Re: Linksys PAP2 change from Vonage to Broadvoice

Author	All Replies
soopagroove @nrockv01.md.comcast.	reply to forrestin Re: Linksys PAP2 change from Vonage to Broadvoice Ok, to anyone out there that might know what is going on here, check out the network traffic coming from my PAP2 (I filtered to show anything with ls.tftp.vonage.net): ----------------------------------------------------- 1127417998.258513 IP (tos 0x0, ttl 1, id 19064, offset 0, flags [none], length: 32, optl ength: 4 ( RA )) ls.tftp.vonage.net > 224.0.0.2: igmp leave 224.0.0.251 1127417998.258773 IP (tos 0x0, ttl 1, id 19065, offset 0, flags [none], length: 32, optl ength: 4 ( RA )) ls.tftp.vonage.net > 224.0.0.251: igmp v2 report 224.0.0.251 1127417999.204432 IP (tos 0x0, ttl 1, id 19071, offset 0, flags [none], length: 118) ls. tftp.vonage.net.51524 > 224.0.0.251.mdns: [udp sum ok] 47580+ PTR? 1127417999.455171 IP (tos 0x0, ttl 1, id 19074, offset 0, flags [none], length: 118) ls. tftp.vonage.net.51524 > 224.0.0.251.mdns: [udp sum ok] 47580+ PTR? 1127417999.705890 IP (tos 0x0, ttl 1, id 19077, offset 0, flags [none], length: 118) ls. tftp.vonage.net.51524 > 224.0.0.251.mdns: [udp sum ok] 47580+ PTR? 1127417999.956606 IP (tos 0x0, ttl 1, id 19080, offset 0, flags [none], length: 118) ls. tftp.vonage.net.51524 > 224.0.0.251.mdns: [udp sum ok] 47580+ PTR? 1127418001.239950 IP (tos 0x0, ttl 1, id 19137, offset 0, flags [none], length: 32, optl ength: 4 ( RA )) ls.tftp.vonage.net > 224.0.0.251: igmp v2 report 224.0.0.251 1127418002.070673 IP (tos 0x0, ttl 1, id 19139, offset 0, flags [none], length: 32, optl ength: 4 ( RA )) ls.tftp.vonage.net > 224.0.0.2: igmp leave 224.0.0.251 1127418002.079106 IP (tos 0x0, ttl 1, id 19141, offset 0, flags [none], length: 32, optl ength: 4 ( RA )) ls.tftp.vonage.net > 224.0.0.251: igmp v2 report 224.0.0.251 1127418004.640577 IP (tos 0x0, ttl 1, id 19172, offset 0, flags [none], length: 32, optl ength: 4 ( RA )) ls.tftp.vonage.net > 224.0.0.251: igmp v2 report 224.0.0.251 1127418006.322328 IP (tos 0x0, ttl 255, id 17777, offset 0, flags [none], length: 328) ls. tftp.vonage.net.bootps > 192.168.2.8.bootpc: BOOTP/DHCP, Reply, length: 300, xid:0x83c9f84 9, flags: [none] (0x0000) Your IP: 192.168.2.8 Server IP: ls.tftp.vonage.net Client Ethernet Address: aa:bb:cc:dd:ee:ff sname "localpc" [\|bootp] 1127418006.330579 arp who-has 192.168.2.8 tell 192.168.2.8 1127418006.574350 arp who-has 192.168.2.8 tell 192.168.2.8 1127418031.138448 arp who-has ls.tftp.vonage.net tell 192.168.2.8 1127418031.138498 arp reply ls.tftp.vonage.net is-at 00:11:22:33:44:55 1127418031.139200 IP (tos 0x0, ttl 250, id 1, offset 0, flags [none], length: 64) 192.168. 2.8.10533 > 216.115.24.230.domain: [udp sum ok] 1+ A? ls.tftp.vonage.net. (36) 1127418032.131188 IP (tos 0x0, ttl 250, id 2, offset 0, flags [none], length: 64) 192.168. 2.8.10533 > 216.115.24.230.domain: [udp sum ok] 1+ A? ls.tftp.vonage.net. (36) 1127418033.131130 IP (tos 0x0, ttl 250, id 3, offset 0, flags [none], length: 64) 192.168. 2.8.10533 > 216.115.24.230.domain: [udp sum ok] 1+ A? ls.tftp.vonage.net. (36) 1127418034.131140 IP (tos 0x0, ttl 250, id 4, offset 0, flags [none], length: 64) 192.168. 2.8.10533 > 216.115.24.230.domain: [udp sum ok] 1+ A? ls.tftp.vonage.net. (36) 1127418035.131000 IP (tos 0x0, ttl 250, id 5, offset 0, flags [none], length: 64) 192.168. 