Ask Slashdot: Best Way To Solve a Unique Networking Issue?

New submitter petro-tech writes: I work as a service technician, maintaining and repairing gas pumps and POS equipment. In my day to day activities, one that consumes a ton of time and is relatively regular is the process of upgrading the software on pumps. This is done by connecting to the pump via direct ethernet from my laptop, then running a manufacturer-provided program that connects to the device and pushes the new software. Some sites have 8+ pumps with 2 devices in each, and at 20-30 minutes apiece this can be quite time consuming. Unfortunately the devices are not actually on a network, and as such cannot be updated remotely, also since they are not on a network, they are all configured with the same IP address. Additionally the software doesn't allow you to specify the adapter to use. I would like to be able to get to a site, connect a cable to each pump, and load them all at the same time. The only way I can figure to accomplish this with the software we've been provided is to do this: Get a 16-port powered USB hub, with a usb-ethernet adaptor in each port; Set up 16 VM's with extremely stripped down XP running on each, with only one USB-ethernet adaptor assigned to each VM; Set XP to boot the application for loading software as its shell; and load each device that way at the same time. Is there a better way to accomplish this? Have a question for Slashdot's readers? Take a look at other recent questions first to see if someone else has had a similar question. And if not, ask away! The more details and context you include, the more likely your question will be selected.

It's not a networking issue.

[xxxJonBoyxxx]

>> Unfortunately the devices are not actually on a network

So...it's not a networking issue?

Re:It's not a networking issue.

[antiperimetaparalogo]

>> Unfortunately the devices are not actually on a network

So...it's not a networking issue?

No, it is a networking issue; nodes are nodes, even if not connected - what the guy does normaly is a network with 2 nodes, now wants more.

Re:It's not a networking issue.

[ArmoredDragon]

I think what he's asking is whether or not he can network them together even though they all have the same IP address. And the answer is yes.

As a network engineer, I can think of a way with a Cisco catalyst switch, OR, a linux box with multiple ethernet ports:

For a Cisco switch, get a layer 3 switch, enable ip routing, put each switch port on a separate vlan, create an SVI for each vlan that is on a /30 subnet using the first address of that subnet. Create an access control list so that all traffic that goes ingress to the second IP address of the vlan subnet has its destination address changed to the static IP address of the equipment and the source address changed to be the IP address of the SVI, and then change all egress traffic from the second subnet IP to change the destination address to match that of your laptop and the source address to match that of the second IP address in the subnet.

For a linux box you'd do the same thing, only using SNAT and DNAT in iptables.

Effectively what you're doing is creating a NAT table that allows you to uniquely address each device, without actually changing the IP addresses themselves to become unique.

If you're not very affluent in networking, the above will sound VERY confusing, but trust me it can be done.

Re:It's not a networking issue.

[aardvarkjoe]

So...it's not a networking issue?

That's what makes this networking issue so unique.

Re:It's not a networking issue.

[g0bshiTe]

I think you like many are missing the main question and would in fact be the only question I'd ask him and it would determine if you should continue or stop right there.

Are you paid by the hour? If yes, what the actual fuck are you thinking?

Re:It's not a networking issue.

Came here to say the same thing.

L3 switch and some config. Should take a competent network engineer less than an hour to configure.

You don't need speed here, a 100Mbit L3 switch can be had under $100

Re:It's not a networking issue.

[ArmoredDragon]

I think you like many are missing the main question and would in fact be the only question I'd ask him and it would determine if you should continue or stop right there.

He offered me a problem, so I offered him a solution. I'm an engineer, I solve problems. He didn't ask for security (which this can be secured by the way, but that involves a bit more discussion, which I don't have enough information to counsel on.)

Are you paid by the hour? If yes, what the actual fuck are you thinking?

Have you ever heard of lean principles? Basically by reducing the number of steps it takes to perform a job, you reduce the chance of human error (thus increasing your product's quality) while also lowering costs. Managers who employ this technique love it when employees make suggestions like this that actually work.

Does his boss appreciate that kind of thing? I don't know, but if I was his boss, and he brought this kind of solution to me, that would gain him some extra brownie points. Instead of having him do that time wasting work, I'd maybe give him better jobs to do that may even pay more, if I had them available.

Re:It's not a networking issue.

[nblender]

Similar, but less complicated...

On a Cisco catalyst,

script this:

conf t
int g0/1
no shut

ping and program

shut
int g0/2
no shut

ping and program ... lather rinse repeat

Re:It's not a networking issue.

[ArmoredDragon]

The answer is 2.

Re:It's not a networking issue.

[un1nsp1red]

Basically by reducing the number of steps it takes to perform a job, you reduce the chance of human error (thus increasing your product's quality) while also lowering costs.

However, the chance of a human error borking 16 pumps at one time increases dramatically.

Re:It's not a networking issue.

[peragrin]

That's not the important question.

These are gas pumps. Should he network them together? Is the question.

Though I do see an advantage of a closed local network for the pumps that doesn't have outside access. ( access only through a specific port.

Re:It's not a networking issue.

