On 9/7/2023 2:14 PM, Dimiter_Popoff wrote:> On 9/7/2023 23:30, Don Y wrote: >> How do you address the case of your (GUI) client discovering some other >> DHCP service running on the network? > > This is another point added to my approach "sell them a router you have > set up". In fact I had exactly this at some point, a customer for ourThat just brings up a different set of problems. You have to pick a range of IPs for the router's clients. How do you know that your choices won't conflict with other hosts in their organization?> TLD readers decided to stray from the router we had delivered with the > units they had purchased. The people who had to do the measurements > (sometimes 1000+ a day) had no access to the corporate router so someone > there had set some fixed IP addresses for our devices on their > network, not behind the router we supplied. Things worked - until they > did not. > They started to call "your device won't boot at times". > "Does the LED always indicate the unit did get an IP address?" > "Yes it does." > Well does it always boot behind the router we supplied? > "Hmm let us test... Yes it does"There is ALWAYS an advantage to be had from having a known, working configuration that you can coax the user back to trying. But, getting from there to something that fits *his* needs can be problematic (as above).> [Most likely this was yet another sabotage against our devices at > this customer (they have no legit second dhcp server there so someone > must have set one up, the problems started some time after they changed > routers and well, they have a history of sabotage attempts there, there > was physical evidence for that).] > > If a design can afford a cheap router just include one and save yourself > all the headache (that to the OP). Other than that, you are stuck to > my other solution, which works - just technically, I saw no evidence > anyone used it ever. People either can do what it takes with their > router/network or they use the router we supply.I think the best approach for bootstrapping headless devices, *today* would be to embed BLE (severely range constrained) or, preferably, NFC in the device and kludge an interface that can rely on something (app) present in all/most cell phones to bridge the gap to a "familiar" UI. But, this will still only address the one-off sites. Handling hundreds or thousands of devices (as is my bootstrap case) will always be a challenge -- esp if no techies around to deal with it!
Configure network of an embedded device
Started by ●September 5, 2023
Reply by ●September 7, 20232023-09-07
Reply by ●September 7, 20232023-09-07
On 9/7/2023 2:31 PM, Don Y wrote:> I think the best approach for bootstrapping headless devices, > *today* would be to embed BLE (severely range constrained) or, > preferably, NFC in the device and kludge an interface that can > rely on something (app) present in all/most cell phones to bridge > the gap to a "familiar" UI.Think of how early home computers relied on things like the Kansas City standard to provide mass storage in the days before affordable disk drives. Find something ubiquitous and MISappropriate it!
Reply by ●September 7, 20232023-09-07
On 9/8/2023 0:31, Don Y wrote:> On 9/7/2023 2:14 PM, Dimiter_Popoff wrote: >> On 9/7/2023 23:30, Don Y wrote: >>> How do you address the case of your (GUI) client discovering some other >>> DHCP service running on the network? >> >> This is another point added to my approach "sell them a router you have >> set up". In fact I had exactly this at some point, a customer for our > > That just brings up a different set of problems. > You have to pick a range of IPs for the router's clients. > How do you know that your choices won't conflict with other > hosts in their organization?In our case, this is easy. The customer gets a sheet of paper titled "quick start"; some of them write the IP addresses on stickers etc. Mind you, this is a solution to our operation where an MCA is not just a cheap gizmo you won't remember what/where it was after two days.> >> TLD readers decided to stray from the router we had delivered with the >> units they had purchased. The people who had to do the measurements >> (sometimes 1000+ a day) had no access to the corporate router so someone >> there had set some fixed IP addresses for our devices on their >> network, not behind the router we supplied. Things worked - until they >> did not. >> They started to call "your device won't boot at times". >> "Does the LED always indicate the unit did get an IP address?" >> "Yes it does." >> Well does it always boot behind the router we supplied? >> "Hmm let us test... Yes it does" > > There is ALWAYS an advantage to be had from having a known, > working configuration that you can coax the user back to > trying. > > But, getting from there to something that fits *his* needs > can be problematic (as above).In this case it fits their needs perfectly. The router we supplied lives behind their router *and* the net behind our router is meant solely for what we have supplied. They can access the devices from their network, port forwarding does what it takes. Our devices can access the internet - if they want them to - so they can get live online support etc.