Something odd happened today in my home network. Something that puzzled me for a couple of minutes. As I identified what was wrong, I also realised that the situation and its solution would be a perfect test for a job interview on networking.

If you are up for a game, I'll give a little context and introduce the problem. Would you guess what the solution is?


CONTEXT:

Our house is equipped with a L2 residential gateway: an optical fiber comes in from outside, and the gateway exposes a few Ethernet sockets. By directly plugging in a computer and using a DHCP client, it is possible to obtain a public address. The ISP limits the number of obtainable addresses.

The residential gateway works like a basic bridge, therefore we purchased a router: (a custom APU2E0, on which I'm running OpenWRT). It is equipped with two Ethernet ports and Wi-Fi antennas. The two ports are equivalent from the hardware perspective. One of them (eth0) is connected with the residential gateway, it is associated with a DHCP client, it gets a public IP address, and is configured with NAT+Firewall. The other Ethernet port (eth1) is bridged with the Wi-Fi, and could be used to daisy-chain a further switch or router.
It is currently not in use.

We have got a few devices that are connected to the Internet: my own laptop, my wife's laptop, my mobile phone, her mobile phone, and her tablet.


SITUATION:

Since a good while, I wanted to tidy up the cables. This morning I finally had some time for it, so I disconnected everything, untangled the mess, cleaned up, and re-connected it all.

I checked the connectivity with my phone: the WI-FI signal was working fine,
I managed to sync my mailboxes, proving the routing to be working as expected. After a while my wife tried to stream some content with her tablet, and claimed that there's no connectivity.

I checked it again with my phone: it worked. I asked her to check with her phone: it didn't work. I fired up my laptop, where I run a decent operating system. From my laptop I could associate with the Wi-Fi, get a local IP address, ping the router, but I could not reach out.

But my phone worked! And I checked at least three times that the mobile data was turned off. I was in fact using the router.

Since I was busy with cooking, I didn't have time to ssh on the router to check, and I decided to address the problem later in the afternoon. After a few minutes, however, I figured out what happened and I managed to fix it with a single, simple action.

Can you spot the problem?


Cheers!
- dacav
--- Synchronet 3.19a-Linux NewsLink 1.113

I'm half-awake, and really, I was not supposed to do this today...
.
.
.
(*found myself already wrote half of the answer when I realized this*)

On Sat, 22 May 2021, Dacav Doe wrote:

If you are up for a game, I'll give a little context
and introduce the problem.
Would you guess what the solution is?
[...]
Can you spot the problem?

Cause:
Someone swapped two Ethernet wires that got into APU2E0.
(In case only one Ethernet wire got connected there, it was
connected to a wrong port on APU2E0; connected to eth1 instead
of eth0)

Consequence:

L2 gateway would now be in the localnet side of the APU2E0,
which means WiFi devices in this home were now directly exposed
to it without router's NAT/PAT.

Once first-connected WiFi device (i.e. ~decav's phone) connected
to the localnet, its DHCP request would now be processed by the ISP,
returning public-routable IP address with gateway pointing to ISP.
This is why ~decav's phone was able to get on the Internet.

Later connected devices (~decav's wife's tablet, and ~decav's laptop)
however, would be declined DHCP allocation from the ISP (as the public
IP address quota for this household already ran out); so they just
took the DHCP response from APU2E0 on localnet instead (with gateway
pointing to APU2E0).

Since APU2E0's WAN side did not connect to ISP, anything that got
its gateway pointed to APU2E0 cannot get on the Internet.

Solution:

Swap two Ethernet wires that entered the APU2E0 router.
(In case only one Ethernet wire got connected there,
unplug it from eth1, and plug it to eth0 instead)


Network of ~decav's Home in Normal Condition:


ISP Network A . Network B
| .
| .
_/ .
/ .
| .
| FTTH .
+-----------+ ETH eth0 +----------+ eth1
| L2 |------------------| APU2E0 |-------[ ] (disconnected)
+-----------+ <Public IP> +----------+
<Gateway=ISP> . WLAN
. . ,
. -----
. . . . . . . . . `-_______-'
.
. Phone Tablet Laptop
. <Localnet IP> <Localnet IP> <Localnet IP>
. <Gateway=APU2E0> <Gateway=APU2E0> <Gateway=APU2E0>
.
. -- ---- +-----+
. | | | | | |
. |__| | | | |
. `==` | ...| ._____+
. ----/ .\\\\\\\
. +-----+


Network of ~decav's Home in Switcheroo Condition:


Network A . Network B ISP
. |
. |
. _/
. /
. |
. | FTTH
eth0 +----------+ eth1 ETH +-----------+
(disconnected) [ ]-------| APU2E0 |------------------| L2 |
+----------+ +-----------+
. WLAN
. . ,
. -----
. . . . . . . . . `-_______-'
.
. Phone Tablet Laptop
. <Public IP> <Localnet IP> <Localnet IP>
. <Gateway=ISP> <Gateway=APU2E0> <Gateway=APU2E0>
.
. -- ---- +-----+
. | | | | | |
. |__| | | | |
. `==` | ...| ._____+
. ----/ .\\\\\\\
. +-----+


This is my imagination, and may have or have not been what happened.

Regards,
~xwindows
--- Synchronet 3.19a-Linux NewsLink 1.113

On 2021-05-23, xwindows <xwindows@tilde.club> wrote:

This is my imagination, and may have or have not been what happened.

Actually, that's exactly what happened! Perfectly nailed it! :)
--- Synchronet 3.19a-Linux NewsLink 1.113