Pace 5268AC, DMZPlus Issue, drops lan every 10 minutes.

Any further information on this? I'm running into the same issue.

I have been experiencing the same issue, and I think I tracked it down to a missing route.

If you have your router setup to issue 192.168.1.x ip addresses on any of your LAN interfaces, this is most likely the issue.

The Pace modem itself listens to 192.168.1.254. That is the DHCP server address that your router will use to get the public IP lease (if using DMZPlus). What happens next is a routing issue. When the ER needs to renew the lease, it's not reaching out to the Pace modem on your WAN interface, but it is reaching out to the port that it thinks 192.168.1.x is being used on per its own routing table.

So the DHCP renewal request never reaches the Pace modem, and (this is speculation) your router will stop using the ip address once the lease expires, prompting a re-initialization of the wan interface, which will work - once.

I hope this makes sense. You can replicate this by logging into your router (ssh) and trying to ping the Pace modem at 192.168.1.254. The pings will go unanswered. To fix this, I added a static host route on my Ubiquity Edgerouter like this. These commands are specific to EdgeOS:

set protocols static interface-route 192.168.1.254/32 next-hop-interface eth0

set protocols static interface-route 192.168.1.254/32 next-hop-interface eth0 description "Direct route to AT&T RG"

set protocols static interface-route 192.168.1.254/32 next-hop-interface eth0 distance 1

commit

save 

Once you do this you should be able to ping 192.168.1.254 and reach the RG via your LAN too. The DHCP renewals should go out to the right interface now, and renewals should work. Make sure you don't accidentally issue 192.168.1.254 on your local LAN or you will get a routing conflict. It's best to limit the upper dhcp pool range to 253 to be safe.

Stephan

Not sure I understand what your up to.  In my setup I have completely different class c addressing between LAN and WAN.  The only interface between the PACE and my switch is the WAN port.  I was not using the default 192... gateway address.  It didn't seem to make any difference if I did.  DHCP for my LAN is done on the Cisco box behind the firewall.  My WAN gateway was set to the PACE and is also the same address as the PACE DHCP server.  Address issue was assigned by MAC binding.  I don't see how the WAN would hit anything other than the gateway address it was programmed with.  It worked for first issue just not renewal.  But who knows... Could be routing issue.  But I think if you add the static rout as you suggest, you would be routing to the PACE DHCP server. LAN would never need to see that.  it's on the other side of the firewall. 

The DHCP issue, as I understand it, is not that the DHCP renewal request doesn't get to the Gateway, it is that the Gateway's renewal reply has a strange source address which causes many routers to drop it, unprocessed, so the router never gets a renewal reply and once its lease completely expires, it quits using it.  Static assignment of that IP to the router's WAN interface  is the usual work around, unless you feel like wiresharking the protocol and fixing up your router's IP tables to pass the malformed DHCP renewal reply.  

You can also extend the release time to make this much less frequent.

I gave up my static IP's to save some cost and I'm right back in the same boat with the rest of your again...  As for changing the leas time, it doesn't work for the DMZ+ port...  It is hard set to 10 min.  I am looking into the static routs issue/fix that StephanNC posted earlier.  I will update this thread if there is any progress.  I was hopeful AT&T addressed this by now.  Boy am I foolish to think they would do anything to help.

G^2

The Arris routers (NVG 589, BGW 210) both allow you to set the lease time on the IP Passthrough address.  That's too bad if the 5268ac doesn't.  And, yes, you can statically assign the public IP address, mask and default gateway you get from the DHCP in DMZplus.

Two years later and this same issue exists with this junk gateway.  One would think that Arris or AT&T would have worked this out in past 3 or 4 or so years...  But no.  They still send this malformed DHCP renewal which is dropped by a large number of edge routers (based on my web research Cisco is not the only one that doesn't like this)  I wish they would get their act together find a solution.  In any case, I'm back to plugging in the assigned IP as static and redoing this ever time there is a drop or reset... fun fun.

By the way, I don't think the lease time for this issue is on the gateway.  I believe it is coming from the AT&T upstream DHCP server and is just a pass through at the gateway.  This is part of why the address is goofy.  I think it is meant for the gateway, not the ER.

Will continue to monitor this and update if anything changes.

Any developments on this?  Not sure if it is being caused by the malformed DHCP renewal from AT&T, or some other issue with the AT&T Central equipment, configurations, policies, etc..., or the AT&T Pace 5268 itself, but my Asus RT-AC87U doesn't like something it is receiving from AT&T with the AT&T Pace 5268 setup in DMZPlus.  Everything has been working great since I set it up months ago (most of the time), except...  an average of once per day, and at a random time each day, my Asus RT-AC87U WAN indicator goes solid red for about ~30 seconds, during which all devices on the Asus LAN lose their Internet access, until the ~30 second window completes, at which point everything starts working again (without me doing anything).  My Asus RT-AC87U system logs confirm these drop events, but our LAN activities can't continue to tolerate these drops.  Any suggestions?

---

@Orange_Energy wrote:

  Any suggestions?

---

At the risk of repeating myself

---

@JefferMC wrote:

you can statically assign the public IP address, mask and default gateway you get from the DHCP in DMZplus.

---