> >> [Most likely this was yet another sabotage against our devices at >> this customer (they have no legit second dhcp server there so someone >> must have set one up, the problems started some time after they changed >> routers and well, they have a history of sabotage attempts there, there >> was physical evidence for that).] >> >> If a design can afford a cheap router just include one and save yourself >> all the headache (that to the OP). Other than that, you are stuck to >> my other solution, which works - just technically, I saw no evidence >> anyone used it ever. People either can do what it takes with their >> router/network or they use the router we supply.> I think the best approach for bootstrapping headless devices, > *today* would be to embed BLE (severely range constrained) or, > preferably, NFC in the device and kludge an interface that can > rely on something (app) present in all/most cell phones to bridge > the gap to a "familiar" UI.So how do I instruct the user where to find the IP address they have to enter after they start realVNC? Will the IP stay static so they can get just as many clickable options after they have entered the IP address the first time?> > But, this will still only address the one-off sites. Handling > hundreds or thousands of devices (as is my bootstrap case) will > always be a challenge -- esp if no techies around to deal with it! >Your case is completely different, I don't even want to think what you would have at your plate if you had to predefine the entire network of your user. Me, I just set a few fixed IP addresses on the router, some ports get forwarded (they want sometimes to access the spectra via http) and that's it. Including a display they can read the IP address on would have been a good idea which I may apply to our next version, not sure why I did not do it some 15 years ago. ====================================================== Dimiter Popoff, TGI http://www.tgi-sci.com ====================================================== http://www.flickr.com/photos/didi_tgi/
Reply by ●September 7, 20232023-09-07
On 9/7/2023 2:53 PM, Dimiter_Popoff wrote:>>> This is another point added to my approach "sell them a router you have >>> set up". In fact I had exactly this at some point, a customer for our >> >> That just brings up a different set of problems. >> You have to pick a range of IPs for the router's clients. >> How do you know that your choices won't conflict with other >> hosts in their organization? > > In our case, this is easy. The customer gets a sheet of paper titled > "quick start"; some of them write the IP addresses on stickers etc. > Mind you, this is a solution to our operation where an MCA is not > just a cheap gizmo you won't remember what/where it was after two days.Yes, but you're just kicking the can into their court. If the addresses you picked coincide with addresses they are already using, then those hosts are inaccessible "across" the router (regardless of which way you are going). The advantage of an in-place DHCP server is that they, presumably, set up the range of addresses served to be compatible with their network design.>>> TLD readers decided to stray from the router we had delivered with the >>> units they had purchased. The people who had to do the measurements >>> (sometimes 1000+ a day) had no access to the corporate router so someone >>> there had set some fixed IP addresses for our devices on their >>> network, not behind the router we supplied. Things worked - until they >>> did not. >>> They started to call "your device won't boot at times". >>> "Does the LED always indicate the unit did get an IP address?" >>> "Yes it does." >>> Well does it always boot behind the router we supplied? >>> "Hmm let us test... Yes it does" >> >> There is ALWAYS an advantage to be had from having a known, >> working configuration that you can coax the user back to >> trying. >> >> But, getting from there to something that fits *his* needs >> can be problematic (as above). > > In this case it fits their needs perfectly. The router we supplied > lives behind their router *and* the net behind our router is meant > solely for what we have supplied. They can access the devices from > their network, port forwarding does what it takes. Our devices > can access the internet - if they want them to - so they can get > live online support etc.Again, see above.>> I think the best approach for bootstrapping headless devices, >> *today* would be to embed BLE (severely range constrained) or, >> preferably, NFC in the device and kludge an interface that can >> rely on something (app) present in all/most cell phones to bridge >> the gap to a "familiar" UI. > > So how do I instruct the user where to find the IP address they > have to enter after they start realVNC? Will the IP stay static > so they can get just as many clickable options after they have > entered the IP address the first time?You would use it to TELL the device what IP it should use. If they tell it something "bad", then that's their problem.