Solved

can see traffic but no ping

Posted on 2006-06-19
20
513 Views
Last Modified: 2010-03-19
I was at a hotel.  I had a dhcp lease for 10 minutes, then my network connectivity died.
I rebooted several times.  I ran network monitor on the network and could see other
machines etc.  I hand configured my network, by copying the setup from the business
center pc, (I randomly picked an ip address in the valid range) and sniffed.  Although
I could see broadcast packets I couldn't ping the default gateway.  

Why do you suspect that I couldn't ping (or use) the default gateway?  I could ping
it from the business center.

thanks,

-gsgi
0
Comment
Question by:gsgi
  • 6
  • 5
  • 3
  • +3
20 Comments
 
LVL 13

Expert Comment

by:prashsax
Comment Utility
It would be possible that the IP you configure on your machine had already been assigned to some other machine.

Also, it could be possible that ping is only allowed from some predefined IP addresses only.
0
 
LVL 13

Author Comment

by:gsgi
Comment Utility
Right, but I am thinking it was some network issue. When I went downstairs and plugged in, I got a dhcp lease and could ping.  From my room, after the 1st time I got a lease, I never could get another.  They showed my the network, since it is giving them problems and it is obviously not engineered at all.  200 rooms share a T.  It is just constantly saturated.  So I highly doubt "ping only allowed from a predefined IP address."
0
 
LVL 13

Assisted Solution

by:prashsax
prashsax earned 200 total points
Comment Utility
Yes, its not how generally networks are configured.

In your case, i am sure their is some problem with the cabling or the port to which you are connecting.

Since you are not able to get DHCP lease, it has to be a bad cable.

Have you called someone from IT.
0
 
LVL 13

Author Comment

by:gsgi
Comment Utility
I was there last week.  They were useless.  The jacks in the rooms seemed cheap - they didn't 'click'. As I said, I saw the network.  What they do for 'complaints' is to pull the plug on the t1 router. I am guessing that 'resets' the dhcp server, by throwing everyone on it off of it.
Then it worked in my room.

The main thing I don't understand is why if I wasn't given a lease, i.e. if I manually configured, I could not ping anything - it was like I see broadcast traffic, but not ping.  I did not do a comprehensive test on the line once the manager got it to work in my room.

I am just asking so that if I go back there to work on the network, I know what in the heck I am getting myself into.  Maybe it is a wiring nightmare.  The switches were superstack gig unmanaged and one was plugged into the t1 router.

-gsgi
0
 
LVL 22

Assisted Solution

by:rickhobbs
rickhobbs earned 100 total points
Comment Utility
If the entire DHCP range was in use, you would not be able to get a DHCP address.  In that case, if you manually configure, you would definitely be getting someone elses DHCP address.  Any responses from ping would be routed to that person's machine. If that person is not there anymore (logged off and went home), the reply would be put on the wire and you might see it. I would be willing to bet thet don't have the DHCP lease expiring quickly enough and that would cause the DHCP table to fill up.
0
 
LVL 13

Assisted Solution

by:prashsax
prashsax earned 200 total points
Comment Utility
But, if you assign same IP as someone else have, then you must get a popup saying IP Conflict.

the best way to find out if this is a cable problem or something else.

Assign yourself the default gateway IP address.

You should receive a POPUP saying IP Conflict. (This indicates that you can reach the gateway, and cable is working)

If you do not get this popup, then their is something wrong with the cabling itself.

0
 
LVL 13

Author Comment

by:gsgi
Comment Utility
The gateway was 10.172.0.1 the subnet mask was 255.255.255.240 and the business machine in their business office, which worked was 10.172.0.103.  I set mine to 10.172.0.199 -- I never thought of a full dhcp lease table, that would make some sense.  I never saw more than 10 - 20 people on the network so I assumed that they set the dhcp leases to a small range say 10.172.0.70 - .90 (this is the range where I saw a lot of the traffic)

thanks,
gsgi
0
 
LVL 13

Author Comment

by:gsgi
Comment Utility
Ok, prashsax, that was what I was wondering. You do have to 'authenticate' by clicking an 'accept' button to browse the web.  I was wondering if they had me 'shut off' without clicking that, which I couldn't get to ... I suppose if you do not have a valid dhcp lease, you could be blocked?  So what you are offering me is what I am after, a way to tell if there is a cabling issue / bad port / bad switch - or if it is a misconfigured dhcp server / authentication system.  thanks.  -gsgi



0
 
LVL 77

Expert Comment

by:Rob Williams
Comment Utility
A couple of points:
-it would be very common to have firewalls enabled, even the Windows firewall, on all devices/computers to deny ICMP requests (pings). I would certainly recommend having at least the Windows firewall enabled in any hotel. This would, by default, block all pings
-if the gateway was 10.172.0.1 with a subnet mask of 255.255.255.240 then the network would only consist of 10.172.0.1 to 10.172.0.14 unlike having a subnet mask of 255.255.255.0 which would be 10.172.0.1 to 10.172.0.254  You may have been outside the subnet with an IP of 10.172.0.199. The reason you likely saw 10.172.0.103 is they may have multiple subnets set up for their use and customer use.
-with a small DHCP range as above they may have run out of DHCP addressees to assign
-Some small commercial routers have a limited number of outgoing licenses. The first level is typically 10. When 10 DHCP addresses have been handed out they will not allow anymore until you buy more licenses, or restart the router refreshing the list. Pretty rinky-dink way of running a hotel, but possible.
0
 
LVL 13

Author Comment

by:gsgi
Comment Utility
Thanks RobWill.   I appreciate the help very much.  I messed up, the subnet mask was 255.255.240.0 - sorry.  I am almost certain that there were only about 10 dhcp leases available.

-gsgi
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 77

Accepted Solution

by:
Rob Williams earned 100 total points
Comment Utility
255.255.240.0 is a different story, that would mean 10.172.0.1 to 10.172.15.254
They could still limit the DHCP leases, though if you disconnected you should have been re-assigned the same IP, at least within the DHCP leas time.
Maybe just comes down to shoddy wiring and configuration as you suggested.
0
 
LVL 22

Expert Comment

by:rickhobbs
Comment Utility
If they have run out of assignable DHCP addresses, more than likely they have it setup so anything outside the DHCP range doesn not get Internet Access.
0
 
LVL 16

Assisted Solution

by:The--Captain
The--Captain earned 100 total points
Comment Utility
I'm guessing if the hotel in question was part of a large chain, they probably use something like

http://www.lockdownnetworks.com/products/index.php

(Found with a bit of googling)

which AFIAK is a network appliance that can restrict unauthenticated traffic many ways - if it was broken so you somehow couldn't even reach the authentication mechanism(s), I'd just reset the thing, too - that's probably why it's there in the first place - so the hotels don't have to hire folks to run a mini-ISP 24/7...  If they get enough complaints, they'll just get a new appliance from corporate, or corporate IT will fix it.

Just a guess.

Cheers,
-Jon
0
 
LVL 14

Expert Comment

by:FriarTuk
Comment Utility
gsgi, if their router is set to allow only a small range (10.172.0.70 - .90) try expanding it to .70-.170

robwill,
do you have a list or webpage that defines which ip ranges are assigned given a certain subnet?
255.240 = 0.1 - 0.14
240.0 = 0.1 - 15.254
255.0 = 0.1 - 0.254
0
 
LVL 77

Expert Comment

by:Rob Williams
Comment Utility
FriarTuk, it as a "mathematical" calculation done by converting the IP address and subnet mask to binary numbers, and then anding them to determine the network ID and the number of reaming/available bits.( with anding 1+1 =1, 1+0=0 and 0+0 =0)
For example 10.172.0.1 with a subnet mask of 255.255.255.240 would be:
IP=                  00001010.10101100.00000000.00000001
Subnet mask=  11111111.11111111.11111111.11110000  =(28 bits for the Network ID
Network ID=     00001010.10101100.00000000.00000000  =10.172.0.0

Therefore the remaining 8 bits (32-24), the last 4 binary positions, are available for IP addresses 0-15 (1111=15), However, the first one, ' 0 ' is always the Network ID  10.172.0.0 which is not used, and the last is the broadcast address, 10.172.0.15 and is reserved for broadcasts, leaving you with 10.172.0.1 to 10.172.0.14  Just a note; before I am corrected, with much of the newer hardware you can actually use the network ID 10.172.0.0 as an IP, but I it is not recommended, incase there are compatibility issues with other equipment

That was just meant as an outline. I am not a good teacher and it is a huge subject, so doubtful from that you will get much of an understanding. Most of the time you are using basic subnet masks such as 255.255.255.0 so you simply know all of the last octet is available, 1-254 (ignoring the reserved 0 and 255). If interested following site is pretty good:
http://www.learntosubnet.com/

Then there is the truth <G> most of us cheat now a days and just use subnet calculators:
http://www.subnetmask.info/
http://jodies.de/ipcalc?host=192.168.0.1&mask1=24&mask2=

Also, if you want to do any binary <=> decimal conversions the Windows calculator, in scientific mode will do it for you.
0
 
LVL 14

Expert Comment

by:FriarTuk
Comment Utility
thx that will give me some reading
0
 
LVL 16

Expert Comment

by:The--Captain
Comment Utility
>Then there is the truth <G> most of us cheat now a days and just use subnet calculators

<Gasp!>  

Completely unnecessary if you know a few mental shortcuts - of course, they can be helpful when learning how to do it in youe head, but mental calculation of subnets is a very handy skill (what happens when you show up onsite with no laptop and no internet access, and a subnet calculation is necessary to actually get them onto the internet, which is normally where you'd use your subnet calculator?)

Cheers,
-Jon
0
 
LVL 77

Expert Comment

by:Rob Williams
Comment Utility
>>"what happens when you show up onsite with no laptop and no internet access, and a subnet calculation is necessary to actually get them onto the internet, which is normally where you'd use your subnet calculator?)"

No laptop, no Internet access, and classless subnet. That would be as bad as no cell phone or cable TV. <G>
I can do it long hand without a problem. I understand there are some mental shortcuts, but other than a few memorized binary numbers I have never learned any of the shortcuts. I use it so seldom it would be like the "speed math" I learned 20 years ago, I forget it all now. Do you have any good pointers/links, would defiantly be handy at some point to know.
0
 
LVL 77

Expert Comment

by:Rob Williams
Comment Utility
Thanks gsgi,
--Rob
0
 
LVL 13

Author Comment

by:gsgi
Comment Utility
Thank you too! -gsgi
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

5 Experts available now in Live!

Get 1:1 Help Now