Method for acting on IP address change from the ISP?












5















I have a Debian server at home. The server is my router and provides VPN access to the outside.



I do not have a static IP address; the lease time given by the ISP is two hours.



This cable cell which services the area I live, seems to have at least two different different netblocks for customers, and it is not entirely unusual obtaining a different IP address after a reboot of the Linux server, or less usually, but more importantly in what concerns this question, after some ISP maintenance operations.



I have some services that are dependent on the IP address; and the public IP adddress is used either for external (VPN) access, and for internal reference.



In some services, I use the dynamic DNS name from FreeDNS in order not to have to change an IP address in several locations.



As such, the best method I devised until now is running a script on dhclient-exit hooks. The script is called after DHCP gives/renews an IP, and restart services if the IP is changed.



I also change the IP of my dynamic DNS name on /etc/hosts, for solving possible problems of using the old IP before the change at FreeDNS side trickles down to me.



The script I wrote for dhclient-exit-hooks.d is this one; exit_status should be 0 if all went ok with dhclient.



#!/bin/bash



PATH=$PATH:/usr/bin



if ! [[ -v exit_status ]]

then

   exit 1

fi



if [ $exit_status -eq 0 ]

then

   IP=`ip addr show eth0.101 | grep inet | awk ' { print $2 } ' | cut -f1 -d "/"`

   OLDIP=`awk ' /xxxx.mooo.com/ { print  $1 } '   /etc/hosts`

   if [ $reason = "REBOOT" ] || [ $reason = "BOUND" ] || [ $IP != $OLDIP ] 

   then

      sed -i "s/^[0-9.]* xxxx.mooo.com/$IP xxxx.mooo.com/g" /etc/hosts

      timeout 60 /opt/bin/iptables.sh

      timeout 60 /etc/init.d/ipsec restart

      timeout 60 /etc/init.d/asterisk restart

      timeout 120 /etc/init.d/bind9 restart

      timeout 60 /usr/bin/wget -O - http://freedns.afraid.org/dynamic/update.php?XXXXXXXXXXXX > /dev/null

   fi

fi


I am aware of other posts that also recommend using dhclient-exit-hooks.d; however my question is a way to automate the restarting and configuration of those services upon an IP address change.






linux debian dhcp







share|improve this question

























  • Define "better"? What's wrong with this method? Is there a problem with it, where something doesn't exactly work? Since you're getting your IP address from DHCP, running it from the DHCP client seems like the best method, to me. Remember the old adage, "if it ain't broken, don't fix it"...

    – Wouter Verhelst
    Mar 20 '16 at 7:59











  • A bit complicated, too much dependent on the DHCP client, slight probability of getting hang services. You are absolutely right in the KISS part.

    – Rui F Ribeiro
    Mar 20 '16 at 8:42






  • 1





    Complicated? Seems simple enough. Dependent on the DHCP client? That seems like a feature, not a bug (anything else would require you to poll the IP address every so often, which is... well, not a good idea). Hung services? There are plenty of good monitoring tools out there which you can use to automatically restart services that are hung... Personally, I think your setup is cool, and I might actually duplicate it at home :-)

    – Wouter Verhelst
    Mar 21 '16 at 15:31











  • I edited it out with a view on having possible hang up services. And yep, there is monit. I do really need the IPsec part to be working with the right IP, as I use the VPN to have access to everything from the outside, including voIP and ssh. Hmmm I have started encrypting DNS in the meanwhile, will have to see if I need to add it to the restarted services.

    – Rui F Ribeiro
    Mar 21 '16 at 15:47


















5















I have a Debian server at home. The server is my router and provides VPN access to the outside.



I do not have a static IP address; the lease time given by the ISP is two hours.



This cable cell which services the area I live, seems to have at least two different different netblocks for customers, and it is not entirely unusual obtaining a different IP address after a reboot of the Linux server, or less usually, but more importantly in what concerns this question, after some ISP maintenance operations.



I have some services that are dependent on the IP address; and the public IP adddress is used either for external (VPN) access, and for internal reference.



In some services, I use the dynamic DNS name from FreeDNS in order not to have to change an IP address in several locations.



As such, the best method I devised until now is running a script on dhclient-exit hooks. The script is called after DHCP gives/renews an IP, and restart services if the IP is changed.



I also change the IP of my dynamic DNS name on /etc/hosts, for solving possible problems of using the old IP before the change at FreeDNS side trickles down to me.



The script I wrote for dhclient-exit-hooks.d is this one; exit_status should be 0 if all went ok with dhclient.



#!/bin/bash



PATH=$PATH:/usr/bin



if ! [[ -v exit_status ]]

then

   exit 1

fi



if [ $exit_status -eq 0 ]

then

   IP=`ip addr show eth0.101 | grep inet | awk ' { print $2 } ' | cut -f1 -d "/"`

   OLDIP=`awk ' /xxxx.mooo.com/ { print  $1 } '   /etc/hosts`

   if [ $reason = "REBOOT" ] || [ $reason = "BOUND" ] || [ $IP != $OLDIP ] 

   then

      sed -i "s/^[0-9.]* xxxx.mooo.com/$IP xxxx.mooo.com/g" /etc/hosts

      timeout 60 /opt/bin/iptables.sh

      timeout 60 /etc/init.d/ipsec restart

      timeout 60 /etc/init.d/asterisk restart

      timeout 120 /etc/init.d/bind9 restart

      timeout 60 /usr/bin/wget -O - http://freedns.afraid.org/dynamic/update.php?XXXXXXXXXXXX > /dev/null

   fi

fi


I am aware of other posts that also recommend using dhclient-exit-hooks.d; however my question is a way to automate the restarting and configuration of those services upon an IP address change.






linux debian dhcp







share|improve this question

























  • Define "better"? What's wrong with this method? Is there a problem with it, where something doesn't exactly work? Since you're getting your IP address from DHCP, running it from the DHCP client seems like the best method, to me. Remember the old adage, "if it ain't broken, don't fix it"...

    – Wouter Verhelst
    Mar 20 '16 at 7:59











  • A bit complicated, too much dependent on the DHCP client, slight probability of getting hang services. You are absolutely right in the KISS part.

