Checking if the network has changed

Alex Tweedly alex at tweedly.net
Thu Apr 20 16:11:09 EDT 2006 

Dave Cragg wrote:

> Hi
>
> I'm trying to find a reliable (ish) way to know if a computer is  
> connected to the same network as it was the previous time the  
> application was opened. The situation is for an educational program  
> that requires connecting to an internet server. Users may run the  
> program from work and/or from home. Connecting from work requires  
> using a proxy. My concern is with laptop users who use the same  
> computer to connect from both work and home.
>
> I'd like to be able to have the program use a preconfigured proxy  
> setting when used from work, and no proxy (or a user-configured  
> proxy) when used from home.
>
> Right now, I'm thinking of using the following to determine if the  
> network has changed since the last session:
>
>    get hostNameToAddress(the hostname)
>
> The idea would be to store the result between sessions, and compare  
> at each new session. If the values are different, ask the user to  
> confirm the location.
>
> If anyone knows of any problems with this, or knows of a better  
> solution, I'd be grateful.

I see two problems (at first glance - I see another shadow lurking off 
in the far distance, but I need to think more about it).

Problem 1. (A real problem that you will hit, but not a showstopper)

You will get "false positives" from this test, so you will ask the user 
to confirm location unnecessarily.

Assuming the laptops are using DHCP to get their addresses, then even a 
simple network at work will give the possibility of changing address 
when reconnecting, and a home network using a modern broadband router 
with the increasingly typical case of multiple home PCs will do the same 
at home.

So depending on the kind of education establishment, and how their 
networks are set up, this is somewhere between likely and inevitable. 
But the "cost" is only an extra user interaction (and possibly the users 
thinking the system is a bit dumb).

Problem 2. Much less likely, but more serious.

There is always a chance of getting the same address dynamically 
assigned in both locations. If the work networks are typically larger, 
or more complex, then this may be impossible - but if your customer base 
includes small schools, and if they behave like typical small 
businesses, then they may well use 192.168.1.1/24 as well, allowing for 
the possibility of address clashes with addresses assigned at home. This 
would of course lead to believing that location had not changed, when it 
actually had done - so making the wrong choice about whether to use the 
proxy.

Other alternatives.

These may or may not be useful suggestions depending on info you may or 
may not have about the kind of networks involved. In particular, is the 
"preconfigured proxy" preconfigured as an ip address, a host name or 
something else (e.g. a two-step config via web access, etc.)

If the proxy is known to be on the same network as the laptops (i.e. not 
just within the same campus network, but actually on the same subnet), 
then you could check for a direct connection to it (using ARP from the 
shell).

If it will be on the same campus, but not necessarily on the same 
subnet, then you can make an approximation using ping results.

I've uploaded to revonline a sample stack with a script to do either of 
these. Note for the second method you need to know, or make an 
assumption, about the campus network diameter - if you're targetting 
schools you can probably use 3 or 4, but if you include larger 
universities then you may need to go up to 8 or 15, at which point there 
is a small danger of false positives.

revonline : username alextweedly : stack IP Address Checks : category 
programming

Note also the comments about firewalled hosts which do not respond to pings.



(Lurking danger - VPNs can confuse any or all of these schemes, so if 
you have people taking laptops home and making a VPN connection to the 
campus net, it could be infeasible to do any of these schemes, including 
the one you currently use, since you could have a hostname/hostaddress 
from your home net, but have all your packets routed via the VPN and 
hence (perhaps) need to use the proxy. Depends on whether using the 
proxy is a matter of policy or technology)



-- 
Alex Tweedly       http://www.tweedly.net



-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.385 / Virus Database: 268.4.4/318 - Release Date: 18/04/2006

More information about the use-livecode mailing list