Author Topic: Black magic network devices  (Read 832 times)

SoreTween

  • Most of me survived the Pennine Bridleway.
Black magic network devices
« on: July 24, 2020, 04:40:01 pm »
Sigh, power line Ethernet extenders again :-(

How does a device with no IP address work?  I realise that's a big question so perhaps throw one or two (no more please) noddy level buzzwords at me to go off and read up upon.  I've never got the whole 7 levels of hell layers of networking thing despite several attempts.

Reason for asking is the latest power line devices I'm trying don't have IP addresses.  They don't show up in my DHCP client list nor in an nmap -sP /24 scan.  At that point my brain goes wibble.  These are, according to the screenshots in reviews extremely capable and configurable devices (Asus PL-AC56 kit).  They are supposed to show a management interface when you navigate to ap.asus.com from a device connected through them.  However, they don't.  At the current 3 working day turn around for each email to asus support it's going to be Christmas before I get through the droid script questions and answers.



2020 targets: None
There is only one infinite resource in this universe; human stupidity.

Kim

  • Timelord
Re: Black magic network devices
« Reply #1 on: July 24, 2020, 09:04:36 pm »
How does a device with no IP address work?

Same way a switch (assume it's a dumb one with no VLANs to configure or anything) works:  It just sits there doing its thing with the Ethernet packets, and knows nothing of TCP/IP (or IPX or PPPoE or any of the other things that Ethernet can be used to carry).

(By analogy a few layers higher up the OSI model: HTTP doesn't need to know anything about YACF.)


Quote
Reason for asking is the latest power line devices I'm trying don't have IP addresses.  They don't show up in my DHCP client list nor in an nmap -sP /24 scan.  At that point my brain goes wibble.  These are, according to the screenshots in reviews extremely capable and configurable devices (Asus PL-AC56 kit).  They are supposed to show a management interface when you navigate to ap.asus.com from a device connected through them.  However, they don't.  At the current 3 working day turn around for each email to asus support it's going to be Christmas before I get through the droid script questions and answers.

It must be doing something devious.  Like using IPv6 link-local addresses, or man-in-the-middling the packets destined for that website or something.  Or it's just NATing everything downstream and doing its own DHCP maybe? (Have you tried connecting to the default gatway of a device connected through them?)


Careful, Kim. Your sarcasm's showing...

iddu

  • Are we there yet?
Re: Black magic network devices
« Reply #2 on: July 24, 2020, 10:01:41 pm »
>...man-in-the-middling the packets destined for that website or something

Concur - I'd guess it's snooping all traffic for resolution request of ap.asus.com and shimming local accessibility on the fly to the management console UI if seen.

Packet trace it to confirm, or see if it breaks access to UI if you override across the wire lookup by defining ap.asus.com as something in your local hosts setup
I'd offer you some moral support - but I have questionable morals.

Re: Black magic network devices
« Reply #3 on: July 25, 2020, 08:08:58 am »
It goes like this:

For PoE the device does not need to have an IP address at all. Its working purely as a layer 2 device. It pairs with the other PoE device when you press the button on them both (the one that plugs into your Internet router) via a layer 2 protocol WPS which was developed for WiFi. No IP involved in any of this at all.

For a management interface that you can hot with a web browser however t does need an IP address as your browser needs one to setup the TCP session with over either HTTP or HTTPS.

The ASUS documentation on this is rubbish I just had a quick look. It does appear however that it defaults to 192.168.1.1 /24. If you set the IP address of your PC to 192.168.1.2 /24 you should then be able to point your browser at http://192.168.1.1 or https://192.168.1.1 you should get its management page. You can then change it from static to dynamic IP address assignment and when you reboot it it should DHCP an IP address from you DHCP server instead. Then change your PCs IP address back to what it was before or DHCP or whatever.

You should then be able to hit the management interface via http://whatever DHCP gave it and also if it works as advertised: http://ap.asus.com. This last one (if it does work and something similar works on my TP-Link stuff) means that the device as others have stated is sniffing the DNS requests for  http://ap.asus.com and replying itself with its own IP or possibly doing something even sneakier with the actual HTTP packets. Until your PC and it are on the same IP subnet though non of this mamangemnt stuff will work as its IP.