You're forgetting VRFs. A Cisco L3 box is not going to allow the same subnet to be configured across multiple interfaces unless they have separate RIBs. So you'd have to stitch the VRFs back to the server subnet and NAT as well.

Re:It's not a networking issue.

[Lumpy]

Or, simply configure the pumps to have different IP addresses. Does his boss pour gasoline on him and set him on fire if he changes their IP addresses?

Re:It's not a networking issue.

[rudy_wayne]

I think what he's asking is whether or not he can network them together even though they all have the same IP address. And the answer is yes.

As a network engineer, I can think of a way with a Cisco catalyst switch, OR, a linux box with multiple ethernet ports:

Yes, there are a few possible solutions, but I'm surprised that nobody has mentioned the biggest barrier to implementing any of them:

Trying to connect to 8+ pumps at the same time is going to require running 8+ ethernet cables from a central location to each pump. You're going to have cables all over the place, and unless it is done while the gas station is closed it means people driving over the cables, stepping on them, tripping on them and yanking them out of the socket, etc........

Re:It's not a networking issue.

As a network engineer, I can think of a way with a Cisco catalyst switch, OR, a linux box with multiple ethernet ports:

That's way too much complication for what he needs.... Assuming each pump has a unique MAC, all you need to do is a bit of work with ARP tables. Collecting MAC's should be easy, cable up and try and ping the standard IP address... They will all reply to the ARP request. Scrape up the MAC's, dump them into his Virtual Machines running the update software to map that MAC to that IP in the VM and make the assignment never expire. Do your update, the software is unlikely to know the difference... For this approach, you only need a switch/hub and network cables.

My other idea was to build a VM box with a separate network segment for each VM, then map these all though a Linux VM that puts them on an 802.1q VLAN. Go buy a *cheap* managed switch (and I do mean cheap) and create one trunk port with each other port on a separate VLAN untagged. No need for an expensive Layer 3 switch... In fact, you could set it up on a cheap consumer router running OpenWRT as long as the switch supports VLANs, in which case the most expensive part of the hardware would be the network cabling..

Re:It's not a networking issue.

[Krishnoid]

If you're not very affluent in networking, the above will sound VERY confusing, but trust me it can be done.

I think you mean 'fluent', as in you understand networking well. Then again, you could mean that this is expensive, in which case, 'affluent' would be correct. Although, the original problem refers to programming pumps, so it could be 'effluent'.

Glad I could clarify that.

Re:It's not a networking issue.

[mjm1231]

That sounds like a lack of a code of ethics to me.

Replace each and with a period to make smaller sentences. Maybe not simpler to do, but easier to read.

Re:It's not a networking issue.

[DurnikBob]

My only concern would be if the communication is bi-directional. E.g. one primary application thinking it's communication to a single instance/pump and pump 3 throws a "cannot perform command, error at line X" etc. Would the application then start throwing recovery commands that would screw up the others? I think I would go with his approach (assuming it's cost effective). If the vendor provided app assumes it's talking to a single instance/pump, do not mess with its error handling unless you know what impact if would have (e.g. 1 pump recovered, 6 never understood why they were receiving correction commands). Sorry if I misunderstood your approach

Re:It's not a networking issue.

[mjm1231]

I used to tell this to my boss all the time when we had to make changes to all 500 PC's on the domain, and walking from PC to PC to do it manually was still standard practice. If I screw up with a script, at least they'll all have the same mistake, instead of 500 different mistakes.

Re:It's not a networking issue.

[ArmoredDragon]

Engineers have a code of ethics

I'm not aware of any code of ethics. Though the company I work for has a general saying that when you do an action, ask yourself if it's something that you'll want to be remembered for, which all employees do, even the management, accountants, etc.

Re:It's not a networking issue.

[spire3661]

You could fashion a wireless setup pretty easily. Plug Ethernet to wireless dongle into pump, done.

Re:It's not a networking issue.

[suutar]

It sounds like he's only networking them long enough to update them. He brings the hardware, plugs in the pump, does his thing, unplugs. He just wants to parallelize; de-networking the pumps is still a step.

Re:It's not a networking issue.

[rot26]

Is "when you do an action, ask yourself if it's something that you'll want to be remembered for" considered an action? ERROR: STACK OVERFLOW

Re:It's not a networking issue.

[Hardhead_7]

I used to work as a field tech, back in the day. The nice thing is, there's no clock and no one is checking up on you. If they gave me an assignment that they expected to take 3 hours, and I did it in 30 minutes... well, I didn't tell them that. I went home early and got paid. Seriously, I regularly worked about 4 hours a day and got paid for 8. Granted, the pay was shit, but there you go.

Re:It's not a networking issue.

[TsuruchiBrian]

Are you paid by the hour? If yes, what the actual fuck are you thinking?

Because who wouldn't want to keep doing a tedious job over and over as long as the income is steady? /s

Even if this person is a lazy fuck (which I suspect he isn't), he still has an incentive to solve this problem. He could automate the software load for all the gas pumps (minimizing the amount of work he needs to do), and sit in his car playing cell phone games for the amount of time it normally takes to do it the tedious way.

