Home router DNS server controlled by a wireless repeater: how is that possible?

My home network has a router/NAT (WNR3500L) and a wireless repeater (WN2500RP) of the same brand (Netgear). Since the repeater has a dynamic IP, the manufacturer put in place a special web address that directly resolves to the current repeater IP. The mechanism is stated to work with the majority of routers.

Using "dig", I see that the DNS request to the special address is directly resolved by the router DNS server (Bind running on an embedded Linux); no matter from which point of the network I send the DNS request, I always get the same internal address.

Then, sniffing the wireless traffic at the repeater bootup, I only notice this traffic toward the router:

SSDP Notify HTTP messages
DHCP Handshake
STP messages

So how does this work?

ziu

Posted 2012-07-22T20:22:58.090

Reputation: 250

1Hi @ziu, welcome to [security.se]. This is really a networking question, not a security question (though I can definitely see the implied implications for misuse :) ). – AviD – 2012-07-23T07:23:10.017

@ziu Is there something about either answer I provided that you feel is inadequate? – Everett – 2012-07-25T04:03:28.863

@Everett No, I'm sorry: I had to deal with some backlog and I hadn't the time to do some happy hacking. – ziu – 2012-07-28T22:12:12.437

Answers

SSDP does a number of things for you. First of all, it tells you that the device exists, with a URL. You should then see an icon appear in various places on Windows that you can click on in order to open up a web browser to access to pages on the device to manage it. That's especially important for the multipurpose devices that support disk drives, music players, printers, and so on.

From Wikipedia: SSDP is a text-based protocol based on HTTPU. It uses the User Datagram Protocol (UDP) as the underlying transport protocol. Services are announced by the hosting system with multicast addressing to a specifically designated IP multicast address at port number 1900. In IPv4, the multicast address is 239.255.255.250[3] and SSDP over IPv6 uses the address set ff0X::c for all scope ranges indicated by X.

Everett

Posted 2012-07-22T20:22:58.090

Reputation: 5 425

I'll dig into the traces to confirm this and accept the annswer. – ziu – 2012-07-28T22:12:45.573

Would you mind posting the manufacturer and specific pieces of equipment?

Regardless, this may answer your question

Everett

Posted 2012-07-22T20:22:58.090

Reputation: 5 425

yep I'll modify the question – ziu – 2012-07-22T23:25:30.043