You also might find that you need to disconnect the PoE from your router while you change the PoE device to DHCP as 192.168.1.1 is usually the default IP address of Internet routers.

I think you'll find it's a bit more complicated than that.

Re: Black magic network devices
« Reply #4 on: July 25, 2020, 08:24:06 am »
Here's a primer for the first three of the seven OSI layers.

Layer 1 - the wire. You plug it in, as simple as that. Known as the physical layer

Layer 2 - Electronics devices talking to each other. That's the data link layer. At this stage, it is just a way of talking between local friends. Local, because at this stage it has no way of knowing where things are, and it is the stuff of all local networks. Ethernet, Token Ring are all examples of this, setting up a network has no need to know where other devices are, just the way they talk to each other.

Layer 3 - introduces the network protocol. How to find other things on the network, IP (Internet Protocol) is just an example of this. If you aren't going out to the wide world, you don't need IP, there are other options and devices that only talk to each other will comfortably use these.

(Layer 4 adds the way chunks of data can be moved about, Layer 5 enables conversations - this is the TCP of the TCP/IP bit, Layer 6 is probably too complicated for a few word summary and Layer 7 is the application itself)

Re: Black magic network devices
« Reply #5 on: July 25, 2020, 11:58:04 am »
Layer 3 - introduces the network protocol. How to find other things on the network, IP (Internet Protocol) is just an example of this. If you aren't going out to the wide world, you don't need IP, there are other options and devices that only talk to each other will comfortably use these.

True in theory but nearly everything we use these days (web browsers, music streaming, smart home stuff, file sharing) runs over IP and usually TCP at that. So whilst you can do everything over L2 if you don't need to get off your network or (VLAN if you have them) in practise you need the whole stack.

Back in the day there were quite a few things that ran over L2 such as SNA, LAT and NETBUI. These days not so much unless you are looking at low level network stuff like CDP, STP, LACP etc.

Layer two protocols for anything more than switches and the like talking to each other have been largely abandoned as they are specific to the underlying technology (mainly Ethernet these days but there are still other technologies knocking around). One of the major advantages of layer 3 protocols is that you can use them over any lower layer technology without re writing your application.
I think you'll find it's a bit more complicated than that.

SoreTween

  • Most of me survived the Pennine Bridleway.
Re: Black magic network devices
« Reply #6 on: July 25, 2020, 12:01:00 pm »
Oh heck, IPv6.  That's been mostly nuked from orbit hereabouts.  I say mostly because I don't have that capability on my android devices, my slab has an IPv6 address so an IPv6 connection should be achievable between that and either end of the powerline, wouldn't it?

The ASUS documentation on this is rubbish I just had a quick look.
You found something?  Where's the manual was question 1 to Asus.  All they came back with was the quick start guide.

I can see how it doesn't need an IP address to do the over-powerline part. Whatever comes in one end just gets encapsulated and transmitted to the far end for retransmission.  I've built RS232 over mains devices, that was just a crude media converter (college project).  In my professional life I designed fibre extenders for a rack based system with parallel backplane data. Encapsulate, transmit, reform.  Serial peer to peer comms in that system was like an onion, each layer having it's own addressing, error detection, sequence numbers etc wrapped around the data.  What was just data at one layer was addressing, error detection, sequencing and data at the next.

nmap scans from a client return the mac address of my router and clients are registered in my router DHCP so it's not faking itself in place of my router.

Responding rather than passing through is something different though, the browser has to be sending out an IP it wants to communicate with if I'm understanding the higher layers at all.  I get how the powerline kit can watch for a specific DNS request and reply itself rather than forwarding those packets.  Could it reply with an internet address?  Pretend to be a device beyond my router and go on intercepting http(s) requests to that address?  That would explain how it can be talked to without appearing in my local IP range.  Is that what iddu is describing?  I can't packet trace anything until I can pursuade the damn things to respond to the initial request.

Perhaps I need to play dumb to get started.  My network uses VLANs and as said IPv6 is killed, there may be other settings having an effect.  I have an old router, perhaps I factory reset that, give it the minimum settings needed to get online and try that way.  Sound worth a try?