>> But, this will still only address the one-off sites. Handling >> hundreds or thousands of devices (as is my bootstrap case) will >> always be a challenge -- esp if no techies around to deal with it! >> > > Your case is completely different, I don't even want to think > what you would have at your plate if you had to predefine the entire > network of your user. Me, I just set a few fixed IP addresses > on the router, some ports get forwarded (they want sometimes to > access the spectra via http) and that's it.If it was just IP address assignment, it would be easy -- let them all fight for leases and then DDNS so they're all resolvable symbolically. The problem comes from having to install (device-specific) secrets in all of them. If you don't have physical control/oversight of the entire network, you can't know if someone hasn't eavesdropped on the process.> Including a display they can read the IP address on would have > been a good idea which I may apply to our next version, not sure > why I did not do it some 15 years ago.Displays cost money. If you can leverage it for some OTHER purpose ("Measurement in Progress"), then it's easier to justify the expense. If the user must be able to enter information, then the input device(s) becomes another issue. [I have a NAS that has a display and a means whereby the user can enter initial configuration parameters -- e.g., IP/Mask/etc. But, it is incredibly brain-damaged: scroll through menu to find item of interest; SELECT item; scroll to select subitem of interest; SELECT subitem; scroll through available values; SELECT value (advancing to next subitem in the process). So, configuring a network interface requires setting 12 items for an IP address (one for each of 4x3 digits), another 12 for a mask (ditto), and another 12 for DNS (or GW, I can't recall which). The selected (sub)item flashes so that puts a limit on how fast you can select subitems/values. An error requires you to cycle through ALL of the items/subitems until you loop around back to the item you munged.] Engineers are typically penny-wise and pound-foolish in their designs of fallback UIs!
Reply by ●September 7, 20232023-09-07
On 9/8/2023 1:21, Don Y wrote:> On 9/7/2023 2:53 PM, Dimiter_Popoff wrote: >>>> This is another point added to my approach "sell them a router you have >>>> set up". In fact I had exactly this at some point, a customer for our >>> >>> That just brings up a different set of problems. >>> You have to pick a range of IPs for the router's clients. >>> How do you know that your choices won't conflict with other >>> hosts in their organization? >> >> In our case, this is easy. The customer gets a sheet of paper titled >> "quick start"; some of them write the IP addresses on stickers etc. >> Mind you, this is a solution to our operation where an MCA is not >> just a cheap gizmo you won't remember what/where it was after two days. > > Yes, but you're just kicking the can into their court. If > the addresses you picked coincide with addresses they are > already using, then those hosts are inaccessible "across" > the router (regardless of which way you are going).Well they get a router which is meant to be used only with the devices we supply; we set it with fixed IP addresses for each MAC address they get for their convenience, so far nobody has complained. Their laptops/phones whatever they use connect through a number of ways - wifi, Ethernet behind the router we give them, Ethernet in front of this router with port forwarding would be a next option (we don't supply this by default). All devices - our netMCA-s and their terminal units - go through DHCP, it is just that we have set the router to give some fixed addresses to certain MACs. Customers do have access to the router so if they know what they are doing they can change what they need. Can't think of a more flexible configuration nowadays; anything, any additional protocol you insert will only add problems without simplifying anything.> > The advantage of an in-place DHCP server is that they, > presumably, set up the range of addresses served to be > compatible with their network design.So what's wrong with them using their IP addresses as they want them and accessing our units through the router we have supplied via the IP address it has received via DHCP from their network. Many do exactly that, let realVNC remember the IP address/port numbers and just click on the one they want to talk to. We don't sell them a general purpose router so they build a home network, we sell them something to make their life easier with our products, perhaps just initially. That's all. There are *no* IP address conflicts which can possibly arise in this scenario.