Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: First lightning storm with Firebrick failover  (Read 307 times)

Weaver

  • Addicted Kitizen
  • *****
  • Posts: 6786
  • Retd sw dev; A&A; 4 × 7km ADSL2; IPv6; Firebrick
First lightning storm with Firebrick failover
« on: November 30, 2018, 06:17:43 AM »

There was lightning last night to the south east of us, in the Linne Shléiteach, which is the bit of the Atlantic separating Skye from the mainland, and the strikes shown on the BlitzortungLive map were down near the southern tip of The Island, two there and another one further south east just off the coast of the mainland.

I heard the rumble of thunder and Mrs Weaver turned off all the modems and unplugged them from the wall. This was the first time the Firewall 3G dongle failover system had been used with a real DSL outage. Before I had cheated by tweaking the Firebrick config so that it couldn’t find any of the modems. Anyway it worked superbly, AA at their end and the Firebrick here both switched over to directing all of the traffic through the 3G dongle.

It used all the exact same IP addresses, so TCP connections could simply carry on without a clue that anything had happened. Changing IP addresses would have meant having to bin TCP connections as TCP cannot handle such a change (although more advanced protocols such as SCTP can iirc) and also the remote end wouldn’t know who the new IP address was that suddenly started talking to it because it uses the old address to identify the particular client.

One really bad thing is the fact that the 3G/4G network doesn’t speak IPv6, but luckily AA and the Firebrick both compensate by going over to tunnelling IPv6 traffic in IPv4. IPv6 was tested using the two test websites test-ipv6.com and ipv6-test.com and got 100% top marks score from each.

The other really bad thing is the low MTU of the network + dongle combination, which is only 1440 bytes (for an IP PDU). Why, I have no idea. I had complained to AA about this, seeing as they had told porkies about full 1500 byte MTU in their advertising and they seemed surprised and unaware, and had to simply confess that they had got it wrong somehow. At the time of failover, there will be a change of MTU in the middle of a session and if TCP connections or other protocol conversations are open then this might cause all kinds of disruption. Shudders. The way I have it set up, the effect on IPv6 will be different from the effect on IPv4. I really need to test both with downloads or uploads in progress at the time of a switchover.

It will need several pairs of hands, some accompanying dexterity and a load of coordinated actions, but with the setting up IPv4 and IPv6 transfers in both directions using various protocols and talking to various remote servers this could test his well protocols and software copes with the change of MTU mid-stream, if any. I would need to do traffic captures which I can do, because AA has a facility to do so and so do my WAPs. I struggle to make sense of these, the amount of information is overwhelming. Firstly, I could do with some decent software to break headers down really clearly with full explanations. Secondly I need help linking the packets that belong to each flow. And thirdly something that can help me spot salient features of the sequence of events in protcols such as TCP, including retransmission, out-of-order packet arrival and repeated duplicates, and especially important here, ICMP packets plus the reaction to them.

Anyway, despite the lack of detailed tests and challenging situations, the whole thing was a resounding success with every device just keeping on going.
Logged

burakkucat

  • Global Moderator
  • Senior Kitizen
  • *
  • Posts: 25432
  • Over the Rainbow Bridge
    • The ELRepo Project
Re: First lightning storm with Firebrick failover
« Reply #1 on: November 30, 2018, 04:14:39 PM »

. . . I would need to do traffic captures which I can do, because AA has a facility to do so and so do my WAPs. I struggle to make sense of these, the amount of information is overwhelming. Firstly, I could do with some decent software to break headers down really clearly with full explanations. Secondly I need help linking the packets that belong to each flow. And thirdly something that can help me spot salient features of the sequence of events in protcols such as TCP, including retransmission, out-of-order packet arrival and repeated duplicates, and especially important here, ICMP packets plus the reaction to them.

I have found Wireshark to be adequate for my needs.
Logged
:cat:  100% Linux and, previously, Unix. Co-founder of the ELRepo Project.

Please consider making a donation to support the running of this site.

Weaver

  • Addicted Kitizen
  • *****
  • Posts: 6786
  • Retd sw dev; A&A; 4 × 7km ADSL2; IPv6; Firebrick
Re: First lightning storm with Firebrick failover
« Reply #2 on: November 30, 2018, 05:02:29 PM »

Can I run Wireshark off captured stuff in a file? I would need to run it on my hosted raspberry pi somehow. I tried to find an online tool that would do this but got rather lost. Something that could upload some raw data and then get a cooked analysis back in ASCII, that would work.

Uploading the stuff to the pi and then fetching the answers back would be a multi-step pain. I should be able to write an iPad program to automate all of that very easily using the iOS Shortcuts languages (formerly known as ‘Workflow’ before iOS 12).

I might or might not have huge problems with file formats. AA’s traffic capture can decode the results for you but I find it tiring to work through. I forget but I suspect you can get a pcap file without the decoding and turning into ASCII output too.

Also my WAPs can do traffic capture, I forget what their capture format options are.



Logged

burakkucat

  • Global Moderator
  • Senior Kitizen
  • *
  • Posts: 25432
  • Over the Rainbow Bridge
    • The ELRepo Project
Re: First lightning storm with Firebrick failover
« Reply #3 on: November 30, 2018, 05:15:06 PM »

Can I run Wireshark off captured stuff in a file?

Yes, certainly, assuming the capture file is in pcap or pcapng format.

I keep the entire raw capture data in a pcap format file and whenever I want to examine specific sections in ASCII, I'll re-load the capture file back into Wireshark, select the data required, and dump it as an ASCII text file.
Logged
:cat:  100% Linux and, previously, Unix. Co-founder of the ELRepo Project.

Please consider making a donation to support the running of this site.

Weaver

  • Addicted Kitizen
  • *****
  • Posts: 6786
  • Retd sw dev; A&A; 4 × 7km ADSL2; IPv6; Firebrick
Re: First lightning storm with Firebrick failover
« Reply #4 on: December 01, 2018, 07:42:44 AM »

Damn, that was a huge download, and it didn’t work, because it required X11.

It seems I need to try something called tshark which is a simple terminal CLI-only thing.

I eventually got tshark to work after hitting imho a bug where it moaned about me being root even though all I was doing was reading an ordinary file! I fixed the bug by editing the text file /usr/share/wireshark/init.lua and changed it to read "disable_lua = true" instead of false. Got this from some tip on the web related to the stupid error message I had seen.
« Last Edit: December 01, 2018, 08:09:07 AM by Weaver »
Logged

burakkucat

  • Global Moderator
  • Senior Kitizen
  • *
  • Posts: 25432
  • Over the Rainbow Bridge
    • The ELRepo Project
Re: First lightning storm with Firebrick failover
« Reply #5 on: December 01, 2018, 05:27:47 PM »

Damn, that was a huge download, and it didn’t work, because it required X11.

Ick.  :(

I'll mention tcpdump, which you also might find useful.
Logged
:cat:  100% Linux and, previously, Unix. Co-founder of the ELRepo Project.

Please consider making a donation to support the running of this site.

Weaver

  • Addicted Kitizen
  • *****
  • Posts: 6786
  • Retd sw dev; A&A; 4 × 7km ADSL2; IPv6; Firebrick
Re: First lightning storm with Firebrick failover
« Reply #6 on: December 02, 2018, 11:24:05 AM »

I’ve written a bash script that mangles the required file, using sed, so that the bug is fixed, and I can run this after pulling down tshark in future.

I didn’t get enough help in the display analysis, not enough spoon-feeding for the needs of the remedial class.

I should have remembered tcpdump.
Logged
 

anything