    – Rui F Ribeiro
    Mar 20 '16 at 8:42






  • 1





    Complicated? Seems simple enough. Dependent on the DHCP client? That seems like a feature, not a bug (anything else would require you to poll the IP address every so often, which is... well, not a good idea). Hung services? There are plenty of good monitoring tools out there which you can use to automatically restart services that are hung... Personally, I think your setup is cool, and I might actually duplicate it at home :-)

    – Wouter Verhelst
    Mar 21 '16 at 15:31











  • I edited it out with a view on having possible hang up services. And yep, there is monit. I do really need the IPsec part to be working with the right IP, as I use the VPN to have access to everything from the outside, including voIP and ssh. Hmmm I have started encrypting DNS in the meanwhile, will have to see if I need to add it to the restarted services.

    – Rui F Ribeiro
    Mar 21 '16 at 15:47
















5












5








5


4






I have a Debian server at home. The server is my router and provides VPN access to the outside.



I do not have a static IP address; the lease time given by the ISP is two hours.



This cable cell which services the area I live, seems to have at least two different different netblocks for customers, and it is not entirely unusual obtaining a different IP address after a reboot of the Linux server, or less usually, but more importantly in what concerns this question, after some ISP maintenance operations.



I have some services that are dependent on the IP address; and the public IP adddress is used either for external (VPN) access, and for internal reference.



In some services, I use the dynamic DNS name from FreeDNS in order not to have to change an IP address in several locations.



As such, the best method I devised until now is running a script on dhclient-exit hooks. The script is called after DHCP gives/renews an IP, and restart services if the IP is changed.



I also change the IP of my dynamic DNS name on /etc/hosts, for solving possible problems of using the old IP before the change at FreeDNS side trickles down to me.



The script I wrote for dhclient-exit-hooks.d is this one; exit_status should be 0 if all went ok with dhclient.



#!/bin/bash



PATH=$PATH:/usr/bin



if ! [[ -v exit_status ]]

then

   exit 1

fi



if [ $exit_status -eq 0 ]

then

   IP=`ip addr show eth0.101 | grep inet | awk ' { print $2 } ' | cut -f1 -d "/"`

   OLDIP=`awk ' /xxxx.mooo.com/ { print  $1 } '   /etc/hosts`

   if [ $reason = "REBOOT" ] || [ $reason = "BOUND" ] || [ $IP != $OLDIP ] 

   then

      sed -i "s/^[0-9.]* xxxx.mooo.com/$IP xxxx.mooo.com/g" /etc/hosts

      timeout 60 /opt/bin/iptables.sh

      timeout 60 /etc/init.d/ipsec restart

      timeout 60 /etc/init.d/asterisk restart

      timeout 120 /etc/init.d/bind9 restart

      timeout 60 /usr/bin/wget -O - http://freedns.afraid.org/dynamic/update.php?XXXXXXXXXXXX > /dev/null

   fi

fi


I am aware of other posts that also recommend using dhclient-exit-hooks.d; however my question is a way to automate the restarting and configuration of those services upon an IP address change.






linux debian dhcp







share|improve this question
















I have a Debian server at home. The server is my router and provides VPN access to the outside.



I do not have a static IP address; the lease time given by the ISP is two hours.



This cable cell which services the area I live, seems to have at least two different different netblocks for customers, and it is not entirely unusual obtaining a different IP address after a reboot of the Linux server, or less usually, but more importantly in what concerns this question, after some ISP maintenance operations.



I have some services that are dependent on the IP address; and the public IP adddress is used either for external (VPN) access, and for internal reference.



In some services, I use the dynamic DNS name from FreeDNS in order not to have to change an IP address in several locations.



As such, the best method I devised until now is running a script on dhclient-exit hooks. The script is called after DHCP gives/renews an IP, and restart services if the IP is changed.



I also change the IP of my dynamic DNS name on /etc/hosts, for solving possible problems of using the old IP before the change at FreeDNS side trickles down to me.



The script I wrote for dhclient-exit-hooks.d is this one; exit_status should be 0 if all went ok with dhclient.



#!/bin/bash



PATH=$PATH:/usr/bin



if ! [[ -v exit_status ]]

then

   exit 1

fi



if [ $exit_status -eq 0 ]

then

   IP=`ip addr show eth0.101 | grep inet | awk ' { print $2 } ' | cut -f1 -d "/"`

   OLDIP=`awk ' /xxxx.mooo.com/ { print  $1 } '   /etc/hosts`

   if [ $reason = "REBOOT" ] || [ $reason = "BOUND" ] || [ $IP != $OLDIP ] 

   then

      sed -i "s/^[0-9.]* xxxx.mooo.com/$IP xxxx.mooo.com/g" /etc/hosts

      timeout 60 /opt/bin/iptables.sh

      timeout 60 /etc/init.d/ipsec restart

      timeout 60 /etc/init.d/asterisk restart

      timeout 120 /etc/init.d/bind9 restart

      timeout 60 /usr/bin/wget -O - http://freedns.afraid.org/dynamic/update.php?XXXXXXXXXXXX > /dev/null

   fi

fi


I am aware of other posts that also recommend using dhclient-exit-hooks.d; however my question is a way to automate the restarting and configuration of those services upon an IP address change.






linux debian dhcp




linux debian dhcp






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited 1 min ago







Rui F Ribeiro

















asked Mar 13 '16 at 22:25









Rui F RibeiroRui F Ribeiro

41.9k1483142




41.9k1483142













  • Define "better"? What's wrong with this method? Is there a problem with it, where something doesn't exactly work? Since you're getting your IP address from DHCP, running it from the DHCP client seems like the best method, to me. Remember the old adage, "if it ain't broken, don't fix it"...

    – Wouter Verhelst
    Mar 20 '16 at 7:59











  • A bit complicated, too much dependent on the DHCP client, slight probability of getting hang services. You are absolutely right in the KISS part.