> >>>> TLD readers decided to stray from the router we had delivered with the >>>> units they had purchased. The people who had to do the measurements >>>> (sometimes 1000+ a day) had no access to the corporate router so >>>> someone >>>> there had set some fixed IP addresses for our devices on their >>>> network, not behind the router we supplied. Things worked - until they >>>> did not. >>>> They started to call "your device won't boot at times". >>>> "Does the LED always indicate the unit did get an IP address?" >>>> "Yes it does." >>>> Well does it always boot behind the router we supplied? >>>> "Hmm let us test... Yes it does" >>> >>> There is ALWAYS an advantage to be had from having a known, >>> working configuration that you can coax the user back to >>> trying. >>> >>> But, getting from there to something that fits *his* needs >>> can be problematic (as above). >> >> In this case it fits their needs perfectly. The router we supplied >> lives behind their router *and* the net behind our router is meant >> solely for what we have supplied. They can access the devices from >> their network, port forwarding does what it takes. Our devices >> can access the internet - if they want them to - so they can get >> live online support etc. > > Again, see above.?>>> I think the best approach for bootstrapping headless devices, >>> *today* would be to embed BLE (severely range constrained) or, >>> preferably, NFC in the device and kludge an interface that can >>> rely on something (app) present in all/most cell phones to bridge >>> the gap to a "familiar" UI. >> >> So how do I instruct the user where to find the IP address they >> have to enter after they start realVNC? Will the IP stay static >> so they can get just as many clickable options after they have >> entered the IP address the first time? > > You would use it to TELL the device what IP it should use. > If they tell it something "bad", then that's their problem.What's wrong with DHCP telling the device which IP address it has to use, the ordinary way? How does bluetooth help here? (other than making things messier, perhaps way messier) Or do you mean our device has to tell their router which IP address to assign us via DHCP (what nonsense... I am sure you don't mean that). ====================================================== Dimiter Popoff, TGI http://www.tgi-sci.com ====================================================== http://www.flickr.com/photos/didi_tgi/
Reply by ●September 7, 20232023-09-07
On 9/7/2023 4:05 PM, Dimiter_Popoff wrote:>> The advantage of an in-place DHCP server is that they, >> presumably, set up the range of addresses served to be >> compatible with their network design. > > So what's wrong with them using their IP addresses as they > want them and accessing our units through the router we have > supplied via the IP address it has received via DHCP from > their network. Many do exactly that, let realVNC remember > the IP address/port numbers and just click on the one > they want to talk to. We don't sell them a general purpose router > so they build a home network, we sell them something to make their > life easier with our products, perhaps just initially. That's all. > There are *no* IP address conflicts which can possibly arise in > this scenario.You can't know which IP addresses they haven't already used for their own hosts. The router solution only works on the subnet that *it* manages. You pick some range of IP addresses. Assume A.B.C.D is one of them. The WAN port of your router conects to THEIR network and gets an IP address from their DHCP server. THEY have a host at A.B.C.D. How do the devices on the router's subnet access THAT host? How do the hosts on their existing network access *your* A.B.C.D? The only way you can ensure that the addresses you assign are unique if if you assign them under a domain that you control (tgi-sci.com).>>>> I think the best approach for bootstrapping headless devices, >>>> *today* would be to embed BLE (severely range constrained) or, >>>> preferably, NFC in the device and kludge an interface that can >>>> rely on something (app) present in all/most cell phones to bridge >>>> the gap to a "familiar" UI. >>> >>> So how do I instruct the user where to find the IP address they >>> have to enter after they start realVNC? Will the IP stay static >>> so they can get just as many clickable options after they have >>> entered the IP address the first time? >> >> You would use it to TELL the device what IP it should use. >> If they tell it something "bad", then that's their problem. > > What's wrong with DHCP telling the device which IP address it has > to use, the ordinary way? How does bluetooth help here? (other > than making things messier, perhaps way messier) > Or do you mean our device has to tell their router which IP > address to assign us via DHCP (what nonsense... I am sure you > don't mean that).No, the problem with existing solutions is that they don't give you an easy way to convey that information to the *user* (unless you have a display capability *in* the device or enough tech-savvy to know how to talk to the DHCP server to figure out where the device resides in the IP space). I'm suggesting using a UI device that is reasonably ubiquitous (a cell phone) as that interface. This is similar to using PDAs decades ago as UIs for headless devices.
