2

I have an Ethernet-to-I2C converter box (Promira, from Total Phase; used for interface to microprocessor dev board). It works fine when VPN is off. However, when I turn on VPN, the box either stops working right away, or stops after a brief time, usually 1-2 minutes (always < 5 minutes). I need to get the Promira box working reliably while VPN is on.

My Setup:

  • Promira box: fixed IP, 169.254.11.193, subnet mask 255.255.0.0

  • USB-C_to_Ethernet adapter, Realtek USB GbE Family Controller; using DHCP, address 169.254.225.170, subnet 255.255.0.0. Adapter connects directly to laptop, and is only cabled to Promira box (e.g. no other switches)

  • Dell laptop with USB3.0 docking station.

  • Wired Ethernet to at-home router through docking station. Uses addresses 172.27.35.x, subnet 255.255.255.0

  • VPN set up for split tunneling (Right click VPN adapter, Properties, Networking tab, TCP/IPv4, Properties --> Advanced… --> uncheck box "Use default gateway on remote network")

  • Company items for which VPN is necessary are set up with direct routes as needed ('netsh interface ipv4 add route <IP_addr> "Company_VPN" ')

  • VPN addresses use 10.x.x.x. Company VPN server is in 64.x.x.x address space.

My hope is that since internet, VPN, and the adapter to the Promira box are all on separate IP subnets, the split tunneling prevents conflicts.

Capture with Wireshark

Total Phase provides an example script to detect the box. It has a ping / answer protocol, which can be as simple as 2 IPv4 packets. I've captured the IPv4 traffic using Wireshark, using capture filter: net 169.254.0.0/16.

I can see the difference in port numbers - 0xE2_EC = 58092 (port for detected), and 0xD5_6B = 54635 (port for not detected). This accounts for some of the differences, but not all. I did check - this port number can range widely and the detection can still be made. My guess the port number difference is not important.

The payload bytes at the end seem to be the same.

1. When Detected:

C:>detect.py
Detecting the Promira platforms...
1 device(s) found:
    ip = 169.254.11.193   (in-use)  (2416-633846)
        
1 0.000000   169.254.225.170   169.254.255.255   UDP   46   58092 → wizard(2001) Len=4
0000   ff ff ff ff ff ff c8 f7 50 cd 94 ad 08 00 45 00   ........P.....E.
0010   00 20 7d 6b 00 00 80 11 00 00 a9 fe e1 aa a9 fe   . }k............
0020   ff ff e2 ec 07 d1 00 0c 00 a0 70 69 6e 67         ..........ping
      
2 0.001091   169.254.11.193   169.254.225.170   UDP   60   wizard(2001) → 58092 Len=5
0000   c8 f7 50 cd 94 ad 90 8c 09 02 0f c0 08 00 45 00   ..P...........E.
0010   00 21 00 00 40 00 40 11 f9 63 a9 fe 0b c1 a9 fe   .!..@[email protected]......
0020   e1 aa 07 d1 e2 ec 00 0d 5b ac 90 0a e7 f6 00 00   ........[.......
0030   00 00 00 00 00 00 00 00 00 00 00 00               ............

2. Not detected:

C:>detect.py
Detecting the Promira platforms...
     No devices found.
    
1 0.000000   169.254.225.170   169.254.255.255   UDP   46   54635 → wizard(2001) Len=4
0000   ff ff ff ff ff ff c8 f7 50 cd 94 ad 08 00 45 00   ........P.....E.
0010   00 20 7d 60 00 00 80 11 00 00 a9 fe e1 aa a9 fe   . }`............
0020   ff ff d5 6b 07 d1 00 0c 0e 21 70 69 6e 67         ...k.....!ping
    
2 0.000709   169.254.11.193   169.254.225.170   UDP   60   wizard(2001) → 54635 Len=5
0000   c8 f7 50 cd 94 ad 90 8c 09 02 0f c0 08 00 45 00   ..P...........E.
0010   00 21 00 00 40 00 40 11 f9 63 a9 fe 0b c1 a9 fe   .!..@[email protected]......
0020   e1 aa 07 d1 d5 6b 00 0d 69 2d 90 0a e7 f6 00 00   .....k..i-......
0030   00 00 00 00 00 00 00 00 00 00 00 00               ............