    – Rui F Ribeiro
    Mar 20 '16 at 8:42






  • 1





    Complicated? Seems simple enough. Dependent on the DHCP client? That seems like a feature, not a bug (anything else would require you to poll the IP address every so often, which is... well, not a good idea). Hung services? There are plenty of good monitoring tools out there which you can use to automatically restart services that are hung... Personally, I think your setup is cool, and I might actually duplicate it at home :-)

    – Wouter Verhelst
    Mar 21 '16 at 15:31











  • I edited it out with a view on having possible hang up services. And yep, there is monit. I do really need the IPsec part to be working with the right IP, as I use the VPN to have access to everything from the outside, including voIP and ssh. Hmmm I have started encrypting DNS in the meanwhile, will have to see if I need to add it to the restarted services.

    – Rui F Ribeiro
    Mar 21 '16 at 15:47





















  • Define "better"? What's wrong with this method? Is there a problem with it, where something doesn't exactly work? Since you're getting your IP address from DHCP, running it from the DHCP client seems like the best method, to me. Remember the old adage, "if it ain't broken, don't fix it"...

    – Wouter Verhelst
    Mar 20 '16 at 7:59











  • A bit complicated, too much dependent on the DHCP client, slight probability of getting hang services. You are absolutely right in the KISS part.

    – Rui F Ribeiro
    Mar 20 '16 at 8:42






  • 1





    Complicated? Seems simple enough. Dependent on the DHCP client? That seems like a feature, not a bug (anything else would require you to poll the IP address every so often, which is... well, not a good idea). Hung services? There are plenty of good monitoring tools out there which you can use to automatically restart services that are hung... Personally, I think your setup is cool, and I might actually duplicate it at home :-)

    – Wouter Verhelst
    Mar 21 '16 at 15:31











  • I edited it out with a view on having possible hang up services. And yep, there is monit. I do really need the IPsec part to be working with the right IP, as I use the VPN to have access to everything from the outside, including voIP and ssh. Hmmm I have started encrypting DNS in the meanwhile, will have to see if I need to add it to the restarted services.

    – Rui F Ribeiro
    Mar 21 '16 at 15:47



















Define "better"? What's wrong with this method? Is there a problem with it, where something doesn't exactly work? Since you're getting your IP address from DHCP, running it from the DHCP client seems like the best method, to me. Remember the old adage, "if it ain't broken, don't fix it"...

– Wouter Verhelst
Mar 20 '16 at 7:59





Define "better"? What's wrong with this method? Is there a problem with it, where something doesn't exactly work? Since you're getting your IP address from DHCP, running it from the DHCP client seems like the best method, to me. Remember the old adage, "if it ain't broken, don't fix it"...

– Wouter Verhelst
Mar 20 '16 at 7:59













A bit complicated, too much dependent on the DHCP client, slight probability of getting hang services. You are absolutely right in the KISS part.

– Rui F Ribeiro
Mar 20 '16 at 8:42





A bit complicated, too much dependent on the DHCP client, slight probability of getting hang services. You are absolutely right in the KISS part.

– Rui F Ribeiro
Mar 20 '16 at 8:42




1




1





Complicated? Seems simple enough. Dependent on the DHCP client? That seems like a feature, not a bug (anything else would require you to poll the IP address every so often, which is... well, not a good idea). Hung services? There are plenty of good monitoring tools out there which you can use to automatically restart services that are hung... Personally, I think your setup is cool, and I might actually duplicate it at home :-)

– Wouter Verhelst
Mar 21 '16 at 15:31





Complicated? Seems simple enough. Dependent on the DHCP client? That seems like a feature, not a bug (anything else would require you to poll the IP address every so often, which is... well, not a good idea). Hung services? There are plenty of good monitoring tools out there which you can use to automatically restart services that are hung... Personally, I think your setup is cool, and I might actually duplicate it at home :-)

– Wouter Verhelst
Mar 21 '16 at 15:31













I edited it out with a view on having possible hang up services. And yep, there is monit. I do really need the IPsec part to be working with the right IP, as I use the VPN to have access to everything from the outside, including voIP and ssh. Hmmm I have started encrypting DNS in the meanwhile, will have to see if I need to add it to the restarted services.

– Rui F Ribeiro
Mar 21 '16 at 15:47







I edited it out with a view on having possible hang up services. And yep, there is monit. I do really need the IPsec part to be working with the right IP, as I use the VPN to have access to everything from the outside, including voIP and ssh. Hmmm I have started encrypting DNS in the meanwhile, will have to see if I need to add it to the restarted services.

– Rui F Ribeiro
Mar 21 '16 at 15:47












3 Answers
3






active

oldest

votes


















6














As Wouter commented, your existing setup seems pretty decent already.



If you want something less dependent on dhclient, you could have a look at the many dynamic DNS clients packaged in Debian.



For example, ddclient can react to DHCP changes or simply monitor an Ethernet interface; when the IP address changes (and only then), it can update a dynamic DNS entry (on any number of providers), as well as run a separate script (which would cover both your use-cases).






share|improve this answer


























  • The dynamic DNS entry is quite a good idea, thanks. I should not have modified the original question with the edited timeouts, as it should also been part of the answer. There is still something missing about the way I had dhcpd configured...I have to test BIND better, had a race problem that I am not sure it is 100% solved.

    – Rui F Ribeiro
    Apr 14 '16 at 6:18





















3














I propose to further simplify/split up your solution following the principle of separation of concerns:




  • a script /etc/dhcp/dhclient-exit-hooks.d/trigger_on_ip_change should only decide whether action needs to be taken and defer the action to a separate script /usr/local/bin/act_on_ip_change

  • the script /usr/local/bin/act_on_ip_change should only execute the necessary changes


The reasons for separating those concerns are:




  • you can test separately whether dhclient is triggering correctly (without actually modifying anything on your system during debugging)

  • you can test the "change making" without the need to renew (and thus potential loose) your IP

  • you can execute /usr/local/bin/act_on_ip_change manually in case there's a need

  • the parts are much easier to understand


In short, I'd suggest to have this in /etc/dhcp/dhclient-exit-hooks.d/trigger_on_ip_change_action:



# based on /etc/dhcp/dhclient-exit-hooks.d/debug



if [ "$reason" = "BOUND" -a "$old_ip_address" != "$new_ip_address" ]; then

  /usr/local/bin/act_on_ip_change

fi





share|improve this answer
























  • +1 for noticing $new_ip_address is there, and does not have to be extracted from the interface.

