Announcements

For the latest on our response to Coronavirus (COVID-19), click here.

Contributor

 • 

2 Messages

Sun, Nov 17, 2019 5:02 AM

Here comes a fun question

I've had the Digital Life system for a while now ( few years at least ) and I ran into an oddity recently that perhaps someone can help answer. 

 

The Digital Life " brain " typically receives an IP address on the network via DHCP.  On my network, the Digital Life box is isolated by itself on it's own Vlan.  That box is the ONLY device that resides on that Vlan and that box only.  Let's call it Vlan 100. 

 

A quick glance at my Mac / Arp tables within the layer 3 switch that feeds this device and it's trivial to spot the unit based on the IP address associated with Vlan 100.  We'll call it 192.168.100.10   ( I typically use the third octet to identify what Vlan a device resides on. )

 

So, Vlan 100.  One single device resides upon the Vlan and it's the Digital Life box with an IP address of 192.168.100.10

 

Now, in the Edge Router ( that is playing firewall duties between my network and the Internet ) I have various ACL's built which allow / prohibit specific Vlans or even individual devices from leaving the network.  It is a white listed ACL with an implicit DENY statement at the end meaning I have to specifically write a rule allowing a device access off the local network.  No rule and the packet is flat denied.  

 

Recently I've noted an IP address that is not assigned via DHCP trying to get out on the internet which originates from Vlan 100.  I know this because my entire network is 192.168.X.Y  Absolutely nowhere have I setup a Network Pool to serve out 10.X.Y.Z addresses.  It is quite obvious it is the Digital Life unit as the address it is trying to reach resolves to a Digital Life system. 

 

Specifically, it resolves to this:   ph-cmhs2-s2.dlife.att.com

 

This is where the fun question comes into play. 

 

If the Digital Life box already has a valid DHCP address that is allowed off the local network and is talking to the outside world,  WHY is there a second IP address trying to get out ?   Why does the box even have a second IP address and what is it used for ? 

 

From the logs:   deny ACE IPv4(TCP) 10.36.156.214(28882) -> 144.160.174.28(5222)

 

Responses

Brand User

Community Support

 • 

5.4K Messages

5 months ago

@nehumanuscrede   Hello. Could you tell me if you are using a microcell in your home? Thank you

*I am an AT&T employee, and the postings on this site are my own and don't necessarily represent AT&T's position, strategies or opinions.

Contributor

 • 

2 Messages

5 months ago

No Micro-Cell in my home. 

When I get time, I'll setup a mirror port on the switch and fire up the sniffer to capture info about the device sending the traffic. 

Brand User

Community Support

 • 

5.4K Messages

5 months ago

@nehumanuscrede   Hello. Would you please click on my user name and then click "Send PM" to send me a private message with your name , address and account number? Would like to have one of our technical folks take a look on the back end. Thank  you

*I am an AT&T employee, and the postings on this site are my own and don't necessarily represent AT&T's position, strategies or opinions.
AT&T TV – All Your Entertainment In One Spot.  Learn more…