{"id":14,"date":"2013-07-17T12:36:18","date_gmt":"2013-07-17T20:36:18","guid":{"rendered":"http:\/\/jacksontech.net\/?p=14"},"modified":"2013-07-21T00:45:05","modified_gmt":"2013-07-21T08:45:05","slug":"fun-with-a-hughesnet-ht1000-modem-part-1","status":"publish","type":"post","link":"https:\/\/jacksontech.net\/index.php\/2013\/07\/fun-with-a-hughesnet-ht1000-modem-part-1\/","title":{"rendered":"Fun with a HughesNet HT1000 Modem, Part 1"},"content":{"rendered":"<style type=\"text\/css\"><!--\nP { margin-bottom: 0.08in; }\n--><\/style>\n<p><em><strong>Update: Whoops, I was wrong about the DNS cache. It apparently<\/strong> <\/em><strong>does<\/strong><em><strong> allow you to specify your own nameservers on your router\/computer without forcibly redirecting the query to HughesNet&#8217;s DNS servers. But the modem still caches the response and still offers no way to clear the cache.<\/strong><\/em><\/p>\n<p>Until recently, I had a dial-up connection. An aging Zoom 28.8k serial modem served as the gateway to the outside world for a farm of eight equally antiquated computers. This is too many computers fighting over an amount of bandwidth that is simply too small, no matter how it is divided up.<\/p>\n<p>Early this year, my family switched to a HughesNet satellite connection. Soon we had a shiny HughesNet satellite dish in the yard and a sleek HughesNet modem\u2014the HT1000 Satellite Modem\u2014on my desk, ready to fling my packets into outer space like a digital catapult.<\/p>\n<p>(Side note: in about 4.4 years, the signal will reach Alpha Centauri. What will the aliens there make of all our cat videos? Assuming there are aliens there, of course. But I digress.)<\/p>\n<p>This would be great, or so I thought. Just hook it up to the network, configure the spare NIC on my old Linux box to accept a dynamic IP address, tell IPTables to masquerade all traffic through that interface. Nothing to it.<\/p>\n<p>But the HT1000 is a fiddly beast. It doesn&#8217;t play nice with existing networking equipment for three reasons.<\/p>\n<p><!--more--><\/p>\n<ol>\n<li>It grabs the IP address 192.168.0.1 for its \u201cSystem Control Center\u201d (SCC), which is a near-useless collection of status webpages that offer a tantalizing glimpse of the modem&#8217;s capabilities, as cruel as a giant box of chocolates sequestered behind a thick, armored glass window.<\/li>\n<li>It quietly passes DNS queries through its internal DNS cache, even if they are destined for another server, and then responds to future requests via this cache. The cache can&#8217;t be cleared short of rebooting the modem.<\/li>\n<li>You can&#8217;t change either of these.<\/li>\n<\/ol>\n<p>Here&#8217;s each little roadblock in loving detail:<\/p>\n<h2>Default IP address<\/h2>\n<p><a href=\"http:\/\/wikidevi.com\/w\/index.php?title=Special%3AAsk&amp;q=[[Default+IP+address%3A%3A192.168.0.1]]&amp;po=%3FEmbedded+system+type%3DType%0D%0A%3FOEM+brand%0D%0A%3FOEM+model%0D%0A%3FSupported+802dot11+protocols%3DPHY+modes%0D%0A%3FDefault+IP+address%3DDefault+IP%0D%0A%3FDefault+SSID%0D%0A%3FOUI%0D%0A%3FOUI+%28ethernet%29%3DOUI+%28Eth%29%0D%0A%3FEstimated+year+of+release%3DEst.+year%0D%0A&amp;eq=yes&amp;p[format]=broadtable&amp;sort_num=&amp;order_num=ASC&amp;p[limit]=3500&amp;p[offset]=&amp;p[link]=all&amp;p[sort]=&amp;p[headers]=show&amp;p[mainlabel]=&amp;p[intro]=&amp;p[outro]=&amp;p[searchlabel]=%E2%80%A6+further+results&amp;p[default]=&amp;p[class]=sortable+wikitable+smwtable&amp;eq=yes\" target=\"_blank\">Because 192.168.0.1 isn&#8217;t used as a default address by any home routers, right?<\/a> You cannot change this IP address.<\/p>\n<p>At first, I thought that the modem took up the entire netblock, handing out addresses via DHCP like a router. However, it only grabs 192.168.0.1. The modem actually gives out addresses on the 100.64.0.0\/10 netblock, indicating that HughesNet uses carrier-grade NAT for its home users&#8217; IPv4 infrastructure. So, 192.168.0.1 is just an arbitrary IP address to access the SCC. I wish they had picked a more obscure address, like something in the 172.16.0.0\/12 range, which I haven&#8217;t seen used on a home\/small business network yet.