It pays to be efficient whether you are a lazy fuck or someone who wants to get a lot of work done. Only dumb people waste their time.

Re:It's not a networking issue.

[TWX]

Basically by reducing the number of steps it takes to perform a job, you reduce the chance of human error (thus increasing your product's quality) while also lowering costs.

However, the chance of a human error borking 16 pumps at one time increases dramatically.

That depends on how much direct control the technician has over the pumps. If the technician doesn't really make any choices and is just conducting rote firmware updates or pushing out prewritten configurations then short of b0rking the process itself he can't do much to break them.

As for the process itself, I advocate a low-tech solution. Go get a bunch of older small Netbooks with ethernet jacks on them, set up a box in the van or service truck as the wifi controller, connect those netbooks to the wifi in the truck, and then connect the netbooks to the pumps. Use the box in the truck to control the netbooks, automate the process or at least add some scripting that makes it easier.

Re:It's not a networking issue.

[TWX]

Be careful, the Cylons can infiltrate computer networks. May be better to keep them separated.

Re:It's not a networking issue.

[TsuruchiBrian]

How is improving a task "one-upping" your manager?

Are you assuming the manager assured his boss that none of his workers have any initiative, and now he looks foolish?

Re:It's not a networking issue.

[TsuruchiBrian]

I've seen plenty of people bork things 16 times in a row manually. I would rather have the potential to fix 16 borked pumps in parallel.

Re:It's not a networking issue.

[gstoddart]

But the reality is from the description of this, the manufacturer has done a crap job of building the "networking" part of this, and if you start trying to be clever and hook it up to an actual network you might really fsck it up.

So, imagine some field tech decided he'd rather find a clever new way to fix things, and then hoses (pun intended) the pumps because he's doing something which the pumps can't actually be made to work with.

Who the hell do you think is going to fix it?

You can call it a networking problem, but I would suggest if the manufacturer has given them all the same IP address ... these things aren't designed to be "networked" in any meaningful sense of the word.

Do you really want to run the risk of fucking up the pumps because you think you have a solution which works?

Because setting up a bunch of VMs so you can hook them up in a clever way and try to do this in parallel sounds like you have a better chance of it going wrong than going right.

It may use some networking technology in a limited way, but it isn't a networked device ... from the sounds of it they use that networking port as little more than a serial connection. And if you start trying to connect them all at once with some fancy setup of your own, you have no frickin' idea how it's going to work or what will happen.

You don't want to explain to the gas station owner why he has no working pumps and why the company who makes them wants no part of what you broke by doing it in an unapproved way.

Re:It's not a networking issue.

[fahrbot-bot]

Engineers have a code of ethics

I'm not aware of any code of ethics. Though the company I work for has a general saying that when you do an action, ask yourself if it's something that you'll want to be remembered for, which all employees do, even the management, accountants, etc.

In other words: Would you do it if your mom was watching / would know?

Re:It's not a networking issue.

[Chris+Mattern]

I'm an engineer, I solve problems.

Not problems like 'what is beauty?' Because that would fall within the purview of your conundrums of philosophy. I solve practical problems.

Re:It's not a networking issue.

[mattventura]

There's one potential problem: Does the software actually allow you to choose an IP, or is it hardcoded to connect to the pump's standard IP?

Re:It's not a networking issue.

[Zak3056]

I'm an engineer, I solve problems.

Not problems like 'what is beauty?' Because that would fall within the purview of your conundrums of philosophy. I solve practical problems.

You beat me to it, dammit.

Re:It's not a networking issue.

[antiperimetaparalogo]

But the reality is from the description of this, the manufacturer has done a crap job of building the "networking" part of this [...] You can call it a networking problem, but I would suggest if the manufacturer has given them all the same IP address ... these things aren't designed to be "networked" in any meaningful sense of the word. [...] It may use some networking technology in a limited way, but it isn't a networked device ... from the sounds of it they use that networking port as little more than a serial connection. [...]

Since i agree with everything you write, i keep only the parts of your comment i want to reply to: yes, it is a frivolous and impractical network... but it is still a networking problem/issue!

Re:It's not a networking issue.

[ArmoredDragon]

He asked for a solution, not a grammatically correct one.

I guess you could say that he got what he paid for.

Re:It's not a networking issue.

[ArmoredDragon]

Some people don't have ethical moms.

Re:It's not a networking issue.

[vux984]

I used to work as a field tech, back in the day.

Yeah, "back in the day". Welcome to the new age of gps in trucks, and in company issued phones with fleet tracking.

Re: It's not a networking issue.

[LostMyBeaver]

You're not even coming close to solving the issue which is how to get the software to work. Your solution would require a router with a layer-3 switch module and each port in a separate VRF, two NAT instances, a pile of strange static routes and then a PC with 16 virtual machines with 16 virtual Ethernet adapters configured for 16 different VLANs.

You haven't even scratched the surface of the issue of the software in question.

Re:It's not a networking issue.

[Gr8Apes]

the manufacturer has done a crap job of building the "networking" part of this,

Actually, the manufacturer has done an EXCELLENT job of building the "networking" part of this. Hacking into this remote is going to be very problematic! Think of the built in security! Maintaining it, however, is a different story.