2020 targets: None
There is only one infinite resource in this universe; human stupidity.

Re: Black magic network devices
« Reply #7 on: July 25, 2020, 12:11:18 pm »
The PoE device wont be doing VLANs it will not be tagging any packets.

What you need to do is this I think:

  • Disconnect the PoE adpater that has no Wifi from the router.
  • Set the IP address of a laptop or whatever to 192.168.1.22 /24
  • Connect the laptop via Ethernet or WiFi to the PoE adaptor that has WiFi
  • Point a browser on that laptop at http://192.168.1.1
You should now get the management console

  • Set the WiFi PoE adaptor to DHCP its IP address (or give it a static one if you want but on the correct subnet for your network).
  • Probably have to reboot the WiFi PoE adaptor at this point or perhaps not depends on how the firmware works
  • Reconnect the other PoE adaptor to your switch or router
  • Reset your laptop to DHCP
You should now be able to browse the Internet and get at the WiFi PoE adaptors management interface on its new IP address and if its DHCP you should see it request a reservation on your DHCP server.
I think you'll find it's a bit more complicated than that.

SoreTween

  • Most of me survived the Pennine Bridleway.
Re: Black magic network devices
« Reply #8 on: July 25, 2020, 12:13:22 pm »
Thanks :thumbsup:  I'll give that a shot.
2020 targets: None
There is only one infinite resource in this universe; human stupidity.

Re: Black magic network devices
« Reply #9 on: July 25, 2020, 12:18:10 pm »
Responding rather than passing through is something different though, the browser has to be sending out an IP it wants to communicate with if I'm understanding the higher layers at all.  I get how the powerline kit can watch for a specific DNS request and reply itself rather than forwarding those packets.  Could it reply with an internet address?  Pretend to be a device beyond my router and go on intercepting http(s) requests to that address?  That would explain how it can be talked to without appearing in my local IP range.  Is that what iddu is describing?  I can't packet trace anything until I can pursuade the damn things to respond to the initial request.

Perhaps I need to play dumb to get started.  My network uses VLANs and as said IPv6 is killed, there may be other settings having an effect.  I have an old router, perhaps I factory reset that, give it the minimum settings needed to get online and try that way.  Sound worth a try?

For you to talk to it it must have an IP address on your subnet. Your laptop or PC will only talk to devices on the same subnet. Anything else it will just send the packet to its default gateway which again must be on the same subnet. The IP stack on a device checks the IP address it needs to talk to, if its on the same subnet it sends out an ARP (which ends up being an L2 broadcast) requesting the Ethernet MAC of the device with that IP. An ARP reply should come back from the device with that IP and now they both know each others MAC and can talk at L2.

If the laptop or PC or whatever looks at the IP address you want to talk to and works out its on a different subnet it does an ARP again but for the MAC of the default gateway IP. Then all packets for that IP are sent to the default gateway as unicast.

You cannot talk directly to an IP address thats not on your subnet even if it happens to be on the same physical or virtual LAN you always have to go through a router.
I think you'll find it's a bit more complicated than that.

Kim

  • Timelord
Re: Black magic network devices
« Reply #10 on: July 25, 2020, 12:23:13 pm »
PoE EoP

FTFY.  PoE is something else.
Careful, Kim. Your sarcasm's showing...

Re: Black magic network devices
« Reply #11 on: July 25, 2020, 12:41:52 pm »
PoE EoP

FTFY.  PoE is something else.

Arrgh that's my work life bleeding through. PoE is in my muscle memory.
I think you'll find it's a bit more complicated than that.

Re: Black magic network devices
« Reply #12 on: July 25, 2020, 01:45:07 pm »
Layer 3 - introduces the network protocol. How to find other things on the network, IP (Internet Protocol) is just an example of this. If you aren't going out to the wide world, you don't need IP, there are other options and devices that only talk to each other will comfortably use these.

True in theory but nearly everything we use these days (web browsers, music streaming, smart home stuff, file sharing) runs over IP and usually TCP at that. So whilst you can do everything over L2 if you don't need to get off your network or (VLAN if you have them) in practise you need the whole stack.


