Saturday, April 28, 2018

The Io ALOT oT



Kraftwerk: ComputerWorld



Subtitle: Digital World Problems

At home in England, Marcus and Agata are being forced into a Network redesign.   It's sort of a zero world problem, but still however quite interesting

And the title says it all, here in England we are facing the

IoALOToT
The Internet of A LOT of Things


The Bulbs Did It!
As part of our 2018 Home Automation project which aims to add cutting edge security and convenience to our home in England  we are upgrading our lighting Infrastructure.

The home came fitted with numerous LED light bulbs,  we have a strategy to replace them with Smart LED Lightbulbs

Our initial implementation is with multiple TP-Link LB130 light bulbs.   Each light bulb has it's own IP address which is served up by a Mikrotik Router   (dear hackers it's patched and behind 3 further sequential firewalls)

And unbelievably we have just run out of flippin IP addresses in the DHCP domain


All about NAT

Our house in England is now the home to over 100+ individual Internet connected devices. Is there a possibility that the world will run out of addresses for Internet Connected devices?

NB: Simplified explanation to follow!

The world currently relies on 4 Byte Internet addressing.  Each Byte is 8 bits meaning the 4 Byte, 32 bit number can have 2 to the power 32 possibilities == 4000 million = 4 Billion.

This is not enough and so IP6 i.e. 6 Byte IP addressing standards were devised about 20 years ago but are still not widely implemented!

Instead a technique called NAT (network address translation) also known as masquerading has come to everybody's rescue,  meaning that the whole industry has even less reason to move to IP6.


Masquerading is what happens in your home computer's router, or by some device before any device in your house talks out to the Internet.

In our house multiple dedicated firewalls perform the masquerading, but even in the simplest case i.e. you are at home, with just a smartphone and a laptop, connected over wifi to your router and to the Internet,  NAT/ masquerading is occurring.



As IP packets pass into your router, the router rewrites the highlighted sections of the packet, puttings it's IP address into the pack header and sends that off to the Internet



When these packets return, from say a Web server, the router remembers who the packets are for and puts back the addresses of the original source computer and passes them back to the source.    The source computer e.g your smartphone is unaware that any manipulation has taken place.

Outside of your home it appears that all traffic is coming from a single IP address in your home, that of the router,  but in reality the router is making this translation trick for each and every masqueraded device.



Back to Our Issue

In our setup we has allocated a continuous block of 50 addresses.  And over time we had allocated computer with fixed addresses into the total space which is 255 addresses big so that the 50 block is the largest contiguous block around.

Now we need over 100 addresses, what can we do?



Amazing Mikrotik
Mikrotik make amazing and yet affordable Networking products.

A.B.C.150 - A.B.C.199   This was the initial DHCP range

I used an IP scanner .  Its available inside the Mikrotik



So there is a large range from 100 to 199 however addresses 140 and 110 and other fixed are used.



Mikrotik Allows you to create a DHCP server and refer to a pool of addresses that can be linked as shown here, in our case to skip over the .140 and .110 addresses etc.

But wait, there is more!

Mikrotik allows you to create a DHCP server for each LAN interface, and have a custom range as above for each.

It also allows you to take any allocated DHCP address and make it a permanent IP address based on the registered MAC address.


Mikrotik .. they just continue to amaze me.

And for the best tutorials pls check TKSJa, example DHCP






Summary
In our household Marcus is in charge of Infrastructure including Networking and Agata is in charge of programming.

Due to the recent influx of  Internet Connected Devices we actually ran out of IP addresses in the IP range that we had set for our DHCP server.

Being very clever,  our Microtik Router is able to specify a set of disjoint IP address ranges.  So we chained 3 ranges together and now have a range of 96 IP address that our light bulbs and other Internet of Things devices can use dynamically.




Links
Carrier Grade NAT
Cisco NAT
Port Address Translation