Re:It's not a networking issue.

[DickBreath]

> Engineers have a code of ethics

The only one that I know of is: If it ain't broke, then fix it 'till it is.

Re:It's not a networking issue.

[pnutjam]

This software is probably scanning the network and your solution will block broadcasts. He would be better off figuring out how to change the IP's, it's probably trivial, and just plug them all into a switch or hub when he is onsite.
Then the software can do it's broadcast to find the nodes it wants to update and update them.

Re:It's not a networking issue.

[ArmoredDragon]

Yeah that would actually work better because the host device might fail to send ARP requests to the switch with what I suggested (though what I suggested would work if the traffic originated from the laptop and wasn't needed after the ARP cache expires.)

But if you wanted to do it with say a switch that doesn't do VRF, and the host devices won't need to send ARP requests, then with my method the switch itself technically has no idea what the host IP address is, rather after it passes through the PBR ACL (policy based routing access control list) the source and destination IP addresses are changed without the need to configure their subnets.

I.e. say the device has an IP address of 1.1.1.1/24, and your SVI is configured as 2.2.2.2/30. You create a policy that says traffic aimed at 2.2.2.3 has its destination IP address changed to 1.1.1.1 and source address changed to 1.1.1.2 as it leaves the interface.

When 1.1.1.1 replies to that traffic to 1.1.1.2, it sends it ingress to the SVI. You then have an ingress policy that says that traffic destined for 1.1.1.2 has its source address changed to 2.2.2.3 and destination address changed to 3.3.3.3 (the IP address of the laptop) as it leaves the interface

ARP should be fine here so long as the first packet originates from the SVI (it will get the SVIs mac address,) however after the arp cache expires, the device might fail to initiate traffic in the other direction, which may be a concern depending on what exactly we're doing with the end devices. However even that can be solved by creating a secondary IP address of 1.1.1.2 on the SVI, like this:

conf t
int vlan 300
ip address 2.2.2.2 255.255.255.252
ip address 1.1.1.2 255.255.255.252 secondary

That *should* allow the end device to properly ARP the switch. And for each other SVI you can do the same, just use a different subnet range, making sure to stay within the /24 of the host device.

That of course, is an ugly hack, and VRF would be better.

Re: It's not a networking issue.

[rickb928]

Professional Engineers do indeed have a code of ethics. Ask the NSPE.

But there are few network engineers that qualify as Professional Engineers. A P.E. is licensed and/or registered, and mostly a graduate of an engineering school.

Cisco certifications are demanding, but I doubt they qualify anyone as a P.E.

Re: It's not a networking issue.

[rickb928]

I worked in field service for 25 years. Never was I not checked up on. Before cell phones it was pagers, and I called in after every call, usually from the desk I was at.

If for no other than to send out the police to find my vehicle lest I die in it, off road in winter.

Re:It's not a networking issue.

I'm not aware of any code of ethics.

http://www.nspe.org/resources/ethics/code-ethics

http://www.ieee.org/about/corporate/governance/p7-8.html

http://courses.cs.vt.edu/professionalism/WorldCodes/ASCE.html

http://en.wikipedia.org/wiki/Engineering_ethics

Now you are.

Re:It's not a networking issue.

[msauve]

Since he's pushing software, and it takes 20-30 minutes each, it's safe to assume that there's a continuous flow happening during much of that time, like tftp'ing new code. He wants to do that in parallel to save time, not to save the 30 seconds it takes to move from one pump to the next.

Re: It's not a networking issue.

[rickb928]

Yup, simple.

Might want to find out if the update software runs on Linux first, though.

Re: It's not a networking issue.

[rickb928]

They already have cable runs for data, control, power. This is not a big issue.

Re: It's not a networking issue.

[rickb928]

WiFi sure makes it easier for me to me around in there...

Cable is more secure, if done even marginally well.

Re:It's not a networking issue.

[msauve]

Using the AC power outlet conveniently located next to the pump? Or that the pumps provide PoE? And, you'll need dongles which retain their configuration and an AP which is configured with a different SSID for each. After that, you still need the switch/NAT stuff which makes it even possible.

Better to simply buy 8 $100 used laptops off eBay, and use one for each pump.

Re:It's not a networking issue.

[MooseTick]

"Are you paid by the hour? If yes, what the actual fuck are you thinking?"

Perhaps he is thinking he can get a week's worth of work done in 2 hours. Assuming he didn't bother telling anyone about his new technique, he can now go play golf or nap the rest of the week while the boss thinks he is "hard at work".

Re:It's not a networking issue.

[Darinbob]

Alternatively, you could say the manufacturer has done a good job of eliminating networks as a source of malware.

Re:It's not a networking issue.

[Cramer]

I have a friend who did this for a while (I still have the laptop with all the oddball software on it.) He's thinking he'd like to get a site done in one night instead of 2+. This is not something that is done like a 9-5 job. It's done more like midnight to 4-5am. And there's no wiggle room for screwing shit up: the station MUST open in the morning.