The EoP referred to are just as likely to use some form of LLDP, and the OP's question was "How does a device with no IP address work? " any IP addresses are just for management and config, one assumes.

Re: Black magic network devices
« Reply #13 on: July 25, 2020, 05:58:56 pm »
Here's a primer for the first three of the seven OSI layers.
Happy memories. Back in the 80s, I had a job editing for a technical literature database. I was paid to watch and read as the papers came out developing this stuff. Moving from there into a job working with Web sites and the like meant that I then saw it being put into practice.

I'm not a network expert, but I've ended up being able to talk to people who are and have a few words in common, which always helps :thumbsup:

Re: Black magic network devices
« Reply #14 on: July 25, 2020, 07:16:41 pm »
RIP Peter Green:  "Got a Black Magic Network....."

Re: Black magic network devices
« Reply #15 on: July 25, 2020, 07:34:57 pm »
Here's a primer for the first three of the seven OSI layers.
Happy memories. Back in the 80s, I had a job editing for a technical literature database. I was paid to watch and read as the papers came out developing this stuff. Moving from there into a job working with Web sites and the like meant that I then saw it being put into practice.

I'm not a network expert, but I've ended up being able to talk to people who are and have a few words in common, which always helps :thumbsup:

Somewhere back in the mists of time, I ran my own IT company that did anything people would pay for in the IT sphere. I can't remember who what where, but I seem to remember creating a Network theory training course for someone, and I used a written message/letter as an analogy to the OSI layers, the paper being L1. I think it got a bit over extended in the process (Language is L2, address on an envelope L3), but it was good to show how much has to be agreed (and, we take for granted) before a message can be passed, and an instruction understood. Stuff like, how many pages is the text on? how do you know you've got it all? What language are you going to write in?

quixoticgeek

  • Mostly Harmless
Re: Black magic network devices
« Reply #16 on: July 25, 2020, 09:07:03 pm »

Somewhere back in the mists of time, I ran my own IT company that did anything people would pay for in the IT sphere. I can't remember who what where, but I seem to remember creating a Network theory training course for someone, and I used a written message/letter as an analogy to the OSI layers, the paper being L1. I think it got a bit over extended in the process (Language is L2, address on an envelope L3), but it was good to show how much has to be agreed (and, we take for granted) before a message can be passed, and an instruction understood. Stuff like, how many pages is the text on? how do you know you've got it all? What language are you going to write in?

Surely L1 is the postal service
L2 is the Envelope
L3 is the paper inside the envelope...
L4 is I AM OVERTHINKING THIS. So sorry, as you were.

J
--
Beer, bikes, and backpacking
http://b.42q.eu/

Re: Black magic network devices
« Reply #17 on: July 25, 2020, 10:00:14 pm »
You should try living in my world of datacentre networking. We build fabrics with VXLAN so you have real L2 with layer 3 over it then you use VXLAN to run emulated layer 2 over this layer 3 fabric. So thats emulated layer 2 over layer 3 over real layer 2.
Then someone wants to run VMware compute that now uses NSX-T which is again emulated layer 2 over layer 3 between virtual switches.
So now you have:
emulated layer 2 over layer 3 across your virtual switches which runs over emulated layer 2 over layer 3 over real layer 2 on the physical switches.

Unicast is bad enough don't get my started on multicast in this swamp of nested encapsulation and emulation.

And I wonder why I get headaches sometimes.
I think you'll find it's a bit more complicated than that.

quixoticgeek

  • Mostly Harmless
Re: Black magic network devices
« Reply #18 on: July 25, 2020, 10:36:35 pm »
You should try living in my world of datacentre networking. We build fabrics with VXLAN so you have real L2 with layer 3 over it then you use VXLAN to run emulated layer 2 over this layer 3 fabric. So thats emulated layer 2 over layer 3 over real layer 2.
Then someone wants to run VMware compute that now uses NSX-T which is again emulated layer 2 over layer 3 between virtual switches.
So now you have:
emulated layer 2 over layer 3 across your virtual switches which runs over emulated layer 2 over layer 3 over real layer 2 on the physical switches.