Reply by ●September 7, 20232023-09-07
On 9/8/2023 2:55, Don Y wrote:> On 9/7/2023 4:05 PM, Dimiter_Popoff wrote: >>> The advantage of an in-place DHCP server is that they, >>> presumably, set up the range of addresses served to be >>> compatible with their network design. >> >> So what's wrong with them using their IP addresses as they >> want them and accessing our units through the router we have >> supplied via the IP address it has received via DHCP from >> their network. Many do exactly that, let realVNC remember >> the IP address/port numbers and just click on the one >> they want to talk to. We don't sell them a general purpose router >> so they build a home network, we sell them something to make their >> life easier with our products, perhaps just initially. That's all. >> There are *no* IP address conflicts which can possibly arise in >> this scenario. > > You can't know which IP addresses they haven't already > used for their own hosts. The router solution only > works on the subnet that *it* manages.Exactly. Which is the purpose of the entire exercise. They get a router and some units, power everything up, look at the "quick start" paper, connect to the router and type in the IP address(es) to some laptop, often wifi connected to the router - we name its wifi usually "netMCA". You *cannot* simplify that, not in today's world.> > You pick some range of IP addresses. Assume A.B.C.D is > one of them. The WAN port of your router conects to > THEIR network and gets an IP address from their DHCP > server. > > THEY have a host at A.B.C.D. How do the devices on > the router's subnet access THAT host? How do the > hosts on their existing network access *your* A.B.C.D?By accessing the IP address the router we have supplied gets on their network to ports which have been forwarded to the IP sockets behind our router.You are familiar with port forwarding?> > The only way you can ensure that the addresses you > assign are unique if if you assign them under a domain > that you control (tgi-sci.com).Not at all. The IP addresses on the net behind our router are fixed and unique. They can connect to that same subnet right away; if they want to access from their network they will have to set as many port forwarding pairs as there are devices on the network behind our router. In any case tuning their network to accommodate the one we have supplied is a second step. The first step is to install things and ensure they work - for which they don't need to even connect our router to their network. After that they know it is up to them, like once you have tested your new vacuum cleaner to work you don't call support if it needs a cable extender etc.> >>>>> I think the best approach for bootstrapping headless devices, >>>>> *today* would be to embed BLE (severely range constrained) or, >>>>> preferably, NFC in the device and kludge an interface that can >>>>> rely on something (app) present in all/most cell phones to bridge >>>>> the gap to a "familiar" UI. >>>> >>>> So how do I instruct the user where to find the IP address they >>>> have to enter after they start realVNC? Will the IP stay static >>>> so they can get just as many clickable options after they have >>>> entered the IP address the first time? >>> >>> You would use it to TELL the device what IP it should use. >>> If they tell it something "bad", then that's their problem. >> >> What's wrong with DHCP telling the device which IP address it has >> to use, the ordinary way? How does bluetooth help here? (other >> than making things messier, perhaps way messier) >> Or do you mean our device has to tell their router which IP >> address to assign us via DHCP (what nonsense... I am sure you >> don't mean that). > > No, the problem with existing solutions is that they > don't give you an easy way to convey that information > to the *user* (unless you have a display capability > *in* the device or enough tech-savvy to know how > to talk to the DHCP server to figure out where the > device resides in the IP space). > > I'm suggesting using a UI device that is reasonably > ubiquitous (a cell phone) as that interface. This > is similar to using PDAs decades ago as UIs for > headless devices. >This sounds too generic to me, I don't understand how you will make a phone bluetooth simplify the DHCP protocol for a device you connect to a network. Then I don't think there are many phones with bluetooth and no wifi so what is stopping you to look at the router's DHCP list? You won't need another bluetooth device to pair with, software for the two to talk to each other etc., can't see any benefit out of this approach in the cases discussed so far.