    – Rui F Ribeiro
    Oct 4 '16 at 17:08



















2














In the end, I ended up simplifying things a bit my setup to act on IP addresses changes.



The Internet NAT was changed to MASQUERADE, so I do not have to act on it; the iptables rules left the dhclient-exit-hooks.d, installing iptables-persistent. 



iptables -A POSTROUTING -o eth0.101 ! -p esp -j MASQUERADE

apt-get install iptables-persistent

iptables-save > /etc/iptables/rules.v4


BIND stopped failing on boot because it recognises dependencies on iptables going up now.



I also do not restart BIND now. Furthermore, BIND is now dependent on dnscrypt-proxy crypt to leave to the Internet, so it is only binded to the internal interfaces (which do not change).



Whist the variable exit_status is mentioned in the dhclient-exit-hooks.d documentation, apparently there is some confusion, and it is only used to pass exit status to DHCP, and not to get it.



So the final script is:



#!/bin/bash



PATH=$PATH:/usr/bin





IP=`ip addr show eth0.101 | grep inet | awk ' { print $2 } ' | cut -f1 -d "/"`

OLDIP=`awk ' /xxxx.mooo.com/ { print  $1 } '   /etc/hosts`

# if reboot or IP changed

if [ $reason = "REBOOT" ] || [ $reason = "BOUND" ] || [ $IP != $OLDIP ] 

   then

      # put it in hosts 

      sed -i "s/^[0-9.]* xxxx.mooo.com/$IP xxxx.mooo.com/g" /etc/hosts

      timeout 60 /etc/init.d/ipsec restart

      timeout 60 /etc/init.d/asterisk restart

      # update FreeDNS service

      timeout 60 /usr/bin/wget -O - http://freedns.afraid.org/dynamic/update.php?XXXX > /dev/null

fi


As for the absence of exit_status, these are the vars presented in dhclient-exit-hooks.d upon boot:



requested_broadcast_address=1

new_network_number=95.94.xx.0

new_ip_address=95.94.xx.xx

new_dhcp_message_type=5

pid=1100

new_time_offset=0

new_routers=95.94.xx.xx

new_expiry=1462482903

new_subnet_mask=255.255.240.0

interface=eth0.101

requested_time_offset=1

new_domain_name=netcabo.pt

reason=REBOOT

new_time_servers=212.113.176.129 212.113.176.65

requested_routers=1

PATH=/usr/sbin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/bin

requested_subnet_mask=1

new_log_servers=212.113.188.209

new_dhcp_server_identifier=79.169.255.254

new_domain_name_servers=0.0.0.0 8.8.8.8

new_broadcast_address=95.94.xx.255

new_dhcp_renewal_time=7200

new_dhcp_rebinding_time=12600

PWD=/

new_next_server=0.0.0.0

new_dhcp_lease_time=14400





share|improve this answer





















  • 1





    An additional useful service is DNS-o-matic (dnsomatic.com). It's not useful if you just need to update one service, but I have to update both FreeDNS and HE's tunnel broker for my IPv6 tunnel and this lets me do it with only a single update (critical for things like DD-WRT that require hasty hacking to allow multiple update targets).

    – Todd Knarr
    May 5 '16 at 17:36











  • Cool stuff. Thanks for the heads up @ToddKnarr

    – Rui F Ribeiro
    May 5 '16 at 18:33














Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f269567%2fmethod-for-acting-on-ip-address-change-from-the-isp%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























3 Answers
3






active

oldest

votes








3 Answers
3






active

oldest

votes









active

oldest

votes






active

oldest

votes









6














As Wouter commented, your existing setup seems pretty decent already.



If you want something less dependent on dhclient, you could have a look at the many dynamic DNS clients packaged in Debian.



For example, ddclient can react to DHCP changes or simply monitor an Ethernet interface; when the IP address changes (and only then), it can update a dynamic DNS entry (on any number of providers), as well as run a separate script (which would cover both your use-cases).






share|improve this answer


























  • The dynamic DNS entry is quite a good idea, thanks. I should not have modified the original question with the edited timeouts, as it should also been part of the answer. There is still something missing about the way I had dhcpd configured...I have to test BIND better, had a race problem that I am not sure it is 100% solved.

    – Rui F Ribeiro
    Apr 14 '16 at 6:18


















6














As Wouter commented, your existing setup seems pretty decent already.



If you want something less dependent on dhclient, you could have a look at the many dynamic DNS clients packaged in Debian.



For example, ddclient can react to DHCP changes or simply monitor an Ethernet interface; when the IP address changes (and only then), it can update a dynamic DNS entry (on any number of providers), as well as run a separate script (which would cover both your use-cases).






share|improve this answer


























  • The dynamic DNS entry is quite a good idea, thanks. I should not have modified the original question with the edited timeouts, as it should also been part of the answer. There is still something missing about the way I had dhcpd configured...I have to test BIND better, had a race problem that I am not sure it is 100% solved.

    – Rui F Ribeiro
    Apr 14 '16 at 6:18
















6












6








6







As Wouter commented, your existing setup seems pretty decent already.



If you want something less dependent on dhclient, you could have a look at the many dynamic DNS clients packaged in Debian.



For example, ddclient can react to DHCP changes or simply monitor an Ethernet interface; when the IP address changes (and only then), it can update a dynamic DNS entry (on any number of providers), as well as run a separate script (which would cover both your use-cases).






share|improve this answer















As Wouter commented, your existing setup seems pretty decent already.



If you want something less dependent on dhclient, you could have a look at the many dynamic DNS clients packaged in Debian.



For example, ddclient can react to DHCP changes or simply monitor an Ethernet interface; when the IP address changes (and only then), it can update a dynamic DNS entry (on any number of providers), as well as run a separate script (which would cover both your use-cases).







share|improve this answer














share|improve this answer



share|improve this answer








edited Feb 3 '18 at 0:30









Rui F Ribeiro

41.9k1483142




41.9k1483142










answered Apr 13 '16 at 21:08









Stephen KittStephen Kitt

179k25407485




179k25407485













  • The dynamic DNS entry is quite a good idea, thanks. I should not have modified the original question with the edited timeouts, as it should also been part of the answer. There is still something missing about the way I had dhcpd configured...I have to test BIND better, had a race problem that I am not sure it is 100% solved.