Re:It's not a networking issue.

[Darinbob]

The maintenance is usually built into the cost. Plans during design may have been for 1 firmware patch/upgrade a year. However in practice this may change over time.

Or they factor in the cost of manpower to walk around to each pump and upgrade them versus the cost of adding in a network and the security subsystem to deal with a network and the cost of back office support services to manage the network and security issues, and then decided that the flunky with a laptop is the better solution. Sure, I agree it's not good to be the flunky in that case, but it's how so much of the world works.

Re: It's not a networking issue.

[EdwardFurlong]

Or it could be guy comes up with great solution. Gets promoted. Does not have to worry as much when the next tech upgrade kills his job. If you can come up with a solution that will eliminate your job, you should be promoted.

Re: It's not a networking issue.

[chill]

While an interesting solution, it only addresses the network part of the problem.

I think he might be limited by the software doing the updating. If he can't run multiple copies then how will the software understand responses from the pumps? Send one command get 8 responses? That probably won't work.

The whole multiple VMs may be his only hope depending on the client software.

Re:It's not a networking issue.

[ArmoredDragon]

Not to mention none of your suggestions will work anyway if the destination IP address must remain the same single IP address assigned to all pumps, which appears to be the case based on the problem description. You can't differentiate between pumps if the update application on the laptop doesn't allow you to change IP addresses.

Good point. Though I'd make it even simpler (once configured) than what you're doing if that's the case. Use two switches, set a vlan for each pump, trunk that through a single cable to another switch located in the office, then create a switch port that goes to each different pump vlan. Just connect it to the respective port for each respective pump as you update.

Or if you really want to speed things up, skip the second switch, get the free version of VMware ESXi 5.5, configure its host interface in trunk mode, and create a separate VM for each pump and put it on the respective vlan. Then make all of the VMs use a common filer location that has the update files, that way you only have to copy the firmware image once, and you can switch from tab to tab in vSphere and just click the "update" button or whatever each time you switch.

Re:It's not a networking issue.

[PhunkySchtuff]

If I understand what you're saying, each destination IP is behind a NAT, and so from the point of view of the laptop, there are, say, 16 IP addresses that are all NATted to the individual pumps, that all happen to have the same IP on the other side of the NAT.

The question for the submitter then, is seeing that every pump has the same IP, is this IP hard-coded into the software, or can you specify the IP that you push the firmware update to?

If the software is hard-coded to assume every pump it connects to has the same IP, then you're in trouble.

Re:It's not a networking issue.

[BoogieChile]

I would be thinking "how can I do this job in half an hour so I can then goof off for the other 7.5 hours that management think this job takes?"

It's all about slack, you know.

Re:It's not a networking issue.

[egarland]

I feel like some wireless routers using openWRT might be useful here. Configure a few to nat the traffic from each port to a specific ip, then have that routed over the wireless. You could drop a wireless router in each island and update them all over wireless.

Re:It's not a networking issue.

[dbIII]

That's half of it - the other half is the propriety program and either getting it aware of the networking setup or avoiding that with a multi-VM situation as described.
Not having even the ability to "look under the hood" with the program means a cobbled together brown string and chewing gum operation in the middle to bind things together and try to convince the software that there is only one pump at the other end of the network. If it was me I'd be in touch with the software vendor and see if there is something they can tell me about how the software works which may eliminate the need to give it adult supervision of a VM.

Re:It's not a networking issue.

[AK+Marc]

IF there's no security, then just mirror port 1 on all the other ports (obviously, presuming you've plugged the 16 pumps on ports 1-16). The software "logs in" to pump 1, and pumps 2-16 think they are logged in by the same computer. That their handshake was discarded doesn't matter, if security was bad enough. Then, when you push the update to 1, 2-16 will think it's for them, and install it without issue.

Re:It's not a networking issue.

[dbIII]

These are gas pumps. Should he network them together? Is the question.

"Should he network them together for the duration of the update procedure" is a more accurate question and is far less to worry about.

Re:It's not a networking issue.

[dbIII]

Either that or the pumps just all have an install image that has a single static IP address and it's completely independent to the software's capabilities.
This guy should be talking to the pump software people instead of us. The networking could turn out to be trivial and he could just be jumping through hoops due to arbitrary defaults.

Re:It's not a networking issue.

[Jack+Griffin]

The submitter seems to have overlooked one important point. If a solution exists that turns his 8 hour job into 20 minutes, he won't have a job much longer. Just go with it and milk that puppy while you can. Your job will be gone in a few years anyway.

Re:It's not a networking issue.

[Jack+Griffin]

Only dumb people waste their time.

Whether you spend 8 hours upgrading pumps or 2 hours with 6 hours playing phone games, it's still 8 hours of wasted time. Even dumb people know that.

Re:It's not a networking issue.

[Jack+Griffin]

Connect switch to pumps, run script, go to pub for 8 hours, come back and pack up.
This is even better than getting it done quickly because you get a whole lot of free time to do what you like.

Re:It's not a networking issue.