Reply by ●September 7, 20232023-09-07
On 9/7/2023 6:26 PM, Dimiter_Popoff wrote:>> The only way you can ensure that the addresses you >> assign are unique if if you assign them under a domain >> that you control (tgi-sci.com). > > Not at all. The IP addresses on the net behind our router > are fixed and unique. They can connect to that same subnet > right away; if they want to access from their network they > will have to set as many port forwarding pairs as there > are devices on the network behind our router. In any caseExactly. Did you not recall my comment that you were "kicking the can into their court"? The *ideal* way to configure something is to have a DHCP server issue an IP address that is compatible with THEIR network addressing and register a symbolic name via DDNS. But, this puts additional constraints on the user.> tuning their network to accommodate the one we have supplied > is a second step. The first step is to install things and > ensure they work - for which they don't need to even connect > our router to their network. After that they know it is up > to them, like once you have tested your new vacuum cleaner > to work you don't call support if it needs a cable extender etc.>> No, the problem with existing solutions is that they >> don't give you an easy way to convey that information >> to the *user* (unless you have a display capability >> *in* the device or enough tech-savvy to know how >> to talk to the DHCP server to figure out where the >> device resides in the IP space). >> >> I'm suggesting using a UI device that is reasonably >> ubiquitous (a cell phone) as that interface. This >> is similar to using PDAs decades ago as UIs for >> headless devices. > > This sounds too generic to me, I don't understand howYou *want* something generic. So, it can be applied to many different products/scenarios.> you will make a phone bluetooth simplify the DHCP protocol > for a device you connect to a network. Then I don't think > there are many phones with bluetooth and no wifi so what > is stopping you to look at the router's DHCP list? YouYou have to access the WiFi router. What's the passphrase? Who *controls* access? If you're a small company/department, you can possibly go your own way -- and avoid the eyes of little hitlers. But, if you have to interface to a corporate infrastructure, you may find just connecting your *device* to the network requires vetting ("How do we know the device isn't malevolent?")> won't need another bluetooth device to pair with, software > for the two to talk to each other etc., can't see any > benefit out of this approach in the cases discussed so far.You can offer the FTP profile from your device over BT. Then, just let the user retrieve a status page from your device and.or *send* a configuration page to it. The phone is just a display + keyboard/pad. No special apps (beyond the BT stack). Because BLE is relatively short-range, you don't worry about seeing every host in the department, etc. Accessing the DHCP server's client list means you have to have a DHCP server *and* have to have permission to access it. These are things outside of the scope of the device. A "portable UI" that can talk directly to the device doesn't require any cooperation from anyone to have a service in place AND a means of accessing that service (likely by an "unprivileged" user). [Many larger organizations have IT departments that strictly control what they allow on their networks (you've heard the phrase BOfH?). I've had to implement clandestine tunnels under common protocols to get through the "policies" (defined and implemented by folks with their own sense of self-importance) that customers have had in place that would prevent me from doing what I would have otherwise done safely. (escalating to upper management doesn't make you any friends among the IT folks and, *if* there is ever a problem with your device, you can be SURE they will gleefully stand in your way of fixing it!)]
