Originally Posted by orgcandman
Does your system get its public address via dhcp? That message is a dhcp offer message (most likely) and if you're on a network (like cable) where you get your address via dhcp, it's possible that this came in from the cable modem. Cable modem providers generally choose non-route able addresses on the internal link side. For instance, my cable modem uses a 192.168.x.y subnet internally. When my cable goes out, it provides my modem with a 192.168.x.y address (which also lets me communicate with the router and view the SNMP logs, etc). Just a theory though. You'll need to investigate your network when those packets arrive - which might mean letting wireshark run for a loooong time with a good capture filter.
Thanks for your input @orgcandman.
You've given me another aspect to investigate. However, here are my thoughts (thus far):
- DHCP Chat on public interface (eth0), so no internal network issue.
- Cable modem has a single (one) interface. Since my cable modem is
ONLINE && my Linux router does get a publicly addressable IP from my
ISP, I don't see how it is possible for the modem to simultaneously
do DHCP "talk" about two completely separate networks (valid public
IP and private IP)