Resetting with DNS changes

This is the part that is the most mystery to me. I found that if I change DNS settings in the USB-C_to_Ethernet adapter, while VPN is on, I can start detecting the Promira box again. However, this only lasts 1-2 minutes (and always < 5 minutes), then the box goes hidden again.

The box will start working temporarily if I make any of the following changes in the USB-C_to_Ethernet adapter by right clicking, selecting IPv4 settings:

  • Change from "Obtain DNS server address automatically" to "Use the following DNS server address" (entering a legal DNS server address in this latter case)
  • Change back, from Use the following DNS server address" to "Obtain DNS server address automatically"
  • Advanced... --> DNS tab; change status of check box "Register this connection's addresses in DNS" (either check or uncheck)
  • Advanced... --> DNS tab; change status of check box "Use this connection's DNS suffix in DNS registration" (either check or uncheck)
  • Advanced... --> DNS tab; change status of check box "Append parent suffixes of the primary DNS suffix" (either check or uncheck)

Also, sometimes, not always, I can get the Promira box to show up again temporarily by executing:

  • ipconfig /flushdns

IP Ping always works

The other thing I found is that I can ping the Promira box address at 169.254.11.193 from CMD always - VPN on, VPN off, responding or not.

C:>ping 169.254.11.193

Pinging 169.254.11.193 with 32 bytes of data:
Reply from 169.254.11.193: bytes=32 time=352ms TTL=64
Reply from 169.254.11.193: bytes=32 time=1ms TTL=64
Reply from 169.254.11.193: bytes=32 time=1ms TTL=64
Reply from 169.254.11.193: bytes=32 time=1ms TTL=64

Ping statistics for 169.254.11.193:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 1ms, Maximum = 352ms, Average = 88ms

No DNS traffic across USB-C_to_Ethernet adapter

I used Wireshark and looked at all traffic across the adapter (capture filter 169.254.0.0/16), then looked for DNS traffic using display filter udp.port == 53. At least with this setup, I did not detect any DNS operations. This includes monitoring traffic while making the above-mentioned DNS changes. The traffic I see seems to be post-DNS-changes-related, but does not directly use DNS via this adapter.

My Assumptions and Questions

Given that I see no DNS traffic on the USB-C_to_Ethernet adapter, it seems that whatever events affected by DNS changes are happening before traffic gets to the adapter.

It also seems evident that there is some setting or value or cache (???) which VPN is refreshing; and as soon as it does, the box stops responding in the desired way.

I think my question comes down to - what is changing in the background due to VPN, which DNS changes 'resets' or somehow clears out; but then seems to be wiped out by VPN once again?

And, if we know what this is, how do I prevent it from getting wiped out by VPN?

Help appreciated.

Improve this question
6
  • If you do a 'route print' in the non-vpn and then the vpn scenario, are the results the same? See this article for how to do that. howtogeek.com/howto/windows/…
    – Rich von Lehe
    Commented Aug 31, 2021 at 14:22
  • The only difference between the two is the "route print" when VPN is on shows routes via VPN addresses (10.x.x.x and 64.x.x.x). It does not change the routes 169.254.x.x.
    – Bryant Sorensen
    Commented Aug 31, 2021 at 14:27
  • Updated observation: sometimes, if I wait something like 10-15 minutes while VPN stays on, I am able to detect the Promira once again.
    – Bryant Sorensen
    Commented Aug 31, 2021 at 16:07
  • Previous comment: once I wait and can detect Promira once again, it behaves as before - is detectable for a few minutes, then hides again.
    – Bryant Sorensen
    Commented Aug 31, 2021 at 16:16
  • Another find: the Wireshark captures are valid. The only differences are (IP.ID, which I think is dynamically assigned and changes for each IP transaction) and checksum bytes - and I've verified that the checksums are correct. This seems to indicate that it is NOT the IP packets which indicate 'found' or 'not found' - seems to be something else I have not yet detected.
    – Bryant Sorensen
    Commented Aug 31, 2021 at 19:08

1 Answer 1

Reset to default
0

This turned out to be an issue with the Promira SW. The Total Phase engineers quickly turned around a fix for this.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .