Network connection problems
-
I have finally got everything installed and my Duet WiFi is up and running. I love the silent steppers!
However, the network connection seems to be highly unstable. One minute, everything works great and the web interface is quick. The next minute, I completely lose access to the printer and the web interface refuses to connect. If I wait a minute or two, it's back up and runningā¦ for a minute or so. It keeps going down and back up, it seems. The printer is a few meters from the access point and the RSSI seems fine. I check RSSI either by connecting over USB or by asking the access point, and both indicate it's roughly between -45 and -65 dBm.
Any ideas?
-
I'm still finding my connection to be fairly unreliable. AJAX timeouts vary randomly from five minutes to five hours apart.
-
I have plenty of other WiFi devices that work very well, so my network shouldn't be the problem. I might try mounting the Duet further from the metal extrusions and see if that helps.
-
I think the default ESP code isn't super great (DC42 hasn't rewritten it yet). There were some older posts (stuff by mhackney and others) where they used wireshark and other monitoring programs to track down devices that were clogging up the network. Also if you have a dual band network, try to keep as much of your stuff on the 5ghz band that you can, it helps a bit I think too.
-
I mounted the Duet in a different position, but it made no difference. A lot of the time, my printer isn't usable. I might try the Wireshark thing, but if that doesn't work, I'll have to go back to my old 0.8.5, I guess
-
Have a look at your router firmware settings (accessible through a local IP such as 192.168.0.1). I've dealt with a lot of crappy wifi networks in the past, and the solution is always in some obscure settings somewhere. There are so many protocols for interference management, multiple transmission frequencies, quality of service mechanismsā¦ if you start googling what they mean, you can unravel the mystery that is consumer wifi and attempt getting better performance.
Many times I have noticed it has to do with apple computers or devices like iphones. They have very agressive/weird policies that seem to inundate networks with bullshit. I used to live in a place where you could tell when certain people would be nearby, because their iphone interfered with the network so much netflix would hiccup.
This is one of the reasons I despise the choice of having wifi as the only connectivity option... even given a perfect network and if the Duet is perfect, outside interference can bring it to a crashing halt... nevermind that everything the printer is doing is being broadcast for anyone who wishes to intercept it....
-
@bot:
nevermind that everything the printer is doing is being broadcast for anyone who wishes to intercept itā¦.
WPA2 is not very easily hacked/intercepted. Everything I've read says at least a decade for brute forcing a typical 10 char password, on a single PC. Of course dictionary attacks would speed this up, but only weak passwords are vulnerable to that.
If someone got onto a consumer WPA2 network, there's a lot more interesting traffic to sniff than 3D printer control.
It shouldn't be possible for anything to be damaged by any firmware setting on a 3D printer either - if a printer has powerful enough heaters to reach dangerous temperatures, it is a failed FET away from danger - and (extremely rare) FET failure is still a whole lot more likely than some hacker randomly getting into a network and trying to damage your printer.
Having a preference for wired connections is one thing, and I get that. So does T3P3, who are considering a wired version of the Duet Wifi. Wireless vs wired is trading some (small) amount of reliability for convenience, always has been. But unless I'm missing something here, the network security concern is a non-issue.
-
Has anyone attempted to piggyback an ENC28J60 Ethernet interface to the ESP yet? I've read that's supposed to be a workable combo.
I already have a few spare ENC28J60 breakout boards on-hand for an FPGA based Software Defined Radio project I've been tinkering with so I'd be happy to try if the ESP firmware were modded to support it.
And for what it's worth I get AJAX timeouts all the time on my older wired Duet 0.6 running recent firmware. When I was running earlier firmware this never happened, but the SD uploads would stop at 100% and never complete instead. So I guess my point is the above issues may not be related to the actual wireless connection (OSI layer 1/2 stuff) at all, and could be an issue in the ESP's IP stack or the application server it's running. Although this is all pure speculationā¦
-
So does T3P3, who are considering a wired version of the Duet Wifi..
I don't wish to beat a dead horseā¦but will this version have telnet support too?
If so, sign me up! -
@bot:
nevermind that everything the printer is doing is being broadcast for anyone who wishes to intercept itā¦.
WPA2 is not very easily hacked/intercepted. Everything I've read says at least a decade for brute forcing a typical 10 char password, on a single PC. Of course dictionary attacks would speed this up, but only weak passwords are vulnerable to that.
If someone got onto a consumer WPA2 network, there's a lot more interesting traffic to sniff than 3D printer control.
It shouldn't be possible for anything to be damaged by any firmware setting on a 3D printer either - if a printer has powerful enough heaters to reach dangerous temperatures, it is a failed FET away from danger - and (extremely rare) FET failure is still a whole lot more likely than some hacker randomly getting into a network and trying to damage your printer.
Having a preference for wired connections is one thing, and I get that. So does T3P3, who are considering a wired version of the Duet Wifi. Wireless vs wired is trading some (small) amount of reliability for convenience, always has been. But unless I'm missing something here, the network security concern is as non-issue.
I'm fairly certain it's basically trivial to hack a consumer wifi network, wpa2 or not. It's certainly not trivial for everyone (hell, I couldn't do it) but for someone who wished to and knew how to, it would be easy.
