rooted toon local network "gone" if no access to internet

If your (rooted) Toon doesn't do what it's supposed to, post here. Dutch allowed / Posten in 't Nederlands toegestaan.

Moderators: marcelr, TheHogNL, Toonz

Post Reply
jurgen.
Starting Member
Starting Member
Posts: 8
Joined: Tue Feb 02, 2021 12:14 am

rooted toon local network "gone" if no access to internet

Post by jurgen. »

Hi,

i hope one of you can help me with a strange issues (for me).
i have a rooted toon for a while now, and for half a year i am using domoticz. when i started the domoticz project the toon was the first one i integrated with (get data via an api) the toon had/has a static ip configured in the dhcp settings of my router. the router blocks access to, and from, the internet for the toon. everything was zen and working correct.
Sometimes i granted access to the web so toon could update.
now the issue:

one of the later updates spoiled my zen state of mind. toon is not accessible in the local network anymore. (can't ssh/ping/etc). but when i allow access to the web, after a few seconds ping responds and i can login via ssh. disabling access to the web reverts the situation to "not zen" , so ping fails and ssh can't connect (and not joy on the api's etc).
wifi is still "up" otherwise it does not go into working state is firewall rule is changed.

has any one have a hint or tip ? router is not the problem i think .. i have same setup for other devices and it was working for months before.
any help (english or dutch) would be very helpful.

cheers,
jurgen.
TheHogNL
Forum Moderator
Forum Moderator
Posts: 2125
Joined: Sun Aug 20, 2017 8:53 pm

Re: rooted toon local network "gone" if no access to internet

Post by TheHogNL »

Toon needs internet access.
Rooted toons does some update checks for firmware, resource files, toonstore and SSL certificates. Ok, you don't need it but better is to keep internet. The rooted fixes from update-script make sure your toon data doesn't get published to eneco.
Further Toon has default google dns set and also pings 8.8.8.8 for internet access check. If that fails, the network is reset. I guess in later firmware this now affects you (maybe the reset is faster/harder).

Why do you want to block the toon?
Member of the Toon Software Collective
jurgen.
Starting Member
Starting Member
Posts: 8
Joined: Tue Feb 02, 2021 12:14 am

Re: rooted toon local network "gone" if no access to internet

Post by jurgen. »

hi , thanks for the reply
the reason is that i do not want any device, that does not need to, to connect to internet. and for me toon does not need to.
the automatic(temporary)opening of a vpn for update check concerns me, but mainly it is policy, i have nothing on toon that needs internet (only time sync, but i want to do this a different way .. maybe locally)
do you know if i can disable the network reset ? or where the dns setting to 8.8.8.8 is configured? if i redirect this to local router dns maybe it helps.
TheHogNL
Forum Moderator
Forum Moderator
Posts: 2125
Joined: Sun Aug 20, 2017 8:53 pm

Re: rooted toon local network "gone" if no access to internet

Post by TheHogNL »

jurgen. wrote:hi , thanks for the reply
the reason is that i do not want any device, that does not need to, to connect to internet. and for me toon does not need to.
the automatic(temporary)opening of a vpn for update check concerns me, but mainly it is policy, i have nothing on toon that needs internet (only time sync, but i want to do this a different way .. maybe locally)
do you know if i can disable the network reset ? or where the dns setting to 8.8.8.8 is configured? if i redirect this to local router dns maybe it helps.
It does not open the VPN for update check. It checks our github repo for updates.
DNS config is in /etc/resolv.conf but I think the ping 8.8.8.8 check is hard coded and doesn't depend on the dns setting.

I now remember we fixed this problem earlier by putting ping.quby.nl in the /etc/hosts file to point to local host. Is that missing in your toon?

