[Dxspider-support] "you are connected to me" Problem

Thu Dec 30 10:24:50 GMT 2004

On Tue, 2004-12-28 at 19:20 -0800, Bob Nielsen wrote:
> On Tue, Dec 28, 2004 at 04:51:20PM -0800, Lee Sawkins wrote:
> > 
> > My user program detects the "you are connected to me on another port"
> > message.  It then generates a random SSID and reconnects.  G3VQO is
> > using this program.  Today G3VQO and G3VQO with 11 different SSIDs were
> > connected to me at the same time.  That's correct, 12 connections.  The
> > original link took 8 hours to disconnect after it quit working.  The
> > others took various amounts of time.  As I have said before, why not
> > simply disconnect the original link when a new one shows up with the
> > same call?  
> 
> One reason I can see is that someone who wanted to cause trouble could 
> disconnect other users that way.  
> 
> With links there is a mechanism using ping to cause a disconnect when
> the obscount is exceeded.  Perhaps a ping could be used for users as
> well as links to other clusters.  This wouldn't be immediate, but would 
> be much faster than 8 hours.  An obscount setting would allow a bit of 
> network flakiness.

This is a problem with the config of some ISPs that force dynamic
addressing onto their users. It exposes a "feature" in the IP protocol
itself. Because it is a datagram protocol, packets are just sent out, no
reply received need be received and this is regarded as normal. 

When someone on a dynamic address gets a new one, because they have been
disconnected after 2 hours or whatever, that address goes back into the
pool. If it is not reassigned (to a new punter), then the IP stack on
the node will not notice that it is gone until the maximum window size
(usually 32K) has filled up. On a slow day this can take ages.

However, on a busy ISP, usually these addresses are recycled fairly
quickly. When the new owner gets a packet on a circuit that he is not
expecting he will send an ICMP message saying, in effect, "I don't know
you" - go away. The IP, stack on the node, picks this up as a
"disconnection", that channel in the node is then cleared down and he
can then reconnect with his callsign.

Now, you may say "why not disconnect the old call if he tries again",
the answer to that is "to prevent nastiness". Basically, one of the
joyous things one could then do is: see your mortal enemy on a node and
disconnect him, simply by logging in on the same node (and then
disconnecting of course). 

Now this was a problem on ax25 nodes and it has happened in the past on
telnet based nodes - hence the restriction.

However, on further thought, if you have passwords then this restriction
could be removed. Another alternative would be a configuration option
that allows say telnet users to bump themselves off and automatically
reconnect.

Please discuss. 

Dirk G1TLH