    – Rui F Ribeiro
    Apr 14 '16 at 6:18





















  • The dynamic DNS entry is quite a good idea, thanks. I should not have modified the original question with the edited timeouts, as it should also been part of the answer. There is still something missing about the way I had dhcpd configured...I have to test BIND better, had a race problem that I am not sure it is 100% solved.

    – Rui F Ribeiro
    Apr 14 '16 at 6:18



















The dynamic DNS entry is quite a good idea, thanks. I should not have modified the original question with the edited timeouts, as it should also been part of the answer. There is still something missing about the way I had dhcpd configured...I have to test BIND better, had a race problem that I am not sure it is 100% solved.

– Rui F Ribeiro
Apr 14 '16 at 6:18







The dynamic DNS entry is quite a good idea, thanks. I should not have modified the original question with the edited timeouts, as it should also been part of the answer. There is still something missing about the way I had dhcpd configured...I have to test BIND better, had a race problem that I am not sure it is 100% solved.

– Rui F Ribeiro
Apr 14 '16 at 6:18















3














I propose to further simplify/split up your solution following the principle of separation of concerns:




  • a script /etc/dhcp/dhclient-exit-hooks.d/trigger_on_ip_change should only decide whether action needs to be taken and defer the action to a separate script /usr/local/bin/act_on_ip_change

  • the script /usr/local/bin/act_on_ip_change should only execute the necessary changes


The reasons for separating those concerns are:




  • you can test separately whether dhclient is triggering correctly (without actually modifying anything on your system during debugging)

  • you can test the "change making" without the need to renew (and thus potential loose) your IP

  • you can execute /usr/local/bin/act_on_ip_change manually in case there's a need

  • the parts are much easier to understand


In short, I'd suggest to have this in /etc/dhcp/dhclient-exit-hooks.d/trigger_on_ip_change_action:



# based on /etc/dhcp/dhclient-exit-hooks.d/debug



if [ "$reason" = "BOUND" -a "$old_ip_address" != "$new_ip_address" ]; then

  /usr/local/bin/act_on_ip_change

fi





share|improve this answer
























  • +1 for noticing $new_ip_address is there, and does not have to be extracted from the interface.

    – Rui F Ribeiro
    Oct 4 '16 at 17:08
















3














I propose to further simplify/split up your solution following the principle of separation of concerns:




  • a script /etc/dhcp/dhclient-exit-hooks.d/trigger_on_ip_change should only decide whether action needs to be taken and defer the action to a separate script /usr/local/bin/act_on_ip_change

  • the script /usr/local/bin/act_on_ip_change should only execute the necessary changes


The reasons for separating those concerns are:




  • you can test separately whether dhclient is triggering correctly (without actually modifying anything on your system during debugging)

  • you can test the "change making" without the need to renew (and thus potential loose) your IP

  • you can execute /usr/local/bin/act_on_ip_change manually in case there's a need

  • the parts are much easier to understand


In short, I'd suggest to have this in /etc/dhcp/dhclient-exit-hooks.d/trigger_on_ip_change_action:



# based on /etc/dhcp/dhclient-exit-hooks.d/debug



if [ "$reason" = "BOUND" -a "$old_ip_address" != "$new_ip_address" ]; then

  /usr/local/bin/act_on_ip_change

fi





share|improve this answer
























  • +1 for noticing $new_ip_address is there, and does not have to be extracted from the interface.

    – Rui F Ribeiro
    Oct 4 '16 at 17:08














3












3








3







I propose to further simplify/split up your solution following the principle of separation of concerns:




  • a script /etc/dhcp/dhclient-exit-hooks.d/trigger_on_ip_change should only decide whether action needs to be taken and defer the action to a separate script /usr/local/bin/act_on_ip_change

  • the script /usr/local/bin/act_on_ip_change should only execute the necessary changes


The reasons for separating those concerns are:




  • you can test separately whether dhclient is triggering correctly (without actually modifying anything on your system during debugging)

  • you can test the "change making" without the need to renew (and thus potential loose) your IP

  • you can execute /usr/local/bin/act_on_ip_change manually in case there's a need

  • the parts are much easier to understand


In short, I'd suggest to have this in /etc/dhcp/dhclient-exit-hooks.d/trigger_on_ip_change_action:



# based on /etc/dhcp/dhclient-exit-hooks.d/debug



if [ "$reason" = "BOUND" -a "$old_ip_address" != "$new_ip_address" ]; then

  /usr/local/bin/act_on_ip_change

fi





share|improve this answer













I propose to further simplify/split up your solution following the principle of separation of concerns:




  • a script /etc/dhcp/dhclient-exit-hooks.d/trigger_on_ip_change should only decide whether action needs to be taken and defer the action to a separate script /usr/local/bin/act_on_ip_change

  • the script /usr/local/bin/act_on_ip_change should only execute the necessary changes


The reasons for separating those concerns are:




  • you can test separately whether dhclient is triggering correctly (without actually modifying anything on your system during debugging)

  • you can test the "change making" without the need to renew (and thus potential loose) your IP

  • you can execute /usr/local/bin/act_on_ip_change manually in case there's a need

  • the parts are much easier to understand


In short, I'd suggest to have this in /etc/dhcp/dhclient-exit-hooks.d/trigger_on_ip_change_action:



# based on /etc/dhcp/dhclient-exit-hooks.d/debug



if [ "$reason" = "BOUND" -a "$old_ip_address" != "$new_ip_address" ]; then

  /usr/local/bin/act_on_ip_change

fi






share|improve this answer












share|improve this answer



share|improve this answer










answered Oct 4 '16 at 16:13









Tomáš PospíšekTomáš Pospíšek

542210




542210













  • +1 for noticing $new_ip_address is there, and does not have to be extracted from the interface.

    – Rui F Ribeiro
    Oct 4 '16 at 17:08



















  • +1 for noticing $new_ip_address is there, and does not have to be extracted from the interface.

    – Rui F Ribeiro
    Oct 4 '16 at 17:08

















+1 for noticing $new_ip_address is there, and does not have to be extracted from the interface.