Reply by ●September 8, 20232023-09-08
Il 07/09/2023 19:57, Don Y ha scritto:> On 9/5/2023 1:37 AM, pozz wrote: >> Is it a proprietary solution that uses only Ethernet frames (MAC >> addresses) and not IP packets? Is it a well known protocol that I >> don't know? > > RARP gave way to BOOTP which gave way to DHCP for exactly this reason. > > They all run *below* the IP layer so can be implemented (client-side) > relatively easily. Assigning IP, hostname, gateway, nameserver, > timeserver, boot server, boot image, etc. are all done, there.Ok, but you can't set a static IP address through DHCP and you are forced to have an always on DHCP server on the LAN (maybe you don't want to have one for some reason). If I wanted to have only static IP addresses on my LAN, I would be forced to change the IP configuration on each device, through proprietary mechanisms (display, web app, ...). And if you have 50 hosts (IPCams?), it is a waste of time. Anyway I think Dahua (and maybe other IPCams manufacturers) doesn't use DHCP to auto-configure IPCams connected to its NVRs. IPCam usually starts by default with a unique static IP address (192.168.1.108). If you have only one IPCam in the LAN, it's very simple for the user as pointing the browser to: http://192.168.1.108. If you have multiple IPCams, connect them to modern NVRs from the same manufacturer and point the browser to the NVRs IP address. Through the web interface of the NVR, the user can see all the IPCams (even if they have the same IP address) and change their network configuration (DHCP or static IP) one-by-one or all together (assigning a range of IP address sequentially). Even if you don't have NVR, you can use Dahua Config Tool software. It is able to discover and set network configuration of IPCams on the LAN[1]. How are they able to do this? I suspect this isn't standard because someone said this works only if NVR and IPCams are from the same manufacturer. Even Config Tool software can discover IPCams only if they are Dahua. I think this method is very simple for the user.> (You can operate an ethernet without IP at all!) > > The problem is: > - having a suitable server present on the network > (not all will have this -- though most SOHOs will) > - conveying the parameters that were assigned by > the service to the *human* user (without requiring > special knowledge of a special tool which would > require more knowledge of the user's operating > environment *or* having a UI on the device) >[1] https://www.youtube.com/watch?v=NIiI1BIHfms
Reply by ●September 8, 20232023-09-08
Don Y <blockedofcourse@foo.invalid> wrote:> On 9/7/2023 11:40 AM, Theo wrote: > >> How does the device know if send a DHCP request (to receive an IP > >> address from an external DHCP server) or launch a DHCP server? > >> Maybe it can try a DHCP request a revert back to internal DHCP server if > >> that fails. > > > > The device out of the box is a DHCP server. Once somebody logs into it and > > configures it, it reboots to become a DHCP client. To revert back to being > > a DHCP server again somebody has to hold down the factory reset button. > > (or equivalent physical signal, eg smart lightbulbs you have to turn them on > > and off several times in a predefined sequence of flashes) > > How do you address the case of your (GUI) client discovering some other > DHCP service running on the network?You plug your widget into your laptop directly, with a cable, or connect to its own wifi SSID. The network contains exactly two devices, the widget and your laptop (/desktop/phone/whatever). If you normally use that interface (ethernet or wifi) to connect to your LAN, you have explicitly unplugged so there is no connectivity to the LAN and no chance of things getting confused. If you run both interfaces together (eg plug into the widget via ethernet, while having wifi running to the LAN) that will work as long as widget and routable LAN IP addresses don't overlap. This is safer with IPv6 since there's a much wider range of private addresses to choose from, so you pick a private range (from fd00::/8, ie 2^120 addresses) and chances are good it's not used by the LAN.> If you could modify the *client* code, you could use something like > a different vendor magic to ensure only the server in the device > would be recognized. > > You could flip this around; distribute an app that acts as a > special DHCP server. Have the device only issue requests to > services offered by *that* server (even if another was > competing -- see above).Offering a DHCP server likely requires administrator privileges, which the user may not have[*]. It will also mess up the LAN if they ever connect back to it while the DHCP server is running (since now there are two DHCPs on the LAN). [*] setting a static IP on the interface also requires admin privs, so schemes where the device responds at some fixed address like http://192.168.33.99/ where you need to configure your laptop for 192.168.33.0/24 also require admin privs Theo