Unicast is bad enough don't get my started on multicast in this swamp of nested encapsulation and emulation.

And I wonder why I get headaches sometimes.

There's no problem that cannot be solved with another layer of indirection...

J
--
Beer, bikes, and backpacking
http://b.42q.eu/

Re: Black magic network devices
« Reply #19 on: July 26, 2020, 02:40:42 am »
(Layer 4 adds the way chunks of data can be moved about, Layer 5 enables conversations - this is the TCP of the TCP/IP bit, Layer 6 is probably too complicated for a few word summary and Layer 7 is the application itself)

And Layer 8 is the political layer.

(Various alternative definitions exist: https://en.wikipedia.org/wiki/Layer_8)

I met some of the old lot when I went to Murray Hill once (it was Lucent Labs by then). I've also worked for years on and off with a guy who was working on one network protocol and had shared an office with another guy (Vint) who was working on a rival protocol - it worked out better for one of them (no-one misses IPX).

Then there was the time around Christmas 1997 when I was young/naive and sitting by the pool where I lived in SF (mild summers AND mild winters!) talking to a guy who'd started his own IT business that he said was "doing quite well". Years later I find out it was Sabeer Bhatia and the company was Hotmail.
"Yes please" said Squirrel "biscuits are our favourite things."

Re: Black magic network devices
« Reply #20 on: July 26, 2020, 09:03:17 am »
So now you have:
emulated layer 2 over layer 3 across your virtual switches which runs over emulated layer 2 over layer 3 over real layer 2 on the physical switches.
It's a good job you weren't around when those original ideas were being developed. They'd probably have given up in tears.

Re: Black magic network devices
« Reply #21 on: July 26, 2020, 09:06:04 am »
I met some of the old lot when I went to Murray Hill once (it was Lucent Labs by then). I've also worked for years on and off with a guy who was working on one network protocol and had shared an office with another guy (Vint) who was working on a rival protocol - it worked out better for one of them (no-one misses IPX).

That wasn't Vint Cerf was it? The man's a legend!
I think you'll find it's a bit more complicated than that.

Re: Black magic network devices
« Reply #22 on: July 26, 2020, 09:22:56 am »
So now you have:
emulated layer 2 over layer 3 across your virtual switches which runs over emulated layer 2 over layer 3 over real layer 2 on the physical switches.
It's a good job you weren't around when those original ideas were being developed. They'd probably have given up in tears.

Well I have been working in networking since the late 80s so have seen some of this stuff arrive (not the idea of L2 and L3 as that theory on that goes way back) but most of the rest I have watched come and go. I did Decnet on VAX, X25, S-NET, Arcnet, TokenRing, Frame-relay,  LANE (LAN emulation over ATM - shudder), qualified Novell trainer (specialised in fault finding and networks), installed the first Netware 386 server in the UK. I'm one of the initial batch of Cisco CCIEs (CCIE #2305 they started counting from 1024 of course).

At one stage we used to play a game where we competed to see how many network drivers we could have installed at once. This was pre Windows 95 so the trick was to install as many of them as possible into extended memory (the bit between 640K and 1Mb).
I think you'll find it's a bit more complicated than that.

Re: Black magic network devices
« Reply #23 on: July 26, 2020, 12:42:46 pm »
Wow, happy (extended) memories :thumbsup:

That wasn't Vint Cerf was it? The man's a legend!

I did speak to Tim Berners-Lee once, not that he'd remember as it was so trivial. I was Webcasting him using RealAudio, in the days when that was remarkable. I remember another event I did, where the chair said all day at intervals, "We are broadcasting this over the Web", and then one speaker stood up and said, "Between you and me and these four walls, ..."  ;D

Mr Larrington

  • A bit ov a lyv wyr by slof standirds
  • Custard Wallah
    • Mr Larrington's Automatic Diary
Re: Black magic network devices
« Reply #24 on: July 26, 2020, 01:14:11 pm »
Even just reading the word "Pathworks" still makes me shudder...
External Transparent Wall Inspection Operative & Mayor of Mortagne-au-Perche
Satisfying the Bloodlust of the Masses in Peacetime