[ale] Weird DSL modem issue

Chris Fowler cfowler at outpostsentinel.com
Tue Mar 15 18:03:22 EDT 2011 

I spent an hour today trying to use a DSL modem in a lab to route to a
different network.  Please do not ask why!  I am doing work for a
telephone company in their lab and they have some weird connections to
mimic remote sites.


Anyway.

I am 192.168.130.2 on a 130.0/24.  The modem is at 130.253 and a cisco
router is at 130.254.  for me to go to the Internet I use 130.253.
130.253 is my default gateway.  For me to go to 110.0 I use still sue
130.253.

Here is traceroute

 [tomcat at sam-defalt tmp]$ traceroute -n 192.168.110.2
traceroute to 192.168.110.2 (192.168.110.2), 30 hops max, 40 byte
packets
 1  10.0.5.2  21.811 ms  24.711 ms  24.674 ms
 2  192.168.130.253  45.623 ms  47.584 ms  53.546 ms
 3  192.168.130.254  53.530 ms  53.513 ms  57.449 ms
 4  192.168.110.2  53.463 ms  57.379 ms  57.350 ms

Watch this!
[tomcat at sam-defalt tmp]$ strace -e trace=connect,read,write /tmp/test.pl
https://192.168.110.2/

... some stuff

connect(3, {sa_family=AF_INET, sin_port=htons(443),
sin_addr=inet_addr("192.168.110.2")}, 16) = 0
read(4, "#\363?\307\327\210,\330Z\4G\372\264\260 \1\330\222\264\203'\7
\313\227\226$^\326w\212_<"..., 48) = 48
write(3, "\200g\1\3\1\0N\0\0\0\20\0\0009\0\0008\0\0005\0\0\26\0\0\23\0\0
\n\7\0\300"..., 105) = 105
read(3, 

So we successfully connect.  We write but we are blocking in read!

No, I'll tell my device that 192.168.110.0/24 is at 130.254 (Cisco )
instead

[tomcat at sam-defalt tmp]$ traceroute -n 192.168.110.2
traceroute to 192.168.110.2 (192.168.110.2), 30 hops max, 40 byte
packets
 1  10.0.5.2  22.837 ms  26.783 ms  53.740 ms
 2  192.168.130.254  53.738 ms  53.782 ms  53.784 ms
 3  192.168.110.2  53.676 ms  53.682 ms  53.676 ms

No watch this!

connect(3, {sa_family=AF_INET, sin_port=htons(443),
sin_addr=inet_addr("192.168.110.2")}, 16) = 0
read(4, "\217\344\226\273\352\347\276\377\0206H\366^7\231\4k\360Z\243?\5
\37\240\260\31\2619d\2506\311"..., 48) = 48
write(3, "\200g\1\3\1\0N\0\0\0\20\0\0009\0\0008\0\0005\0\0\26\0\0\23\0\0
\n\7\0\300"..., 105) = 105
read(3, "\26\3\1\0J\2\0", 7)            = 7

See, no blocking in read and we get a page back.

The lab techs said nothing funny is going on but I get a feeling that
this modem is running some sort of "protection" program that is doing
this.

Does anyone have any clue what that might be?

More information about the Ale mailing list