2.8.10533 > 216.115.24.230.domain: [udp sum ok] 1+ A? ls.tftp.vonage.net. (36) 1127418036.131212 IP (tos 0x0, ttl 250, id 6, offset 0, flags [none], length: 64) 192.168. 2.8.48121 > 216.115.31.140.domain: [udp sum ok] 1+ A? ls.tftp.vonage.net. (36) 1127418037.130914 IP (tos 0x0, ttl 250, id 7, offset 0, flags [none], length: 64) 192.168. 2.8.48121 > 216.115.31.140.domain: [udp sum ok] 1+ A? ls.tftp.vonage.net. (36) 1127418038.130811 IP (tos 0x0, ttl 250, id 8, offset 0, flags [none], length: 64) 192.168. 2.8.48121 > 216.115.31.140.domain: [udp sum ok] 1+ A? ls.tftp.vonage.net. (36) 1127418039.130920 IP (tos 0x0, ttl 250, id 9, offset 0, flags [none], length: 64) 192.168. 2.8.48121 > 216.115.31.140.domain: [udp sum ok] 1+ A? ls.tftp.vonage.net. (36) 1127418040.130750 IP (tos 0x0, ttl 250, id 10, offset 0, flags [none], length: 64) 192.168 .2.8.48121 > 216.115.31.140.domain: [udp sum ok] 1+ A? ls.tftp.vonage.net. (36) 1127418041.130920 IP (tos 0x0, ttl 250, id 11, offset 0, flags [none], length: 64) 192.168 .2.8.19716 > ls.tftp.vonage.net.domain: [udp sum ok] 1+ A? ls.tftp.vonage.net. (36) 1127418042.130693 IP (tos 0x0, ttl 250, id 12, offset 0, flags [none], length: 64) 192.168 .2.8.19716 > ls.tftp.vonage.net.domain: [udp sum ok] 1+ A? ls.tftp.vonage.net. (36) 1127418043.130573 IP (tos 0x0, ttl 250, id 13, offset 0, flags [none], length: 64) 192.168 .2.8.19716 > ls.tftp.vonage.net.domain: [udp sum ok] 1+ A? ls.tftp.vonage.net. (36) 1127418044.130608 IP (tos 0x0, ttl 250, id 14, offset 0, flags [none], length: 64) 192.168 .2.8.19716 > ls.tftp.vonage.net.domain: [udp sum ok] 1+ A? ls.tftp.vonage.net. (36) 1127418045.130454 IP (tos 0x0, ttl 250, id 15, offset 0, flags [none], length: 64) 192.168 .2.8.19716 > ls.tftp.vonage.net.domain: [udp sum ok] 1+ A? ls.tftp.vonage.net. (36) 1127418131.131453 IP (tos 0x0, ttl 64, id 20239, offset 0, flags [none], length: 64) ls.t ftp.vonage.net.domain > 192.168.2.8.19716: [udp sum ok] 1 ServFail q: A? ls.tftp.vonage.n et. 0/0/0 (36) 1127418131.131531 IP (tos 0x0, ttl 64, id 20240, offset 0, flags [none], length: 64) ls.t ftp.vonage.net.domain > 192.168.2.8.19716: [udp sum ok] 1 ServFail q: A? ls.tftp.vonage.n et. 0/0/0 (36) 1127418131.131563 IP (tos 0x0, ttl 64, id 20241, offset 0, flags [none], length: 64) ls.t ftp.vonage.net.domain > 192.168.2.8.19716: [udp sum ok] 1 ServFail q: A? ls.tftp.vonage.n et. 0/0/0 (36) 1127418131.131594 IP (tos 0x0, ttl 64, id 20242, offset 0, flags [none], length: 64) ls.t ftp.vonage.net.domain > 192.168.2.8.19716: [udp sum ok] 1 ServFail q: A? ls.tftp.vonage.n et. 0/0/0 (36) 1127418131.131627 IP (tos 0x0, ttl 64, id 20243, offset 0, flags [none], length: 64) ls.t ftp.vonage.net.domain > 192.168.2.8.19716: [udp sum ok] 1 ServFail q: A? ls.tftp.vonage.n et. 0/0/0 (36) 1127418131.132435 IP (tos 0x0, ttl 250, id 16, offset 0, flags [none], length: 56) 192.168 .2.8 > ls.tftp.vonage.net: icmp 36: 192.168.2.8 udp port 19716 unreachable for IP (tos 0x0 , ttl 64, id 20239, offset 0, flags [none], length: 64) ls.tftp.vonage.net.domain > 192.1 68.2.8.19716: [\|domain] 1127418131.132682 IP (tos 0x0, ttl 250, id 17, offset 0, flags [none], length: 56) 192.168 .2.8 > ls.tftp.vonage.net: icmp 36: 192.168.2.8 udp port 19716 unreachable for IP (tos 0x0 , ttl 64, id 20240, offset 0, flags [none], length: 64) ls.tftp.vonage.net.domain > 192.1 68.2.8.19716: [\|domain] 