Again, not sure if your problem is related to this.
Member of the Toon Software Collective
jurgen.
Starting Member
Starting Member
Posts: 8
Joined: Tue Feb 02, 2021 12:14 am

Re: rooted toon local network "gone" if no access to internet

Post by jurgen. »

hi, thanks for the tips.
ping.quby.nl is in the /etc/hosts file, so that seems to be ok.
i am a bit at a loss at them moment, I'm not that linux literate, i checked the /var/log/messages.. but that is not really helpful. it could be that chrony (time sync) fails and that some process acts on this.
if you, or someone else, has any hints or tips on what i could investigate, i would be thankful.

ps. where is the outgoing vpn needed for / can i disable this ?

thanks
jurgen
TheHogNL
Forum Moderator
Forum Moderator
Posts: 2125
Joined: Sun Aug 20, 2017 8:53 pm

Re: rooted toon local network "gone" if no access to internet

Post by TheHogNL »

jurgen. wrote:hi, thanks for the tips.
ping.quby.nl is in the /etc/hosts file, so that seems to be ok.
i am a bit at a loss at them moment, I'm not that linux literate, i checked the /var/log/messages.. but that is not really helpful. it could be that chrony (time sync) fails and that some process acts on this.
if you, or someone else, has any hints or tips on what i could investigate, i would be thankful.

ps. where is the outgoing vpn needed for / can i disable this ?

thanks
jurgen
The outgoing VPN Is already disabled on rooted toons and only needed if you want to do a firmware update.

In /etc/chrony.conf you can configure your own ntp server.

If you run this:

Code: Select all

 /qmf/sbin/hcb_netcon -vvv 2>&1
You can then follow the process which causes the disconnects and reconnects. Check what happens if you block your toon and after that re-open the toon internet again.
Member of the Toon Software Collective
jurgen.
Starting Member
Starting Member
Posts: 8
Joined: Tue Feb 02, 2021 12:14 am

Re: rooted toon local network "gone" if no access to internet

Post by jurgen. »

thanks for that !

i did this, but i had to log it in background to a file because the connection drops if i do this test.

here my steps (more as a reference for others / people like me)

Code: Select all

/qmf/sbin/hcb_netcon -vvv &> jurgen.netcon.log &
and afterwards i opened the firewall again, logged in,checked background processes with "jobs" and killed the process (number1) with "kill %1"

i checked the log, but sadly it doesn't have a timestamp. but i think this part is where it goes south. (x-ed out the ip/subnet/mac)

Code: Select all

[hcb_netcon](re)initting interfaceSettings 'iface-eth0': up/dhcp
[hcb_netcon](re)initting interfaceSettings 'iface-wlan0': up/dhcp
<c->modifyNetworks:blocked>[hcb_netcon:/tmp/sonar-scanner/jenkins/workspace/qmf_hcb_netcon-Pipeline_master/hcb_netcon/src/net_monitor.c@ST_CONFIGURED_doState():324]Internet ping failed 7 times + stateEntered 107s>=120 -> restart sequence
<c->modifyNetworks:gotit>[hcb_netcon]iface(wlan0) before: link=1 ip=192.x.x.x mask=255.xxx.xxx.x gw=192.x.x.x mac=xx:xx:xx:xx:xx:xx
[hcb_netcon]iface(wlan0) after : link=1 ip=0.0.0.0 mask=0.0.0.0 gw=0.0.0.0 mac=xx:xx:xx:xx:xx:xx
[hcb_netcon]Closing raw ICMP socket. (interface-info-changed)
[hcb_netcon]Closing raw ARP socket. (interface-info-changed)

any idea if this can be manipulated ?
maybe some config xml in /mnt/data/qmf/config ?
TheHogNL
Forum Moderator
Forum Moderator
Posts: 2125
Joined: Sun Aug 20, 2017 8:53 pm

Re: rooted toon local network "gone" if no access to internet

Post by TheHogNL »

Is there in that log also the address which is pinged and which fails?
Normally it is ping.quby.nl but maybe they also ping something else now.
Member of the Toon Software Collective
jurgen.
Starting Member
Starting Member
Posts: 8
Joined: Tue Feb 02, 2021 12:14 am

Re: rooted toon local network "gone" if no access to internet

Post by jurgen. »

TheHogNL wrote:Is there in that log also the address which is pinged and which fails?
Normally it is ping.quby.nl but maybe they also ping something else now.
no, unfortunately there is no ip or host to be seen in the log.
quby is redirected via /etc/hosts to 127.0.0.1 so that is ok
i sniffed the wifi with wireshark and did not see any connection attempts (only when i ping from, or to, the toon myself).

so a bit at a loss here.
is watchdog something i need to focus on ?
i'm beginning to think this is not tcp traffic (or ping) related.
TheHogNL
Forum Moderator
Forum Moderator
Posts: 2125
Joined: Sun Aug 20, 2017 8:53 pm

Re: rooted toon local network "gone" if no access to internet

Post by TheHogNL »

Only watchdog is the one watching over the normal processes and reboots when necessary.