– Rui F Ribeiro
Oct 4 '16 at 17:08





+1 for noticing $new_ip_address is there, and does not have to be extracted from the interface.

– Rui F Ribeiro
Oct 4 '16 at 17:08











2














In the end, I ended up simplifying things a bit my setup to act on IP addresses changes.



The Internet NAT was changed to MASQUERADE, so I do not have to act on it; the iptables rules left the dhclient-exit-hooks.d, installing iptables-persistent. 



iptables -A POSTROUTING -o eth0.101 ! -p esp -j MASQUERADE

apt-get install iptables-persistent

iptables-save > /etc/iptables/rules.v4


BIND stopped failing on boot because it recognises dependencies on iptables going up now.



I also do not restart BIND now. Furthermore, BIND is now dependent on dnscrypt-proxy crypt to leave to the Internet, so it is only binded to the internal interfaces (which do not change).



Whist the variable exit_status is mentioned in the dhclient-exit-hooks.d documentation, apparently there is some confusion, and it is only used to pass exit status to DHCP, and not to get it.



So the final script is:



#!/bin/bash



PATH=$PATH:/usr/bin





IP=`ip addr show eth0.101 | grep inet | awk ' { print $2 } ' | cut -f1 -d "/"`

OLDIP=`awk ' /xxxx.mooo.com/ { print  $1 } '   /etc/hosts`

# if reboot or IP changed

if [ $reason = "REBOOT" ] || [ $reason = "BOUND" ] || [ $IP != $OLDIP ] 

   then

      # put it in hosts 

      sed -i "s/^[0-9.]* xxxx.mooo.com/$IP xxxx.mooo.com/g" /etc/hosts

      timeout 60 /etc/init.d/ipsec restart

      timeout 60 /etc/init.d/asterisk restart

      # update FreeDNS service

      timeout 60 /usr/bin/wget -O - http://freedns.afraid.org/dynamic/update.php?XXXX > /dev/null

fi


As for the absence of exit_status, these are the vars presented in dhclient-exit-hooks.d upon boot:



requested_broadcast_address=1

new_network_number=95.94.xx.0

new_ip_address=95.94.xx.xx

new_dhcp_message_type=5

pid=1100

new_time_offset=0

new_routers=95.94.xx.xx

new_expiry=1462482903

new_subnet_mask=255.255.240.0

interface=eth0.101

requested_time_offset=1

new_domain_name=netcabo.pt

reason=REBOOT

new_time_servers=212.113.176.129 212.113.176.65

requested_routers=1

PATH=/usr/sbin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/bin

requested_subnet_mask=1

new_log_servers=212.113.188.209

new_dhcp_server_identifier=79.169.255.254

new_domain_name_servers=0.0.0.0 8.8.8.8

new_broadcast_address=95.94.xx.255

new_dhcp_renewal_time=7200

new_dhcp_rebinding_time=12600

PWD=/

new_next_server=0.0.0.0

new_dhcp_lease_time=14400





share|improve this answer





















  • 1





    An additional useful service is DNS-o-matic (dnsomatic.com). It's not useful if you just need to update one service, but I have to update both FreeDNS and HE's tunnel broker for my IPv6 tunnel and this lets me do it with only a single update (critical for things like DD-WRT that require hasty hacking to allow multiple update targets).

    – Todd Knarr
    May 5 '16 at 17:36











  • Cool stuff. Thanks for the heads up @ToddKnarr

    – Rui F Ribeiro
    May 5 '16 at 18:33


















2














In the end, I ended up simplifying things a bit my setup to act on IP addresses changes.



The Internet NAT was changed to MASQUERADE, so I do not have to act on it; the iptables rules left the dhclient-exit-hooks.d, installing iptables-persistent. 



iptables -A POSTROUTING -o eth0.101 ! -p esp -j MASQUERADE

apt-get install iptables-persistent

iptables-save > /etc/iptables/rules.v4


BIND stopped failing on boot because it recognises dependencies on iptables going up now.



I also do not restart BIND now. Furthermore, BIND is now dependent on dnscrypt-proxy crypt to leave to the Internet, so it is only binded to the internal interfaces (which do not change).



Whist the variable exit_status is mentioned in the dhclient-exit-hooks.d documentation, apparently there is some confusion, and it is only used to pass exit status to DHCP, and not to get it.



So the final script is:



#!/bin/bash



PATH=$PATH:/usr/bin





IP=`ip addr show eth0.101 | grep inet | awk ' { print $2 } ' | cut -f1 -d "/"`

OLDIP=`awk ' /xxxx.mooo.com/ { print  $1 } '   /etc/hosts`

# if reboot or IP changed

if [ $reason = "REBOOT" ] || [ $reason = "BOUND" ] || [ $IP != $OLDIP ] 

   then

      # put it in hosts 

      sed -i "s/^[0-9.]* xxxx.mooo.com/$IP xxxx.mooo.com/g" /etc/hosts

      timeout 60 /etc/init.d/ipsec restart

      timeout 60 /etc/init.d/asterisk restart

      # update FreeDNS service

      timeout 60 /usr/bin/wget -O - http://freedns.afraid.org/dynamic/update.php?XXXX > /dev/null

fi


As for the absence of exit_status, these are the vars presented in dhclient-exit-hooks.d upon boot:



requested_broadcast_address=1

new_network_number=95.94.xx.0

new_ip_address=95.94.xx.xx

new_dhcp_message_type=5

pid=1100

new_time_offset=0

new_routers=95.94.xx.xx

new_expiry=1462482903

new_subnet_mask=255.255.240.0

interface=eth0.101

requested_time_offset=1

new_domain_name=netcabo.pt

reason=REBOOT

new_time_servers=212.113.176.129 212.113.176.65

requested_routers=1

PATH=/usr/sbin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/bin

requested_subnet_mask=1

new_log_servers=212.113.188.209

new_dhcp_server_identifier=79.169.255.254

new_domain_name_servers=0.0.0.0 8.8.8.8

new_broadcast_address=95.94.xx.255

new_dhcp_renewal_time=7200

new_dhcp_rebinding_time=12600

PWD=/

new_next_server=0.0.0.0

new_dhcp_lease_time=14400





share|improve this answer





















  • 1





    An additional useful service is DNS-o-matic (dnsomatic.com). It's not useful if you just need to update one service, but I have to update both FreeDNS and HE's tunnel broker for my IPv6 tunnel and this lets me do it with only a single update (critical for things like DD-WRT that require hasty hacking to allow multiple update targets).

