Topic: 61.9.192.13 - Who are you?

[Luke Drumm]

Hi,

Wanna hear a strange little tale?

Good. Here’s one I prepared earlier:

It was quite sunny morning in this quite Sydney dwelling. The birds were singing, the commuters were commuting and all was proceeding in a comforting ‘weekday morning’ type of way.
The only blight on this otherwise enjoyable landscape is the distinct lack of one internet connection.

Mine, as Murphy’s Law would have it.

Lets listen to my thought process as thump enthusiastically on the keyboard….

“The rest of system is up. Good.
Ifconfig seems to be showing all the usual bits. Cool.
Hmmm… the cable modem lights seem to be indicating a possible foul up in the BPAlogin.
Okay, well lets have a look at the e-smith configuration file.
That’s strange. Instead of the normal Telstra IP address in the BPAauthserver field, there’s this weird 61.9.192.13 address.
Well that seems simple. We’ll change it back to the proper address, re-expand the BPALogin templates and restart the service.
Cool. The net connection is back up and going.
Let’s just reboot the server to be on the safe side.
Strange. After the reboot the net connection is down again.
Lets look in the configuration.
That strange IP address is back again!
Okay. I’ll fix it’s little wagon!
Not only will I repeat the edit I did last time but I’ll also change the config file to read-only and double check the BPA template files to make sure the IP address isn’t hiding somewhere obvious.
Edited. Checked. Re-expanded.
A quick double check of both the e-smith config and /etc/bpalogin.conf confirm that my edits have gone through.
Let’s restart the server… I don’t belive it!
Both the read-only e-smith config file and the /etc/BPAlogin.conf file show this bizarre IP address!”

Where did the 61.9.192.13 address magically appear from? Why does it suddenly reappear upon a server restart? Why do the BPAlogin templates magically re-expand themselves to take account of this change? And how come they don’t log the change to syslog?

These questions are left as an exercise to the reader.

Regards,
Luke

PS: This can replicated on both a newly built 4.00 and a newly built 4.01 machine with BPALogin 1.3...

[Dan Brown]

I have no idea where it'd be coming from, but you can find out for yourself.  Log in to the e-smith system as root, and do "cd /", then "grep -r 61.9.192.13 *".  This will tell you exactly where that IP is coming up.  Yeah, it's a brute-force way of finding it, and it'll probably take your system a little time to find it, but if it's anywhere on your system, it'll show up.

[Luke Drumm]

No luck. I can't find a single file that makes mention of that IP.

Strange...

Luke

[Charlie Brady]

Luke Drumm wrote:

> No luck. I can't find a single file that makes mention of that
> IP.
>
> Strange...

You'll find that it is inserted into the configuration database by the script:

/etc/e-smith/events/actions/conf-BPAauthserver

which extracts it from /etc/dhcpc/dhcpcd-eth1.info, and it is put into that file by dhcpcd, in the line starting "DHCPSID=". Perhaps that isn't the correct authserver address for you - it was for me when I developed that add-on.

Let's take this up in email, and see if we can work out what is really needed.

Charlie

[Luke Drumm]

Hi,

I posted a suggestion in the general forum that, sidesteps rather than actually fixing the issue so, for the moment, it seems to be a dead issue.

According the various web scraps I've discovered around the place, dce-server..bigpond.net.au seems to be a reliable naming convention.

I'll continue my testing to see if my suggested fix is actually as stable as it initially looked.

Regards,
Luke

[Damien Curtain]

bigpond just changed their authorisation server, for nsw, which is where spr3 (try nslookup 69.xxx ) is located

We got knocked off untill I updated the auth server for bpa login and I was then fine again.
--
 Damien