is
deleted or if the interface is brought down.
Regards
Henrik
More information about the netfilter
mailing list