[cusco]

There is an answer to this, I've done something similar with security devices. Ideally you would use a hub, if you can still find one, rather than a switch. You'll need the MAC addresses of each pump first, well use 00-12-34-56-78-9A and 00-12-34-56-78-9B. Set a fixed IP address on your laptop, for example 172.16.16.16, and turn off your wireless. Open a command prompt as an Administrator and enter:

arp -s 172.16.16.20 00-12-34-56-78-9A

arp -s 172.16.16.21 00-12-34-56-78-9B

Now your laptop thinks that you have pumps at address 172.16.16.20 and 172.16.16.21. Enjoy your extra time!

Re:It's not a networking issue.

[someoneOtherThanMe]

I do want to be remembered for having my two sons, but if my mom was watching... no way!

Re:It's not a networking issue.

[Gollum]

Indeed, my solution would have involved something like a TP-Link WR703N, running OpenWRT, powered from a USB battery pack. (I'm assuming that each of the pumps is some distance from the next, and you don't want to have Ethernet cables running across the forecourt. The battery pack is optional, I guess you may also have power available at each pump). Configure each mini router with an appropriate IP address on the Ethernet port, and then do Source NAT from the Wifi to that IP address when talking to the pump. Configure the WiFi interface to connect to an AP that you set up centrally, that your laptop will also be connected to. This takes care of the issue of simultaneous connectivity to each pump.

As far as software goes, it sounds like a virtual machine for each is a requirement, so that they can run independently of each other. This *might* end up being the trickiest part, depending on how much configurability you have in the application that actually does the firmware updates.

* If you can specify the IP address of the destination pump in the update software, great, simply bridge or NAT each VM onto the Wifi network set up in step 1. Configure each VM to speak to the IP address of each 703N, and perform the update. Done.
* If each VM needs to have the corresponding IP to the pump's, things get a little trickier, and you may need to have another layer of NAT to get this to work. I suspect that you would run into issues with the number of private networks that your Virtualisation software supports, in this case.

Re:It's not a networking issue.

[Hognoxious]

I know the old joke about the economist who finds a twenty dollar bill. But the things is, if what OP wants was possible, wouldn't someone have implemented it by now? I'm guessing the people who actually develop/maintain the software might know something about it.

We all know that bosses are idiots, but there might well be a good reason for doing it sequentially. If the station operates 24x7, they might not want more than one pump down at a time. Also, the first one acts as a trial run; you never know if the update clashes with a F0084R-D card reader when it works fine with the A and C models.

OP: do the procedures say that you should verify before moving on to the next? If so that could be the reason.

Re:It's not a networking issue.

[v1]

agreed. I'd say gas pumps rank second only to ATMs for their target value by the hackers. I think trying to get them on any physical network may be a bad idea. And I'd be willing to bet the manufacturers made it the way it is very much on purpose. Security is generally a 1:500 option. You add 1% of inconvenience to use and maintain, and it adds 500% of inconvenience to compromise. You see "pain in the butt". Hackers see "practically impossible".

Re:It's not a networking issue.

[tehcyder]

In other words: Would you do it if your mom was watching / would know?

I was going to say "well what about having sex" but then I remembered where I was.

Re:It's not a networking issue.

[TsuruchiBrian]

Any time you spend doing something you enjoy is not wasted. Playing cell phone games is a better use of your time than spending it with your friends and family if you enjoy it more. But if you enjoy your friends and family more, spend those 6 hours talking to them. If the thing you enjoy most is upgrading gas pump software then do that. By making your process more efficient, you can do the thing you love 4 times as much in the time you have.

Re:It's not a networking issue.

[Paul+Carver]

No AC required. USB powered, bridges wifi to RJ45.
http://www.gearbest.com/networ...

Even with the added cost of a USB battery (or the sort available everywhere for recharging phones) it's still well under you $100 laptop as well as smaller and lighter. The OS configuration may be harder for people who are not familar with concepts like iptables and/or network namespaces.

Re:It's not a networking issue.

[ILongForDarkness]

I don't know if I'd blame the manufacturer. They couldn't exactly run ethernet under ground at a gas station very easily. Could have used wifi I suppose but flaky/some people are freaked out using phones around gas stations (might cause a spark, kaboom) so knowing they have a built in "cell phone" would make those nutjobs more paranoid than they are already. How often is this software updated? It might just be that, sorry to say, the posters time is of neglible value vs the cost of deploying and maintaining a network: remember networks have issues too. They probably don't trust a random guy they hire to do the upgrades to have the skills to figure out their software + any networking issues that pop up. Not sure wasn't clear if the poster is a true "IT" guy or an installer monkey. Installer monkeys are cheap you just have to keep the systems they play with very simple. Anyways, not clear what the business decision on the deployment was, might have made sense at the time.

Re:It's not a networking issue.

[ILongForDarkness]

Also how often do you upgrade the software. If it is only once every 6mth-year or whatever is the cost of the setup going to pay for itself? If you run wires where are they going to go? If not how are you getting a wifi card into all these devices (are they configurable enough to do it, etc? What is the current process is this guy working after hours or doing one at a time at a gas station that is still operating? They might not like it so much if you close all the pumps at once for 20min vs only one at a time for 3 hrs.

Re:It's not a networking issue.

[cusco]

MAC addresses are assigned by NIC manufacturers, not the pump manufacturer (and I'll guarantee that a pump manufacturer has no clue how to build a NIC). Every NIC manufacturer has a set range of MAC addresses assigned to them, and each NIC gets its own unique MAC. I can look at a list of MAC addresses connected to a switch and tell you which devices are Lantronix boxes, which are Axis cameras, and which are Mercury access control panels just by looking at the MAC address ranges in use.

Re:It's not a networking issue.

[n7ytd]

I think what he's asking is whether or not he can network them together even though they all have the same IP address. And the answer is yes.

As a network engineer, I can think of a way with a Cisco catalyst switch, OR, a linux box with multiple ethernet ports:

Yes, there are a few possible solutions, but I'm surprised that nobody has mentioned the biggest barrier to implementing any of them:

Trying to connect to 8+ pumps at the same time is going to require running 8+ ethernet cables from a central location to each pump. You're going to have cables all over the place, and unless it is done while the gas station is closed it means people driving over the cables, stepping on them, tripping on them and yanking them out of the socket, etc........

And having 8 pumps off-line at a time will probably lead to less-than-cheery looks from the station owner and his customers.

Re:It's not a networking issue.

[ArmoredDragon]

IF there's no security

There's probably not security per-se, but I strongly suspect that a firmware update would have some kind of error detection that may panic somewhere along the line if say one of the layer 2 FCS didn't match after being transmitted across one of the lines, causing a TCP segment to get dropped. For that one pump it would work, but it would screw over the rest of them.

Re:It's not a networking issue.

[AK+Marc]

If you have a "login" without security, like SMTP, if you were to hook up 12 SMTP servers like this, the simple replay of logging into one and sending an email would work fine. EHLO, and all that, assuming no dropped packets, would send a perfect copy of the one email through all the others.

Re: It's not a networking issue.

[cusco]

"for example 172.16.16.20" Example.

The arp command will work with any valid IP address, not just 172.x. I assume that the IP address is not hard coded into the app.

Re:It's not a networking issue.

[toddestan]

That's going to be the biggest problem. The gas station will accept having one pump at a time out of service. They won't be happy about the whole station being down even if it's for a shorter period of time. I'd probably look at a way of doing 2-4 pumps at a time. That'll still cut the time down, and having only 2-4 pumps down at a time may still be acceptable.

Re: It's not a networking issue.

[cusco]

Because the device isn't identified by its IP address at the physical level, but by the MAC address. Your NIC will first do a MAC broadcast to see if the target is on the same network segment. If you use a hub it will be forwarded to all the other ports and the other NIC will answer, if you're on a switch it **should** forward the packet, but sometimes they'll be flaky and ignore a MAC broadcast.

Re:It's not a networking issue.

[herbierobinson]

This won't work if the pumps have a real IP implementation, because the destination IP address in the packets will be wrong and they will get dropped.

Re:It's not a networking issue.

[herbierobinson]

Mucking with the ARP tables won't work, because the IP addresses will be wrong in the packets (unless the IP implementation in the pumps is sorely lacking).

OTOH, using vLans on a cheap managed switch is better than the 16 USB Ethernet adapters the poster suggested.

Re:It's not a networking issue.

[cusco]

Works, I've done it several dozen times. You're communicating at the physical layer. The exception would be if some absolute moron of a programmer hard coded an IP address for the source in the application.

Re:It's not a networking issue.

[herbierobinson]

It will only work if the destination has a broken IP implementation. IFF the implementation is correct, it's supposed to either forward or drop any IP packets with a destination that isn't configured on the interface. It's never supposed to process them locally. Of course on a POS that you can't change the IP address on, one can't be sure it's actually handling the IP protocol correctly. Which would mean that putting more than one of them on a switch is probably a bad idea.

Re:It's not a networking issue.

[cusco]

I think you'll find that most embedded hardware has your "broken" IP implementation. Probably partly because it's more work to set it up correctly, but also because there are a lot of times where installers in the field or repair people in the shop have no way of knowing what the IP address of this stuff is supposed to be and need to be able to get at it. Devices that I have personally worked with would include a plethora of security cameras, Seimens I/O panels, Lantronix and Mercury TCP/IP to serial I/O converters, AMAG security hardware, two kinds of infant abduction systems, intercoms, and emergency alert systems. Some (most?) SCADA hardware is set up that way as well, I've been told. I suppose the reason why this isn't really considered a security issue is that you need physical access to the device to make it work.

Re:It's not a networking issue.

[herbierobinson]

That's scarey. Some of the devices you are mentioning get used in large networks (Lantronix term servers, for example). And a lot of them are on home Internets.

wow, that makes me feel good

[phantomfive]

Unfortunately the devices are not actually on a network, and as such cannot be updated remotely, also since they are not on a network,

It makes me feel good to know that something in this world is still air-gapped.

Re:wow, that makes me feel good

They aren't actually air-gapped. They are on a two-wire control network with the POS device - which is why the dispenser (NOT PUMP) can be stopped remotely from the POS. It is also how price changes, pre-authorizations (I want $20 on #7) are done. But that network doesn't allow firmware updates, just control.