<\/p>\n<h2>Overactive DNS Cache<\/h2>\n<p>The modem caches every DNS response, even if the server queried is not a HughesNet DNS server. It then responds to future queries for that domain (including queries destined for other servers) from the modem cache, but makes it look like the original server is responding. It occasionally likes to cache a bad or negative response. There&#8217;s no way to clear this cache without rebooting the modem.<\/p>\n<h2>You can&#8217;t change either of the above<\/h2>\n<p>That&#8217;s right. In fact, this sleek and attractive space heater offers almost no user configuration, although there are hints in an exposed configuration file that suggest that HughesNet&#8217;s customer support representatives have full access to every single knob and twiddly bit one could imagine through the same SCC. (It seems to be locked to a management IPv6 address.)<\/p>\n<p>For the customer, there are only four real uses for the SCC: To see how much data you&#8217;ve burned through this month from all those cat videos, to see if your connection has gone down because there&#8217;s a hurricane or alien spaceship hovering over the HughesNet ground station, to disable web acceleration (which actually speeds up HTTP connections), and to reboot the modem when something gets wedged.<\/p>\n<p>To accommodate the modem, I ended up tweaking my network. I switched my wired network from the 192.168.0.0\/24 netblock to 192.168.1.0\/24. (My wireless network is on a different netblock entirely and so didn&#8217;t pose any problems.) Aside from a few firewall rules and a couple of static IP addresses, the transition was smooth. But I had to give up BIND, which I had been using as a full recursive caching nameserver. Occasionally, one of the root nameservers would return a broken response for a domain, and the modem would cache it. Then, when BIND tried to query another nameserver, the modem would instantly respond with the broken data.<\/p>\n<p>In general, the HT1000 is a solid satellite modem. I just wish it had been designed to be a little more thoughtful of the user&#8217;s network ecosystem.<\/p>\n<p>If a HughesNet employee happens to read this, here are several suggestions:<\/p>\n<ol>\n<li>Use a different IPv4 address for the SCC. <a href=\"https:\/\/www.ietf.org\/rfc\/rfc1918.txt\">You have all of RFC1918 to choose from.<\/a> Pick something weird and unusual that the customer is not likely to use.<\/li>\n<li>Allow the user to disable DNS caching, or at least clear the cache without rebooting the modem.<\/li>\n<\/ol>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Update: Whoops, I was wrong about the DNS cache. It apparently does allow you to specify your own nameservers on your router\/computer without forcibly redirecting the query to HughesNet&#8217;s DNS servers. But the modem still caches the response and still offers no way to clear the cache. Until recently, I had a dial-up connection. An &#8230; <a class=\"moretag\" href=\"https:\/\/jacksontech.net\/index.php\/2013\/07\/fun-with-a-hughesnet-ht1000-modem-part-1\/\">more<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[7,8,6],"class_list":["post-14","post","type-post","status-publish","format-standard","hentry","category-networking","tag-ht1000","tag-hughesnet","tag-satellite"],"_links":{"self":[{"href":"https:\/\/jacksontech.net\/index.php\/wp-json\/wp\/v2\/posts\/14","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jacksontech.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jacksontech.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jacksontech.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jacksontech.net\/index.php\/wp-json\/wp\/v2\/comments?post=14"}],"version-history":[{"count":19,"href":"https:\/\/jacksontech.net\/index.php\/wp-json\/wp\/v2\/posts\/14\/revisions"}],"predecessor-version":[{"id":114,"href":"https:\/\/jacksontech.net\/index.php\/wp-json\/wp\/v2\/posts\/14\/revisions\/114"}],"wp:attachment":[{"href":"https:\/\/jacksontech.net\/index.php\/wp-json\/wp\/v2\/media?parent=14"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jacksontech.net\/index.php\/wp-json\/wp\/v2\/categories?post=14"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jacksontech.net\/index.php\/wp-json\/wp\/v2\/tags?post=14"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}