My main concern over security is that I wish to deploy printers into a range of environments that could sometimes be sensitive to security concerns. Your answer is not acceptable in these cases. Certainly, disabling the broadcast is a solution, but at the cost of a great deal of functionality that is wanted.
Sure, wired networks can also be accessed by anyone who may wish to, but there is a physical barrier (if set up properly). Short of operating a wifi network in a lead bunker, there is no such physical barrier with wifi.
As far as I'm aware, it's not hard to intercept the encrypted data that is being broadcast and decrypt it at a later date.
-
@bot:
I'm fairly certain it's basically trivial to hack a consumer wifi network, wpa2 or not. It's certainly not trivial for everyone (hell, I couldn't do it) but for someone who wished to and knew how to, it would be easy.
Do you have a source for this? I'd genuinely like to read up on it - everything I've seen and worked with shows WPA2 to be solid. Banks use AES encryption, just like WPA2. If you've come across evidence of the contrary, I'm genuinely interested. I'm not trying to start an argument here.
@bot:
As far as I'm aware, it's not hard to intercept the encrypted data that is being broadcast and decrypt it at a later date.
Yes, a key is needed to decrypt - and as previously mentioned, that's ~a decade on a high end single processor machine. And that's with very fast algorithms, several orders of magnitude faster than aircrack-ng, or faster than WPA2 keys can be generated in general really.
Aircrack-ng running on a typical high end CPU can do about 10k keys/sec. But a 10 char password has 5.3e+19 possible combinations. That would mean 170,793,732 years to guarantee the key is generated. Dictionary attacks are faster, but you aren't using dictionary words in your passwords, right?
So that leaves supercomputers. So what's the endgame here? NSA frees up some time on their supercomputers to attempt to decrypt the data on a consumer level printer?
WPA2-AES is good enough for HIPAA regulations (medical regulations).
WEP is a different story, I've cracked that before personally on my own network as an exercise.
-
Don't forget guys, if you REALLY want ethernet, you can hook up an Octopi on ethernet to talk to the Duet via USB just like any other control board. Costs you an extra $35 and a little setup time. Not as clean, but still functional, and better in some ways like if you want integral camera support or onboard slicing. The Duet Wifi web interface is mostly the same functionality as Octoprint anyway.
I do really want the wifi to be more stable, but it's still a solid control board option even if you entirely removed the wifi and web interface.
-
ā¦ consumer level printer...
No, not on a consumer level printer. I am not personally worried about thisā¦ but I want to use the duet in printers that I will provide to clients who will use them in environments where this is absolutely not acceptable.... how hard is that for you to understand? I've said such before.
Imagine a 3d printer in a military research facility. Why couldn't that be run with a duet? Because of wifi.
-
@bot:
ā¦ consumer level printer...
No, not on a consumer level printer. I am not personally worried about thisā¦ but I want to use the duet in printers that I will provide to clients who will use them in environments where this is absolutely not acceptable.... how hard is that for you to understand? I've said such before.
Imagine a 3d printer in a military research facility. Why couldn't that be run with a duet? Because of wifi.
Because as previously mentioned, cracking WPA2 is actually quite difficult. Hell, government emails are protected with less.
But if it bothers you, I guess you could drill a hole through the ESP8266 and run an Octopi, like Rcarlyle so kindly suggested. If its mil spec, they won't mind the extra $30 for a Rpi2. Actually, they're more likely to mind that the firmware is open source, but that applies to all versions of the Duetā¦
Here's evidence of WPA2 passing DoD requirements. And here.
Could you provide some sources for WPA2 being trivial to hack, please?
-
I think you're much more likely to run into a "no unapproved wifi devices or access points" rule than a "no wifi" rule. Same basic effect though, unless you can get the IT department to audit and approve the Duet Wifi for access to the network.
My office (at a large company you've heard of) does regular audits and scans to remove unauthorized access points, and won't allow anything but IT-managed devices to connect to the official wifi. It's all done via security certificatesā¦ I wouldn't know how to connect a device to the wifi myself if I wanted to. I wouldn't be able to use the Duet Wifi there without one of the non-wifi control options. I'd imagine that's fairly common in the corporate and government world.
-
My office (at a large company you've heard of) does regular audits and scans to remove unauthorized access points, and won't allow anything but IT-managed devices to connect to the official wifi. It's all done via security certificatesā¦ I wouldn't know how to connect a device to the wifi myself if I wanted to. I wouldn't be able to use the Duet Wifi there without one of the non-wifi control options. I'd imagine that's fairly common in the corporate and government world.
In all the places I've worked with rules like this, you can't connect unapproved ethernet devices either.
-
I really want to use WiFi. This isn't the 90s, and I don't need more cables. I have plenty of other WiFi devices like computers, phones, speakers, power switches, media players and printers. They all work very well and I'm getting speeds of at least around 25-30 MB/s and I download from the Internet regularly at around 10-12 MB/s. Every device works fine except for Duet.
-
Any chance you have a non FCC approved power supply, tomasf? Just thinking EM interference might play a role here.
-
Tomasf I think you are going to need to get wireshark or similar out and see if you can see where the issue is, the M122 also gives some diagnostic information. A good starting point is to determine if the network connection is dropping out completely, or the webserver on the ESP 8266
-
Elmoret, I use the power supply I got with the Kossel mini kit from T3P3, which I think is originally from Dell, so it should be fine, I guess.