    – Todd Knarr
    May 5 '16 at 17:36











  • Cool stuff. Thanks for the heads up @ToddKnarr

    – Rui F Ribeiro
    May 5 '16 at 18:33
















2












2








2







In the end, I ended up simplifying things a bit my setup to act on IP addresses changes.



The Internet NAT was changed to MASQUERADE, so I do not have to act on it; the iptables rules left the dhclient-exit-hooks.d, installing iptables-persistent. 



iptables -A POSTROUTING -o eth0.101 ! -p esp -j MASQUERADE

apt-get install iptables-persistent

iptables-save > /etc/iptables/rules.v4


BIND stopped failing on boot because it recognises dependencies on iptables going up now.



I also do not restart BIND now. Furthermore, BIND is now dependent on dnscrypt-proxy crypt to leave to the Internet, so it is only binded to the internal interfaces (which do not change).



Whist the variable exit_status is mentioned in the dhclient-exit-hooks.d documentation, apparently there is some confusion, and it is only used to pass exit status to DHCP, and not to get it.



So the final script is:



#!/bin/bash



PATH=$PATH:/usr/bin





IP=`ip addr show eth0.101 | grep inet | awk ' { print $2 } ' | cut -f1 -d "/"`

OLDIP=`awk ' /xxxx.mooo.com/ { print  $1 } '   /etc/hosts`

# if reboot or IP changed

if [ $reason = "REBOOT" ] || [ $reason = "BOUND" ] || [ $IP != $OLDIP ] 

   then

      # put it in hosts 

      sed -i "s/^[0-9.]* xxxx.mooo.com/$IP xxxx.mooo.com/g" /etc/hosts

      timeout 60 /etc/init.d/ipsec restart

      timeout 60 /etc/init.d/asterisk restart

      # update FreeDNS service

      timeout 60 /usr/bin/wget -O - http://freedns.afraid.org/dynamic/update.php?XXXX > /dev/null

fi


As for the absence of exit_status, these are the vars presented in dhclient-exit-hooks.d upon boot:



requested_broadcast_address=1

new_network_number=95.94.xx.0

new_ip_address=95.94.xx.xx

new_dhcp_message_type=5

pid=1100

new_time_offset=0

new_routers=95.94.xx.xx

new_expiry=1462482903

new_subnet_mask=255.255.240.0

interface=eth0.101

requested_time_offset=1

new_domain_name=netcabo.pt

reason=REBOOT

new_time_servers=212.113.176.129 212.113.176.65

requested_routers=1

PATH=/usr/sbin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/bin

requested_subnet_mask=1

new_log_servers=212.113.188.209

new_dhcp_server_identifier=79.169.255.254

new_domain_name_servers=0.0.0.0 8.8.8.8

new_broadcast_address=95.94.xx.255

new_dhcp_renewal_time=7200

new_dhcp_rebinding_time=12600

PWD=/

new_next_server=0.0.0.0

new_dhcp_lease_time=14400





share|improve this answer















In the end, I ended up simplifying things a bit my setup to act on IP addresses changes.



The Internet NAT was changed to MASQUERADE, so I do not have to act on it; the iptables rules left the dhclient-exit-hooks.d, installing iptables-persistent. 



iptables -A POSTROUTING -o eth0.101 ! -p esp -j MASQUERADE

apt-get install iptables-persistent

iptables-save > /etc/iptables/rules.v4


BIND stopped failing on boot because it recognises dependencies on iptables going up now.



I also do not restart BIND now. Furthermore, BIND is now dependent on dnscrypt-proxy crypt to leave to the Internet, so it is only binded to the internal interfaces (which do not change).



Whist the variable exit_status is mentioned in the dhclient-exit-hooks.d documentation, apparently there is some confusion, and it is only used to pass exit status to DHCP, and not to get it.



So the final script is:



#!/bin/bash



PATH=$PATH:/usr/bin





IP=`ip addr show eth0.101 | grep inet | awk ' { print $2 } ' | cut -f1 -d "/"`

OLDIP=`awk ' /xxxx.mooo.com/ { print  $1 } '   /etc/hosts`

# if reboot or IP changed

if [ $reason = "REBOOT" ] || [ $reason = "BOUND" ] || [ $IP != $OLDIP ] 

   then

      # put it in hosts 

      sed -i "s/^[0-9.]* xxxx.mooo.com/$IP xxxx.mooo.com/g" /etc/hosts

      timeout 60 /etc/init.d/ipsec restart

      timeout 60 /etc/init.d/asterisk restart

      # update FreeDNS service

      timeout 60 /usr/bin/wget -O - http://freedns.afraid.org/dynamic/update.php?XXXX > /dev/null

fi


As for the absence of exit_status, these are the vars presented in dhclient-exit-hooks.d upon boot:



requested_broadcast_address=1

new_network_number=95.94.xx.0

new_ip_address=95.94.xx.xx

new_dhcp_message_type=5

pid=1100

new_time_offset=0

new_routers=95.94.xx.xx

new_expiry=1462482903

new_subnet_mask=255.255.240.0

interface=eth0.101

requested_time_offset=1

new_domain_name=netcabo.pt

reason=REBOOT

new_time_servers=212.113.176.129 212.113.176.65

requested_routers=1

PATH=/usr/sbin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/bin

requested_subnet_mask=1

new_log_servers=212.113.188.209

new_dhcp_server_identifier=79.169.255.254

new_domain_name_servers=0.0.0.0 8.8.8.8

new_broadcast_address=95.94.xx.255

new_dhcp_renewal_time=7200

new_dhcp_rebinding_time=12600

PWD=/

new_next_server=0.0.0.0

new_dhcp_lease_time=14400






share|improve this answer














share|improve this answer



share|improve this answer








edited May 26 '16 at 8:45

























answered May 2 '16 at 17:25









Rui F RibeiroRui F Ribeiro

41.9k1483142




41.9k1483142








  • 1





    An additional useful service is DNS-o-matic (dnsomatic.com). It's not useful if you just need to update one service, but I have to update both FreeDNS and HE's tunnel broker for my IPv6 tunnel and this lets me do it with only a single update (critical for things like DD-WRT that require hasty hacking to allow multiple update targets).

