,
35 tweets,
6 min read
Read on Twitter
talking to a friend and reminded of a phenomenon i should just run by your neorons
if you have a cable modem, there's a really good chance that it has a "DNS ALG", which is a type of software that has no excuse to exist whatsoever, serves no identifiable purpose, and is absolutely batshit
it works like this:
your PC sends a DNS request
it hits the LAN interface of your plastic router
the plastic router's Linux iptables has a rule that redirects the packet to itself
when it hits the local IP stack, it's directed to a userland process
your PC sends a DNS request
it hits the LAN interface of your plastic router
the plastic router's Linux iptables has a rule that redirects the packet to itself
when it hits the local IP stack, it's directed to a userland process
the userland process... does... something. nobody knows what
and then a new packet is generated, originated from the userland process on the router, which makes your DNS request to the specified server
and then on response it operates in reverser
and then a new packet is generated, originated from the userland process on the router, which makes your DNS request to the specified server
and then on response it operates in reverser
everyone who knows *why* this happens is in China or India, does not speak English, and is under an NDA that prevents them from telling anyone why dozens and dozens of companies are doing this.
my intuition says this behavior originates deep, deep, deep within the "engineering" section of consumer hardware manufacturers, a place where cargo cult design reigns supreme and there's zero response to the real world.
there's no connection between what people do with plastic network devices, what the "state of the art" might be, and what is actually made, because the vast, sweeping, overwhelming majority of consumers only need about 10-20mbps of HTTP requests to Yahoo and Facebook to work
ever since the beginning - the Linksys BEFSR41 - the entire Plastic Router industry has very obviously been driven by some kind of unseen force that continues to force incompetent and underpaid developers to do things they can't do and don't understand
plastic routers from linksys/cisco, belkin, arris, technicolor and a dozen other names are all completely identical inside, they all run precisely the same 20 year old copy of busybox with superficially different graphics. nobody knows where it all comes from.
behavior makes it clear that code is shared between all manufacturers, and if not, they have cyclical brain drain or industrial espionage or some kind of bizarre china-centric business requirement causing every company to need to develop the same identical bullshit misfeature
if you've ever worked in VoIP you know about SIP ALGs. the same behavior, but listening on the original SIP port, 5060. for some reason the modem has a userland process that consumes all SIP messaging and regenerates it. undocumented. no explanation. manufacturer shrugs.
the behavior is so curiously similar between manufacturers that it's very hard to believe that it isn't a single chunk of code that got developed in 1998 and has managed to make its way through backchannels from developer to developer
yet it appears in some models and not others, suggesting the murky outline of great unseen shapes; there are only actually four plastic routers. any given cable modem derives from one of the Primordial Forms
probably, in 2000, Linksys had a development team of 21 people who were laid off in 2002 when it became apparent that they were not going to be able to retain uniqueness in the field "implementation of Dynamic NAT."
probably, in 2002, Belkin thought they were going to be able to stand out, and failed, but did manage to make a unique 4MB Busybox ROM image before they fired all their devs
someone, at some point, designed one of these "ALGs" and it made its way into a file called "2MB_ROM_Broadcom_UR1019_Final_2001_39828372.zip" which has been kicked around sharepoints and docushares and windows server drives and hundreds of other mediums for 20 years
it's extremely obvious that literally every single plastic router that's sold was developed by a team that was hired off the street with zero understanding of the industry and are pushed, terrified and lost, into doing the job from scratch
it's extremely obvious, if you look at any linksys or dlink etc, that the firmware devs are 6-8 degrees from the target markets and the turnover is unbelievable. they probably replace 80% of the dev team before they can get a single one of their forgettable devices out
D-Link DSC-1019. DSC-1020. DSC-1021. DSC-1040. DSC-1051. DSC-0010. DSC-9100. DSC-9150. what is it like at these places. it must be hell. the product managers don't even learn the names of the devs.
every single time they start a new router project they hire 9 people off the street who have never programmed for network equipment before and point them at a pile of firmware ZIPs in a network drive. "you have six weeks"
it's always a different manager. the differnt managers happened to "learn" what little they know from different exiting employees. some of them said "use 2MB_2008_Final.zip" and some said "use 2MB_patched_US_DOCSIS.zip"
one of them has an ALG. one doesn't. the team doing the implementation have never seen a router before. they've never seen a voip phone. they know what DNS is but have no idea what uses it beyond a basic Windows PC.
so sometimes the new team gets the copy of the code that has an ALG, sometimes they get the one without the ALG. there are different ALGs, with different behavior. different ones make it into different firmware revisions as the team is fired and replaced
part of why i could never be a programmer for $115k/yr here is because i can't think too long about what it's like to be a programmer for $10k/yr in India without feeling like jumping off a bridge. this isn't a joke.
anyway, thsi is why i won't use plastic routers. i'll shell out $200 for anything with a metal chassis because it's always just a tiny, tiny, tiny bit less existentially depressing than the grey goo that you find in plastic routers.
if you use any router with a plastic chassis it is compltely impossible to know what it's doing to your traffic. you can guess but you can't assume and you can't know. metal routers aren't safe either, but they're safer than plastic ones.
you can scoff all you like, but i have eight years experience. plastic routers will do *anything* to your traffic. none of it makes sense. 100% of it is nonsensical behavior that nobody would ever want. the manufacturers will deny it; cable providers will deny it.
a cable provider will deploy a modem they haven't tested from a manufacturer that has no idea how it works, and that modem will eat any packet you send it with a DNS SRV request in it, and both companies will deny this is happening because they're terrified.
if you call either company you'll be talking to a person who will be fired if they do anything except claim the thing you're complaining about is not happening. you will almost certainly talk to a person making less in three months than you make in a week, who is dead inside
both of them have learned that if they parrot the company line - which is always "it's not our fault" - they won't get fired, and that's the only safe bet, because their supervisor is paid a dollar an hour more than them and constantly wears a grimace
their supervisor carries no power at all except over the people under their command. if they let those people do anything other than close tickets as soon as the phone is hung up, they'll be summarily fired via email and escorted out by security guards
i've worked with the people at the middlemen, the companies that just sell and "support" these things. all of them are failed humans. if they had souls left, they would either have found another job or been fired for not having it in them to be the kind of apathetic it takes
i've seen this over and over and over. the people with souls leave. network companies are full of humans so hollow they can somehow win a conversation that begins with a person saying "your device is provably shredding my data"
the mid- to low-end computer networking industry seriously feels like a forgotten hellhole from dark souls. i'm absolutely, deathly serious. this isn't a bit. everyone is just pacing around, dead-eyed and completely burned out.
please note that about 60-80% of this is bullshit i typed while i was very drunk, i can't back up any of it, it's just inebriated complaining about a distant, frustrating phenomenon I can never know the truth of
