[The story of how nearly half this week was wasted. Apologies for length of this post.]
---
The Weaver household has recently been cursed, touched by evil forces. Last week I received a new Siemens Gigaset N300 VoIP box from Andrews and Arnold, preconfigured for me by A & A. When I plugged the box into my LAN and logged into its web admin process, initially all seemed well. I told it to download the latest firmware update from the net, and the download started off. I then realised that the download was going to be very slow, because as a new, unknown device on my LAN, the N300 had been categorised as ‘pond life’; a guest IP was allocated to it, and its speed was strictly limited by a policy rule that applies to all visitors so that they are never allowed to hog the network. So I made the N300 into a recognised, full citizen, which changed its IPv4 address to something else. At that point the device seemingly died! I fiddled about with it but simply couldn't see it on the LAN at all, never mind even being able to ping it, and so next, in frustration, I tried the factory reset procedure on it. This seemed to be if no help at all, and the device was apparently semi-bricked in that there was an LED showing that the device was powered up but otherwise it was completely unresponsive. I then talked with AA on IRC briefly, to see if they could at least just sanity-check me or spot anything I had missed, but no joy. We were baffled. So we both agreed that the new N300 should go straight back to AAISP. Bewildered. End of chapter one.
I ordered a new Firebrick FB2700 router from AA last Monday morning, as I had been having problems with one port on my current FB2500 device. Amazingly, after lightening my pocket by £900 inc VAT, the new FB2700 arrived _the next day_. In the Highlands (!), from the _South of England_. Very efficient. That day, Tuesday, my wife was busy and wasn't available to help me with physical tasks, so apart from opening the box as if Santa had just visited me, installation would have to wait until the following day when my beloved would be free to help me out with plugging cables in and so forth. Came the next day and there was an uncanny repeat of the Siemens N300 box experience. I http-connected to the new Firebrick, successfully logged in to its web admin process and attempted to select a config file to http-upload into it. This failed, because IPv4 to the Internet wasn't working - since I had selected a bogus 10.0.0.0/8 address for myself so as to be able to talk to the Firebrick which defaulted to being at 10.0.0.1 - and I had forgotten that my backup of the config was living on the network file system provided by Apple's “iCloud” Internet-based storage service. So I changed my IPv4 address to something sensible, and attempted to set the new Firebrick's IPv4 address to something sensible too by letting it get DHCP-configured by the old Firebrick acting as DHCP server. At this point everything went pear-shaped. I simply could not see the new Firebrick on the LAN no matter how I tried, at an address expected of a DHCP client, nor at its default 10.0.0.1 address. I then tried factory-resetting it, out of desperation. This involved creating a loopback by connecting an Ethernet cable between two of the FB's ports in order to tell it to reset itself. Anyway it still appeared semi-bricked in that the LEDs on the front panel would flash as expected, showing the CPU was working, but I still simply couldn't see it or talk to it on the LAN. Sounds familiar?
After several hours of faffing about, I scanned the LAN and spotted an unknown device at a very unusual address - 192.268.1.1. I say ‘unusual’ because I haven't been using this particular RFC 1918 range at all. I thought to myself that this might be the new Firebrick which for some reason had been caused to adopt this unusual address because of the very-hard factory reset procedure. I then noticed that the mystery device couldn't be the new Firebrick because its MAC address was wrong. So in curiosity I tried http-connecting to the mystery device and got a webpage that was blank apart from a login prompt. After several minutes of password hacking, I successfully got in with "admin" / "admin" or some suchlike. Then to my horror, I saw a web page belonging to a DLink DSL-320B-Z1 modem/router. I struggled out of my bed, because my wife had gone to the local village and wasn't around to help, went to the upstairs office and found the evil DLink lurking on the desk. I realised that my dear wife had plugged it in to the main LAN switch for me some weeks earlier when I wanted to take a brief look at its config. But after I had finished, I had forgotten all about it and had never asked her to unplug the device for me, so it had been left sitting there still plugged into the LAN. The DLink can be a (crap, buggy) router as well as a modem, and as ill-luck would have it, it was acting as a _DHCP server_ and had been doing so for (?)weeks.
This, I suspected, had been the cause of the chaos with the vanishing devices. At some point, acting as a DHCP client, a new device would get kidnapped by the evil rogue DHCP server and get pulled into the 192.168.0.0/16 range thus vanishing from sight. In the case of the Siemens N300, googling the issue brought up reports suggesting that the device could get bricked if a firmware download (or flash blowing) was interrupted, so this could be the answer to the first mystery death. In the case of the new Firebrick, I suspect I might have killed it by doing the factory reset procedure wrongly and asking my wife to pull the power at the wrong point, while it was perhaps still blowing its flash in order to reinstall the default config or the factory firmware image. The realisation about the suspected reason for the FB's death came after I had again talked with AA, we were once more baffled, and agreed to send the new FB back to AA for swap-out. I suggested to AA that an exorcism might be in order at Weaver Towers, as at that point the answer from rationality concerning the rogue DLink had not yet surfaced.
The moral: don't have rogue DHCP servers on your network.
I see that I can turn off the DHCP server function on the DLinks. They are supposed to be configured to just be in modem-only mode (‘bridge modes’), so it seems daft that a lot of these appropriate config changes aren't made as a matter of course, or even automatically. A lot of inappropriate garbage options are still left turned on when you set the device into modem-only mode.
So, the body count: Two brand new devices to go back to AA, just under a grand's worth of semi-bricked kit, to be packaged back up, ready for the next time we venture out to visit civilisation and post them off at Broadford Oifis a‘ Phuist. Ho hum.