    – Todd Knarr
    May 5 '16 at 17:36











  • Cool stuff. Thanks for the heads up @ToddKnarr

    – Rui F Ribeiro
    May 5 '16 at 18:33
















  • 1





    An additional useful service is DNS-o-matic (dnsomatic.com). It's not useful if you just need to update one service, but I have to update both FreeDNS and HE's tunnel broker for my IPv6 tunnel and this lets me do it with only a single update (critical for things like DD-WRT that require hasty hacking to allow multiple update targets).

    – Todd Knarr
    May 5 '16 at 17:36











  • Cool stuff. Thanks for the heads up @ToddKnarr

    – Rui F Ribeiro
    May 5 '16 at 18:33










1




1





An additional useful service is DNS-o-matic (dnsomatic.com). It's not useful if you just need to update one service, but I have to update both FreeDNS and HE's tunnel broker for my IPv6 tunnel and this lets me do it with only a single update (critical for things like DD-WRT that require hasty hacking to allow multiple update targets).

– Todd Knarr
May 5 '16 at 17:36





An additional useful service is DNS-o-matic (dnsomatic.com). It's not useful if you just need to update one service, but I have to update both FreeDNS and HE's tunnel broker for my IPv6 tunnel and this lets me do it with only a single update (critical for things like DD-WRT that require hasty hacking to allow multiple update targets).

– Todd Knarr
May 5 '16 at 17:36













Cool stuff. Thanks for the heads up @ToddKnarr

– Rui F Ribeiro
May 5 '16 at 18:33







Cool stuff. Thanks for the heads up @ToddKnarr

– Rui F Ribeiro
May 5 '16 at 18:33




















draft saved

draft discarded




















































Thanks for contributing an answer to Unix & Linux Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f269567%2fmethod-for-acting-on-ip-address-change-from-the-isp%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

CARDNET

Image
CARDNET は日本カードネットワークが運営するクレジット決済ネットワーク。日本カードネットワークの略称としてもCARDNETが使用されている。 事件・事故 2017年4月15日午前11時8分からクレジットカードの決済がしづらくなる障害が発生した。障害は同日午後5時18分に復旧した。原因は、複数あるCARDNETセンターの拠点のうち1つで、2重化してあるL3スイッチの片方が故障し、1系統にトラフィックが集中したことによる輻輳が発生したため。対処としては、故障したL3スイッチ交換とシステム再起動が行われた [1] 。 出典 ^ 金子寛人 ( 2017年4月17日 ). “CARDNETのクレジット決済に6時間強障害、原因はL3スイッチ故障”. 日経コンピュータ. 2018年10月18日 閲覧。 この項目は、コンピュータに関連した 書きかけの項目 です。この項目を加筆・訂正などしてくださる協力者を求めています(PJ:コンピュータ/P:コンピュータ)。 この項目は、経済に関連した 書きかけの項目 です。この項目を加筆・訂正などしてくださる協力者を求めています(ポータル 経済学、プロジェクト 経済)。 This page is only for reference, If you need detailed information, please check here
Read more

Boot-repair Failure: Unable to locate package grub-common:i386

Image
0 I am on a system dual-booting Windows and Debian (usually using the latter), and a recent Windows update appears to have wreaked havoc on the Debian boot system. I managed to boot Windows again, but not Linux. Following online suggestions, I created a Live USB of Ubuntu, and booted from that. Then I have installed and run the boot-repair utility. The utility instructs me to type several lines including sudo chroot "/mnt/boot-sav/sda6" apt-get purge -y grub*-common grub-common:i386 To which I receive the error E: Unable to locate package grub-common:i386 I am given to understand the issue may have to do with having UEFI vs BIOS (I believe I have UEFI), but do not understand this well. In any case I have subsequently run the boot-repair BootInfo Summary utility which created the following file h
Read more

濃尾地震

Image
濃尾地震 『岐阜市街大地震之図』 歌川国利画 本震 発生日 1891年(明治24年)10月28日 発生時刻 6時38分50秒(JST) 震央 日本 岐阜県本巣郡西根尾村(現・本巣市) 北緯35度35分 東経136度20分( 地図 ) 規模    マグニチュード(M)8.0 最大震度    震度7: 注1 福井県今立郡鯖江町、愛知県葉栗郡大田島村、東春日井郡勝川村 地震の種類 直下型地震 被害 死傷者数 死者7,273人、負傷者17,175人 注1:当時の震度階級では「激烈」 プロジェクト:地球科学 プロジェクト:災害 テンプレートを表示 濃尾地震 (のうびじしん)は、1891年(明治24年)10月28日に濃尾地方で発生した、日本史上最大の内陸地殻内地震。「 美濃・尾張地震 (みの・おわりじしん)」とも呼ばれている。辛卯の年に発生したことから 辛卯震災 と呼んでいる報告書もある。 目次 1 概要 1.1 震源断層 2 被害 3 各地の震度 4 前兆現象 5 報道 6 学術的な意義 7 地震防災 8 脚注 9 関連項目 10 外部リンク 概要 濃尾地震発生当時の根尾谷断層 濃尾地震を引き起こした根尾谷断層 写真中央を斜めに走る段差が根尾谷断層 濃尾地震は、1891年10月28日6時38分50秒に発生した。震源は、岐阜県本巣郡西根尾村(現・本巣市)、北緯35度35分、東経136度20分付近。河角廣 (1951) は岐阜市付近(北緯35.6度、東経136.6度)に震央を仮定し規模 M K = 7.0 を与え [1] 、マグニチュードは M = 8.4 に換算されているが、明治・大正期の地震については0.5程度大きく見積もられているとされる [2] 。また、震央距離と震度との関係など当時のデータから後にM8.0 [3] とも推定される。アメリカ地質調査所 (USGS) でも8.0としている [4] 。「根尾谷断層帯」が活動した典型的な内陸地殻内地震(いわゆる直下型地震)であり、これは記録が残っている日本の内陸
Read more