Yes, it seemed like a database corruption issue to me as well. I
had one customer get the redirect and I went in and looked and he
was on a completely wrong IP (in a subnet that I happened to be
working on earlier that day and the evening before). He hadn't
even logged into the customer portal. The logs didn't show any
IP change, but clearly his IP was changed in the database, as he
was working fine on the same IP for months and months. That
issue and the incorrect assignments when a customer enters a new
MAC seemed related to me.
On Sun, Mar 8, 2015 at 9:26 PM, CBB - Jay Fuller
<par...@cyberbroadband.net <mailto:par...@cyberbroadband.net>> wrote:
----- Original Message -----
*From:* Jay Fuller - Cyber Broadband Inc
*To:* Powercode
*Cc:* Cyber Broadband Inc.
*Sent:* Monday, February 02, 2015 7:34 PM
*Subject:* Re: Ticket Updated [Ticket Number:5841] - weird ip
changes during customer portal equipment edits
Gentlemen:
It has happened again.
xxxxxxxxxxxxx, customer 1478, requested a public routable IP
address which is
in a different address class from what he was assigned at
installation.
Upon changing the address, he was assigned 104.152.40.91,
which is an
available address in the "Cullman Public" address range.
However, when
looking at the ARP response (because the customer is bridged
to our main
router), I saw another network device already had that IP
address.
So, I searched for that MAC address, which was
78:24:AF:7B:49:38 , using
equipment search, which came back to customer
514, xxxxxxxxxxxxxxxxxxxxx, who had logged into the customer
portal on January 29 to
install a new router. Upon changing his MAC address,
powercode assigned him
104.153.191.25, which is not even in any of our network
address ranges.
It belongs to:
Source: whois.arin.net <http://whois.arin.net>
IP Address: 104.153.191.25
Name: IMDC-KC-LOOPBACKS
Handle: NET-104-153-191-0-1
Registration Date: 2/2/15
Range: 104.153.191.0-104.153.191.31
Org: Iron Mountain Data Center
Org Handle: IMIML
Address: One Federal Street
City: Boston
State/Province: MA
Postal Code: 02111
Country: UNITED STATES
This is very similar to our new public IP range which is
104.152.40.0/22 <http://104.152.40.0/22>
Incidently, it appears this customer was assigned
104.152.40.91 before he
attempted to edit his equipment and was changed to
104.153.191.25. Also of
note, it appears this only affected the GUI/web interface of
powercode, and
the router/bmu continued to assign him 104.152.40.91.
I will now have to reassign xxxxxxxxx a new IP address since
the web/gui
gave his IP address to someone else.
I hope this information helps you to figure out what is
happening.
I am still concerned we have some kind of database issue.
Weird things like
this seem to be happening a lot.
Thanks.
----- Original Message -----
From: Powercode
To: Cyber Broadband
Sent: Thursday, January 22, 2015 2:15 PM
Subject: Ticket Updated [Ticket Number:5841]
---------------- Please reply above this line ----------------
Good afternoon Jay,
We were able to test from this customer's account, and the
same issue that
was originally reported to us persisted. We logged into the
customer portal,
changed the MAC address by one digit, and immediately the
customer was
issued an IP address of 192.170.241.173. After changing the
MAC address back
to his current valid one, we then had to manually clear out
his IP address
in Powercode in order for the BMU to hand out a reservation
for 192.168.3.36
via DHCP.
At this point, we are going to contact our network engineers
for assistance
in troubleshooting why this customer would receive a
192.170.xx.xx
reservation, as this IP does not fit within any ranges
defined in Powercode.
We will update you as soon as we've had a chance to go over
this with them.
--------------------------------------------------
Have you visited our knowledge base? The Powercode knowledge
base contains
data on all aspects of Powercode, including the BMU. You may
also find
useful information on our community forum.
We endeavor to respond to all tickets within two business
days. Our business
hours are Monday - Friday, 9AM to 5PM Central time. Please
contact us via
telephone at (920) 351-1010 <tel:%28920%29%20351-1010> or via
Skype at powercode_support with any
urgent needs.
--
John Mahnke
Powercode - The smart choice in ISP billing and OSS
powercode.com <http://powercode.com>
P: 920-351-1010 <tel:920-351-1010>
E: supp...@powercode.com <mailto:supp...@powercode.com>
----- Original Message -----
*From:* Jeremy <mailto:jeremysmi...@gmail.com>
*To:* af@afmug.com <mailto:af@afmug.com>
*Sent:* Sunday, March 08, 2015 9:25 PM
*Subject:* Re: [AFMUG] Powercode oddity - Commerzbank Ip
space
I also have a ticket in about this issue.
On Sun, Mar 8, 2015 at 2:10 PM, That One Guy
<thatoneguyst...@gmail.com
<mailto:thatoneguyst...@gmail.com>> wrote:
This is known to them? (powercode)
On Sun, Mar 8, 2015 at 3:00 PM, CBB - Jay Fuller
<par...@cyberbroadband.net
<mailto:par...@cyberbroadband.net>> wrote:
yes, they're aware of it. i pointed this out to
them weeks ago. :(
----- Original Message -----
*From:* That One Guy
<mailto:thatoneguyst...@gmail.com>
*To:* af@afmug.com <mailto:af@afmug.com>
*Sent:* Sunday, March 08, 2015 2:06 PM
*Subject:* [AFMUG] Powercode oddity -
Commerzbank Ip space
I am able to replicate a small issue we are
having, trying to make the decision of
whether it looks like a security issue or
just a bug.
Through powercode, there are two ways to
update equipment, through our interface,
where we select all the details and through
the customer portal where all the customers
can do is update their MAC address.
no problems with our end.
However, when a customer updates their MAC
address, it is assigning IP space that
apparently belongs to this Commerzbank IP
space 208.74.54.100 and 208.74.54.99.
This IP space is absolutely not in our
system, and wouldnt route naturally on our
network
Net Range 208.74.52.0 - 208.74.55.255
CIDR 208.74.52.0/22 <http://208.74.52.0/22>
Name DKIB-USA
Handle NET-208-74-52-0-1
Parent NET208 (NET-208-0-0-0-0
<http://whois.arin.net/rest/net/NET-208-0-0-0-0.html>)
Net Type Direct Assignment
Origin AS
Organization Commerzbank AG (COMMER-109
<http://whois.arin.net/rest/org/COMMER-109.html>)
My initial thoughts are this is some bug in
powercode.
Paranoid me is that our system is somehow
compromised and rerouting illegitimate
traffic somehow. Customer is down, so not
through them. but something like TOR
rerouting or some other magician script for
the axis of evil.
Anybody have any ideas on this? I am debating
taking our billing server offline, but would
hate to take such an extreme measure for what
could amount to nothing more than a fat
finger from a programmer.
--
If you only see yourself as part of the team
but you don't see your team as part of
yourself you have already failed as part of
the team.
--
If you only see yourself as part of the team but
you don't see your team as part of yourself you
have already failed as part of the team.
