Archived from groups: alt.comp.networking.connectivity (More info?)
I think this is one for the experts here:
I'm running XP SP2.
I've got two routers DLink DI604 rev D1 with firmware 3.09b1 and I obtain 2
IP addresses from ISP automatically through DHCP.
Both routers are identically configured (but with different LAN IP addresses
of course), and only 192.168.0.1 is DHCP server enabled for the LAN.
Both routers are bridged at LAN side using a switch DLink DES1008D.
Both routers are bridged at WAN side using a switch Eminent towards ISP
modem .
The two goups of PC's in LAN have different gateways configured, one group
has 192.168.0.1 and the other has 192.168.0.2
My own PC has both gateways configured, it takes default 192.168.0.1 as
gateway.
Now: When I look at the log of my firewall (Sygate Pro) I see the service
"svchost.exe" contacting router 192.168.0.1 for say once every 20-30min, but
"svchost.exe" contacts router 192.168.0.2 about 30-40 times per minute
almost continuously.
I already tried setting interface metric to different values on my PC.
Any ideas what's happening here anybody ??
The connection log of my firewall shows that contacting the 192.168.0.2 is
always done towards port 80 of the router, but from incrementing ports
(1025-5000) of my PC.
Part of the Sygate log:
Date/time: 05/10/2005 08:52:47
Action: Allowed
Severity: 3
Direction: Outgoing
Protocol: TCP
Remote host: 192.168.0.2
Remote MAC: 00-0F-3D-12-EC-ED
Remote Port: 80
Local host: 192.168.0.186
Local MAC: 00-40-F4-90-54-B4
Local port: 1431 (increments for every attempt)
Process: C:\WINDOWS\system32\svchost.exe
Owner: peter
Workstation: WXP_MAINOFFICE
Security: Normal
Occurrences: 1
Start time: 05/10/2005 08:52:44
End time: 05/10/2005 08:52:44
Rule: GUI%GUICONFIG#SRULE@ADVRULECONFIG#Normal_100
When I list ipconfig /all I get:
Den ipconfig /all gibt mir:
Windows IP Configuration
Host Name . . . . . . . . . . . . : WXP_MAINOFFICE
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : telenet.be
Ethernet adapter Local Area Connection LAN:
Connection-specific DNS Suffix . : telenet.be
Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast
Ethernet NIC
Physical Address. . . . . . . . . : 00-40-F4-90-54-B4
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.0.186
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IP Address. . . . . . . . . . . . : fe80::240:f4ff:fe90:54b4%4
Default Gateway . . . . . . . . . : 192.168.0.1
192.168.0.2
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 195.130.130.4
195.130.130.132
fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
Lease Obtained. . . . . . . . . . : Tuesday, May 10, 2005 8:49:24 AM
Lease Expires . . . . . . . . . . : Wednesday, May 11, 2005 8:49:24 AM
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 80-00-E4-3B-AE-AD-CE-C3
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : fe80::5445:5245:444f%5
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled
Tunnel adapter Automatic Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . : telenet.be
Description . . . . . . . . . . . : Automatic Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : C0-A8-00-BA
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : fe80::5efe:192.168.0.186%2
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Disabled
I think this is one for the experts here:
I'm running XP SP2.
I've got two routers DLink DI604 rev D1 with firmware 3.09b1 and I obtain 2
IP addresses from ISP automatically through DHCP.
Both routers are identically configured (but with different LAN IP addresses
of course), and only 192.168.0.1 is DHCP server enabled for the LAN.
Both routers are bridged at LAN side using a switch DLink DES1008D.
Both routers are bridged at WAN side using a switch Eminent towards ISP
modem .
The two goups of PC's in LAN have different gateways configured, one group
has 192.168.0.1 and the other has 192.168.0.2
My own PC has both gateways configured, it takes default 192.168.0.1 as
gateway.
Now: When I look at the log of my firewall (Sygate Pro) I see the service
"svchost.exe" contacting router 192.168.0.1 for say once every 20-30min, but
"svchost.exe" contacts router 192.168.0.2 about 30-40 times per minute
almost continuously.
I already tried setting interface metric to different values on my PC.
Any ideas what's happening here anybody ??
The connection log of my firewall shows that contacting the 192.168.0.2 is
always done towards port 80 of the router, but from incrementing ports
(1025-5000) of my PC.
Part of the Sygate log:
Date/time: 05/10/2005 08:52:47
Action: Allowed
Severity: 3
Direction: Outgoing
Protocol: TCP
Remote host: 192.168.0.2
Remote MAC: 00-0F-3D-12-EC-ED
Remote Port: 80
Local host: 192.168.0.186
Local MAC: 00-40-F4-90-54-B4
Local port: 1431 (increments for every attempt)
Process: C:\WINDOWS\system32\svchost.exe
Owner: peter
Workstation: WXP_MAINOFFICE
Security: Normal
Occurrences: 1
Start time: 05/10/2005 08:52:44
End time: 05/10/2005 08:52:44
Rule: GUI%GUICONFIG#SRULE@ADVRULECONFIG#Normal_100
When I list ipconfig /all I get:
Den ipconfig /all gibt mir:
Windows IP Configuration
Host Name . . . . . . . . . . . . : WXP_MAINOFFICE
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : telenet.be
Ethernet adapter Local Area Connection LAN:
Connection-specific DNS Suffix . : telenet.be
Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast
Ethernet NIC
Physical Address. . . . . . . . . : 00-40-F4-90-54-B4
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.0.186
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IP Address. . . . . . . . . . . . : fe80::240:f4ff:fe90:54b4%4
Default Gateway . . . . . . . . . : 192.168.0.1
192.168.0.2
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 195.130.130.4
195.130.130.132
fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
Lease Obtained. . . . . . . . . . : Tuesday, May 10, 2005 8:49:24 AM
Lease Expires . . . . . . . . . . : Wednesday, May 11, 2005 8:49:24 AM
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 80-00-E4-3B-AE-AD-CE-C3
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : fe80::5445:5245:444f%5
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled
Tunnel adapter Automatic Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . : telenet.be
Description . . . . . . . . . . . : Automatic Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : C0-A8-00-BA
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : fe80::5efe:192.168.0.186%2
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Disabled
Facebook
Twitter
Instagram