1127418131.132934 IP (tos 0x0, ttl 250, id 18, offset 0, flags [none], length: 56) 192.168 .2.8 > ls.tftp.vonage.net: icmp 36: 192.168.2.8 udp port 19716 unreachable for IP (tos 0x0 , ttl 64, id 20241, offset 0, flags [none], length: 64) ls.tftp.vonage.net.domain > 192.1 68.2.8.19716: [\|domain] 1127418131.133185 IP (tos 0x0, ttl 250, id 19, offset 0, flags [none], length: 56) 192.168 .2.8 > ls.tftp.vonage.net: icmp 36: 192.168.2.8 udp port 19716 unreachable for IP (tos 0x0 , ttl 64, id 20242, offset 0, flags [none], length: 64) ls.tftp.vonage.net.domain > 192.1 68.2.8.19716: [\|domain] 1127418131.133644 IP (tos 0x0, ttl 250, id 20, offset 0, flags [none], length: 56) 192.168 .2.8 > ls.tftp.vonage.net: icmp 36: 192.168.2.8 udp port 19716 unreachable for IP (tos 0x0 , ttl 64, id 20243, offset 0, flags [none], length: 64) ls.tftp.vonage.net.domain > 192.1 68.2.8.19716: [\|domain] 1127418330.970494 IP (tos 0x18, ttl 255, id 21377, offset 0, flags [none], length: 109) ls .tftp.vonage.net.mdns > 224.0.0.251.mdns: [udp sum ok] 0*- [0q] 2/0/0 _services._dns-sd._ udp.local. PTR _ftp._tcp.local., _ftp._tcp.local. PTR bs._ftp._tcp.local. (81) ----------------------------------------------------- In the above network traffic dump, my PAP2 has MAC address aa:bb:cc:dd:ee:ff and my computer has MAC address 00:11:22:33:44:55 (I changed them, obviously). I set up a TFTP server on my machine and made sure that ls.tftp.vonage.net is pointing to my machine (192.168.2.1) in my hosts file. I enabled Internet Sharing and plugged my PAP2 into my computer. I set things up this way so that I could monitor the network traffic of the PAP2 and computer more easily. What I think I'm seeing is that the PAP2 gets a DHCP address, then checks to see what MAC address ls.tftp.vonage.net has, then pings a couple of static addresses, on non-standard ICMP ports, that must be hard coded into the firmware or configuration. Is this because it does not get a MAC address that matches whatever it is expecting? The IP addresses it pings are 216.115.24.230 and 216.115.31.140, which are both Vonage servers (do a nslookup/dig on them). Then, nothing else happens. Looks like the PAP2 knows that ls.tftp.vonage.net is not the right server and it can't ping a couple of Vonage servers either, so it does not try to update itself. I'm not seeing the PAP2 request the spa{MAC}.xml file at all. So, here is my speculation: If you lookup the real MAC address of ls.tftp.vonage.net, then change your MAC address to be the same, then set your machine up to respond to ping (ICMP) on a large range of ports (say 10000 to 65000) for the above mentioned Vonage IP addresses, you might be able to trick the PAP2 into thinking it is talking to Vonage and upload the configuration. I think in my version of firmware 2.0.10(LSc), plain text XML will be accepted, it's just that the PAP2 knows that my computer is not really ls.tftp.vonage.net, so it won't try to upload it. If anyone has an easy way to spoof their MAC address and configure their machine to use multiple IP addresses (if you are running Linux you can do this), please try this and see if it works. Oh, and if anyone from Vonage or Linksys is reading this, WE WILL FIND A WAY!!! ;)
	to forum · permalink · 2005-09-22 17:15:49 ·

VOIP etc > Voice Over IP - VOIP > VOIP Tech Chat > Linksys PAP2 change from Vonage to Broadvoice