Writing

Feed Software, technology, sysadmin war stories, and more.

Friday, July 19, 2013

Before ISDN and before PPP, I used to run SLIP

I've had a variety of technologies to deliver the "last mile" of Internet access to my residences over the years. I've done cable modems, DSL, ISDN and even wireless. Before all of that, however, were years and years of dialup access. Some of that was PPP, sure, but for a very long time, it was plain old SLIP, and it wasn't always so pretty.

The earliest SLIP setup I had involved manually logging in to an ISP's terminal server, and then I'd run "slip" at the prompt to get it to switch modes on their end. Then I'd have to do an escape code to get back to the prompt on my end and do a bunch of things to define the connection: "set remote x.x.x.x" "set local x.x.x.x" "default" and "mode slip", if I remember correctly. This was all done in a little program called "dip" on Linux.

Later, with the help of a friend, we got it to actually dial in by itself, log in, and even parse out the IP addresses in order to set up the connection properly. It would then play a very loud recording of my cat meowing which could be heard from far away. Why would I do such a thing? That's easy: it could take several minutes for it to actually get an open line and get connected successfully. This let me start it up and walk away, and then I could return after the "wharrrllll!" went off.

The stateless nature of ordinary SLIP made some interesting things possible. At one point, I reconfigured my modem to ignore the DTR line. This is what a modem usually uses to know when you want to drop the connection without doing the whole escape-and-ATH thing. By disabling that, I could do all sorts of crazy things with the computer and the modem would still keep the link up.

For instance, I could reboot the computer... and the modem would just sit there, still connected. Since SLIP itself had no sense of health checks or other keepalives, never mind sessions, the other end wouldn't care, either. This let me go from Linux into Windows and back without having to redial. Granted, I had to rig up a second set of configurations for both dip and Trumpet Winsock which would set up a connection without dialing first, but that was a one-time chore.

Being able to flip back and forth was pretty handy in those days, and not losing my precious dialup port was a definite plus. You just can't do a trick like this with anything which would need to maintain state on either side, but SLIP is little more than IP with some framing characters and an escape scheme for those magic characters, so it didn't care. It's like the honey badger of Internet connectivity.

Not everything about SLIP was good. Some of the systems I dialed into weren't particularly good about how they handled it. I think the BSD/OS boxes at the time didn't do anything more than a MTU of 296 bytes. This had some impact on the practical amount of bandwidth I could use, but there was a far bigger problem: broken people with admin powers on their routers and firewalls.

One of the sites I regularly accessed had some people who decided it was a great idea to block all ICMP traffic crossing their Internet connection. They figured this would keep evil IRC warriors from trying to swamp their entire company's circuit. Maybe it would stop some of the replies, but it also had the side-effect of breaking path MTU discovery.

For those who haven't encountered this, here's the premise in a nutshell. Any given interface has some limit on how big the packets can be. If something bigger arrives, it gets rejected. The error is approximately "fragmentation is needed to make this work, but you said not to fragment this packet". This error is returned to the sender, and they are expected to respond by emitting smaller packets until the errors stop.

Trouble is, those errors are conveyed over ICMP, and these guys had filtered it. That meant their machine would never hear the errors coming in from my SLIP host. As a result, any time a packet above the magic cutoff left their end for mine, my connection would probably go dead. Worse still, they seemed to be horribly inconsistent about when this rule would be running or not, so I couldn't be sure when I could get in.

As for why I was still running SLIP, well, that's mostly my fault. My home gateway machine had a really old Linux install that I didn't want to update, and the long-suffering kernel it had only had SLIP support. It would need a recompile to add PPP, and that sort of thing was an all-night affair. It just wasn't worth the trouble.

I wound up working around their ICMP filter shenanigans by first telnetting to another machine which had a reasonable MTU to the world, and then connected to them from there.

Sometimes I get nostalgic about old stuff, but I don't miss dialup connections one bit. The past can keep it.