But this log implies that it is some ping error:
<c->modifyNetworks:blocked>[hcb_netcon:/tmp/sonar-scanner/jenkins/workspace/qmf_hcb_netcon-Pipeline_master/hcb_netcon/src/net_monitor.c@ST_CONFIGURED_doState():324]Internet ping failed 7 times + stateEntered 107s>=120 -> restart sequence
<c->modifyNetworks:gotit>[hcb_netcon]iface(wlan0) before: link=1 ip=192.x.x.x mask=255.xxx.xxx.x gw=192.x.x.x mac=xx:xx:xx:xx:xx:xx
[hcb_netcon]iface(wlan0) after : link=1 ip=0.0.0.0 mask=0.0.0.0 gw=0.0.0.0 mac=xx:xx:xx:xx:xx:xx
Member of the Toon Software Collective
jurgen.
Starting Member
Starting Member
Posts: 8
Joined: Tue Feb 02, 2021 12:14 am

Re: rooted toon local network "gone" if no access to internet

Post by jurgen. »

TheHogNL wrote:Only watchdog is the one watching over the normal processes and reboots when necessary.

But this log implies that it is some ping error:
<c->modifyNetworks:blocked>[hcb_netcon:/tmp/sonar-scanner/jenkins/workspace/qmf_hcb_netcon-Pipeline_master/hcb_netcon/src/net_monitor.c@ST_CONFIGURED_doState():324]Internet ping failed 7 times + stateEntered 107s>=120 -> restart sequence
<c->modifyNetworks:gotit>[hcb_netcon]iface(wlan0) before: link=1 ip=192.x.x.x mask=255.xxx.xxx.x gw=192.x.x.x mac=xx:xx:xx:xx:xx:xx
[hcb_netcon]iface(wlan0) after : link=1 ip=0.0.0.0 mask=0.0.0.0 gw=0.0.0.0 mac=xx:xx:xx:xx:xx:xx

I am afraid the logging uses the term ping but it is not actually the ping command, i would have seen that in wireshark.
Thanks for your help though, i have some areas to focus on and i'll dig deeper when i have some time.
If i find something i'll report it here.
jurgen.
Starting Member
Starting Member
Posts: 8
Joined: Tue Feb 02, 2021 12:14 am

Re: rooted toon local network "gone" if no access to internet

Post by jurgen. »

back with small update.
i locked myself out because i did some stupid changes to the /etc/udhcp.d/50default script
had to connect to toon again via a raspberry pi and a serial connection to fix it and be able to connect via network again.

but, it seems dhcp related.
i put some logging in the /etc/udhcpc.d scripts ( 50default 70prepend-google-pub-dns 60failcheck)
it seems like, if toon can't get a dhcp "update" it resets local network/ ip to 0.0.0.0

i will update if i find more.
jurgen.
Starting Member
Starting Member
Posts: 8
Joined: Tue Feb 02, 2021 12:14 am

Re: rooted toon local network "gone" if no access to internet

Post by jurgen. »

fixed:

udhcp does a deconfig if there is an issue. the interface will be put in an up, but deconfigured state, ie: ifconfig $interface 0.0.0.0.
that is wat happend. the toon can't reach the router and after a few minutes the ip is set to 0.0.0.0

i set my wlan0 interface to static ip but left the eth0 on dhcp.

did this in /qmf/config/config_hcb_netcon.xml

by setting

Code: Select all

<configtype>static</configtype>

and adding 

<static_ipaddress>[static ip of toon]</static_ipaddress>
<static_netmask>[netmask ip ]</static_netmask>
<static_gateway>[gateway ip]</static_gateway>
<static_nameserver>[ns ip]</static_nameserver>

rebooted and checked if dhcp still running for eth0 so i don't lock myself out, again.

Code: Select all

/mnt/data/qmf/config# ps | grep dhcp
 1121 root      3088 S    udhcpc -b -R -i eth0 -A 5 -p /var/run/udhcpc.eth0.pid -H eneco-001-258507
 6496 root      3092 S    grep dhcp

so looks good.

thanks for the help/tips, topic can be closed/locked if needed
Post Reply

Return to “Toon issues and support (Nederlands toegestaan)”