Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 537
  • Last Modified:

can see traffic but no ping

I was at a hotel.  I had a dhcp lease for 10 minutes, then my network connectivity died.
I rebooted several times.  I ran network monitor on the network and could see other
machines etc.  I hand configured my network, by copying the setup from the business
center pc, (I randomly picked an ip address in the valid range) and sniffed.  Although
I could see broadcast packets I couldn't ping the default gateway.  

Why do you suspect that I couldn't ping (or use) the default gateway?  I could ping
it from the business center.

thanks,

-gsgi
0
gsgi
Asked:
gsgi
  • 6
  • 5
  • 3
  • +3
5 Solutions
 
prashsaxCommented:
It would be possible that the IP you configure on your machine had already been assigned to some other machine.

Also, it could be possible that ping is only allowed from some predefined IP addresses only.
0
 
gsgiAuthor Commented:
Right, but I am thinking it was some network issue. When I went downstairs and plugged in, I got a dhcp lease and could ping.  From my room, after the 1st time I got a lease, I never could get another.  They showed my the network, since it is giving them problems and it is obviously not engineered at all.  200 rooms share a T.  It is just constantly saturated.  So I highly doubt "ping only allowed from a predefined IP address."
0
 
prashsaxCommented:
Yes, its not how generally networks are configured.

In your case, i am sure their is some problem with the cabling or the port to which you are connecting.

Since you are not able to get DHCP lease, it has to be a bad cable.

Have you called someone from IT.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
gsgiAuthor Commented:
I was there last week.  They were useless.  The jacks in the rooms seemed cheap - they didn't 'click'. As I said, I saw the network.  What they do for 'complaints' is to pull the plug on the t1 router. I am guessing that 'resets' the dhcp server, by throwing everyone on it off of it.
Then it worked in my room.

The main thing I don't understand is why if I wasn't given a lease, i.e. if I manually configured, I could not ping anything - it was like I see broadcast traffic, but not ping.  I did not do a comprehensive test on the line once the manager got it to work in my room.

I am just asking so that if I go back there to work on the network, I know what in the heck I am getting myself into.  Maybe it is a wiring nightmare.  The switches were superstack gig unmanaged and one was plugged into the t1 router.

-gsgi
0
 
Rick HobbsRETIREDCommented:
If the entire DHCP range was in use, you would not be able to get a DHCP address.  In that case, if you manually configure, you would definitely be getting someone elses DHCP address.  Any responses from ping would be routed to that person's machine. If that person is not there anymore (logged off and went home), the reply would be put on the wire and you might see it. I would be willing to bet thet don't have the DHCP lease expiring quickly enough and that would cause the DHCP table to fill up.
0
 
prashsaxCommented:
But, if you assign same IP as someone else have, then you must get a popup saying IP Conflict.

the best way to find out if this is a cable problem or something else.

Assign yourself the default gateway IP address.

You should receive a POPUP saying IP Conflict. (This indicates that you can reach the gateway, and cable is working)

If you do not get this popup, then their is something wrong with the cabling itself.

0
 
gsgiAuthor Commented:
The gateway was 10.172.0.1 the subnet mask was 255.255.255.240 and the business machine in their business office, which worked was 10.172.0.103.  I set mine to 10.172.0.199 -- I never thought of a full dhcp lease table, that would make some sense.  I never saw more than 10 - 20 people on the network so I assumed that they set the dhcp leases to a small range say 10.172.0.70 - .90 (this is the range where I saw a lot of the traffic)

thanks,
gsgi
0
 
gsgiAuthor Commented:
Ok, prashsax, that was what I was wondering. You do have to 'authenticate' by clicking an 'accept' button to browse the web.  I was wondering if they had me 'shut off' without clicking that, which I couldn't get to ... I suppose if you do not have a valid dhcp lease, you could be blocked?  So what you are offering me is what I am after, a way to tell if there is a cabling issue / bad port / bad switch - or if it is a misconfigured dhcp server / authentication system.  thanks.  -gsgi



0
 
Rob WilliamsCommented:
A couple of points:
-it would be very common to have firewalls enabled, even the Windows firewall, on all devices/computers to deny ICMP requests (pings). I would certainly recommend having at least the Windows firewall enabled in any hotel. This would, by default, block all pings
-if the gateway was 10.172.0.1 with a subnet mask of 255.255.255.240 then the network would only consist of 10.172.0.1 to 10.172.0.14 unlike having a subnet mask of 255.255.255.0 which would be 10.172.0.1 to 10.172.0.254  You may have been outside the subnet with an IP of 10.172.0.199. The reason you likely saw 10.172.0.103 is they may have multiple subnets set up for their use and customer use.
-with a small DHCP range as above they may have run out of DHCP addressees to assign
-Some small commercial routers have a limited number of outgoing licenses. The first level is typically 10. When 10 DHCP addresses have been handed out they will not allow anymore until you buy more licenses, or restart the router refreshing the list. Pretty rinky-dink way of running a hotel, but possible.
0
 
gsgiAuthor Commented:
Thanks RobWill.   I appreciate the help very much.  I messed up, the subnet mask was 255.255.240.0 - sorry.  I am almost certain that there were only about 10 dhcp leases available.

-gsgi
0
 
Rob WilliamsCommented:
255.255.240.0 is a different story, that would mean 10.172.0.1 to 10.172.15.254
They could still limit the DHCP leases, though if you disconnected you should have been re-assigned the same IP, at least within the DHCP leas time.
Maybe just comes down to shoddy wiring and configuration as you suggested.
0
 
Rick HobbsRETIREDCommented:
If they have run out of assignable DHCP addresses, more than likely they have it setup so anything outside the DHCP range doesn not get Internet Access.
0
 
The--CaptainCommented:
I'm guessing if the hotel in question was part of a large chain, they probably use something like

http://www.lockdownnetworks.com/products/index.php

(Found with a bit of googling)

which AFIAK is a network appliance that can restrict unauthenticated traffic many ways - if it was broken so you somehow couldn't even reach the authentication mechanism(s), I'd just reset the thing, too - that's probably why it's there in the first place - so the hotels don't have to hire folks to run a mini-ISP 24/7...  If they get enough complaints, they'll just get a new appliance from corporate, or corporate IT will fix it.

Just a guess.

Cheers,
-Jon
0
 
FriarTukCommented:
gsgi, if their router is set to allow only a small range (10.172.0.70 - .90) try expanding it to .70-.170

robwill,
do you have a list or webpage that defines which ip ranges are assigned given a certain subnet?
255.240 = 0.1 - 0.14
240.0 = 0.1 - 15.254
255.0 = 0.1 - 0.254
0
 
Rob WilliamsCommented:
FriarTuk, it as a "mathematical" calculation done by converting the IP address and subnet mask to binary numbers, and then anding them to determine the network ID and the number of reaming/available bits.( with anding 1+1 =1, 1+0=0 and 0+0 =0)
For example 10.172.0.1 with a subnet mask of 255.255.255.240 would be:
IP=                  00001010.10101100.00000000.00000001
Subnet mask=  11111111.11111111.11111111.11110000  =(28 bits for the Network ID
Network ID=     00001010.10101100.00000000.00000000  =10.172.0.0

Therefore the remaining 8 bits (32-24), the last 4 binary positions, are available for IP addresses 0-15 (1111=15), However, the first one, ' 0 ' is always the Network ID  10.172.0.0 which is not used, and the last is the broadcast address, 10.172.0.15 and is reserved for broadcasts, leaving you with 10.172.0.1 to 10.172.0.14  Just a note; before I am corrected, with much of the newer hardware you can actually use the network ID 10.172.0.0 as an IP, but I it is not recommended, incase there are compatibility issues with other equipment

That was just meant as an outline. I am not a good teacher and it is a huge subject, so doubtful from that you will get much of an understanding. Most of the time you are using basic subnet masks such as 255.255.255.0 so you simply know all of the last octet is available, 1-254 (ignoring the reserved 0 and 255). If interested following site is pretty good:
http://www.learntosubnet.com/

Then there is the truth <G> most of us cheat now a days and just use subnet calculators:
http://www.subnetmask.info/
http://jodies.de/ipcalc?host=192.168.0.1&mask1=24&mask2=

Also, if you want to do any binary <=> decimal conversions the Windows calculator, in scientific mode will do it for you.
0
 
FriarTukCommented:
thx that will give me some reading
0
 
The--CaptainCommented:
>Then there is the truth <G> most of us cheat now a days and just use subnet calculators

<Gasp!>  

Completely unnecessary if you know a few mental shortcuts - of course, they can be helpful when learning how to do it in youe head, but mental calculation of subnets is a very handy skill (what happens when you show up onsite with no laptop and no internet access, and a subnet calculation is necessary to actually get them onto the internet, which is normally where you'd use your subnet calculator?)

Cheers,
-Jon
0
 
Rob WilliamsCommented:
>>"what happens when you show up onsite with no laptop and no internet access, and a subnet calculation is necessary to actually get them onto the internet, which is normally where you'd use your subnet calculator?)"

No laptop, no Internet access, and classless subnet. That would be as bad as no cell phone or cable TV. <G>
I can do it long hand without a problem. I understand there are some mental shortcuts, but other than a few memorized binary numbers I have never learned any of the shortcuts. I use it so seldom it would be like the "speed math" I learned 20 years ago, I forget it all now. Do you have any good pointers/links, would defiantly be handy at some point to know.
0
 
Rob WilliamsCommented:
Thanks gsgi,
--Rob
0
 
gsgiAuthor Commented:
Thank you too! -gsgi
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 6
  • 5
  • 3
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now