The original submitter probably doesn't know much about these if he calls them pumps. A station has only one pump per grade of fuel (although in some rare cases of multiple tanks even when they are connected together they may have 2 pumps per grade of fuel). The heads that people call "the gas pump" are dispensers only. They don't create the pressure that generates flow. He is reprogramming / flashing the dispenser control heads. It is normal for the ordinary consumer to call these things "gas pumps" - but people who work in the industry generally know better and would call them dispensers.

Re:wow, that makes me feel good

[uncqual]

Although, perhaps the original submitter called them "pumps" rather than "dispenser control heads" because they assumed that was what most /. readers would understand. Generally it's best to communicate in the language your audience understands unless it confuses others -- and you, allegedly knowing how these things work, seem pretty confident that you understood what the submitter meant. Mission accomplished.

Re:wow, that makes me feel good

[kylemonger]

Yeah, but it isn't really air gapped. How does the pump authorize debit/credit transactions without being on a network? The answer is that it is on some network, just not one the tech is allowed to use to update the software.

Re: wow, that makes me feel good

[phantomfive]

Oh but don't worry, they're secured using the NetUSB driver!

Re:wow, that makes me feel good

[jbengt]

A station has only one pump per grade of fuel (although in some rare cases of multiple tanks even when they are connected together they may have 2 pumps per grade of fuel).

Actually, it can go either way. You can buy dispensers with built-in pumps - one pump per dispenser per fuel type, with suction piped to the tanks, or you can drop a pump into each fuel tank, with discharge piped to the dispensers. You do have to be careful about minimum positive suction head if you go with a dispenser-mounted lifting gasoline from an underground tank. Cost and complexity can make the fewer tank-mounted pumps a better solution for large installations with a lot of dispensers, anyway, but it is not unheard of to have pumps installed within the dispensers for small installations.

Re:wow, that makes me feel good

[AK+Marc]

They used to be pumps, and often still are. I was told that if they are very loud, and the sound comes on and off when you activate it, then the dispensers are pumps.

Why not just...

[TechJag]

... have each device IP'd different and come in with a switch and plug them all in at once, since they aren't really networked anyway why does it matter what the IP is?

Re:Why not just...

[omnichad]

Yes. This would be the simplest option. Unless the problem is that the loading software will only do one at a time and this is to make the very slow updates happen in parallel (30 minutes vs. up to 8 hours).

Re:Why not just...

[DutchUncle]

In the problem specification, it says that the devices have the same IP. Maybe the installation program relies on this. Since it's an embedded system, changing it may not be possible. OP has to deal with the situation as it is, and "change the situation" is not a simple option.

Re:Why not just...

[Mr.+Sketch]

OP said that they all have the same IP. Presumably this is enforced by the manufacturer, and he has no way to change it.

Re:Why not just...

[phantomfive]

At no point did the Asker state TCP/IP was involved, nor is there any reason to think it is.

Is there anything that uses Ethernet without using */IP? Is there anything that uses Ethernet without using */IP that also uses IP addresses??

Re:Why not just...

[ripvlan]

The uploading software is probably hard coded to look for this well known IP address. It's possible that they are all direct connect (aka don't care IP) - but I wouldn't be surprised if not.

Re:Why not just...

[hawguy]

Except, you know, saying that they are all using the same IP.

Yes, that doesn't 100% lock in the use of TCP, but in 2015? You can pretty well assume that we're dealing with TCP/IP, and the asker can offer additional information if this isn't the case.

Lots of devices still use TFTP for firmware updates, so the pumps could be using UDP/IP rather than TCP/IP.

Re:Why not just...

[Minwee]

Is there anything that uses Ethernet without using */IP?

I'm not even going to start answering that, but I am curious about one thing.

Which major corporation are you the CIO for? Please be honest, as I stand to win $20 here.

Re:Why not just...

[phantomfive]

UDP is included in */IP. UDP packets travel over IP.

Re:Why not just...

[sjames]

ATA over Ethernet for one. If it's running over a private network also used for management the second question is also yes.

Re:Why not just...

[phantomfive]

None of those (of the ones that are not IP) use an IP address.

Re:Why not just...

[umghhh]

In the corp I work for they had an education program for engineers like cisco and shit. Some people went but then cost cutting machine came, after that only internal courses were offered. Some went for that too. Both classes of people were as useless as managers at talking about networking issues. The fun part was fixing all different types of loops at customer suites during epic installation battles. Good that our customers were (so far) as clueless as the rest of us here are. Bottom line - the networking stuff on the level where you actually understand the question and why the post is a bit odd, goes where all other serious skill-sets went : to the cellar, where they came out from, many many years ago. I would have won lots of lots of 20$ if you were working with us :)

Re:Why not just...

[danbob999]

Except that the IP address is configured in the software he is updating. He's the guy doing the update, not the developper who choose to have the same IP address on each pump. But there are good reasons to put the same IP address: simplicity and manufacturing. All these pumps are identical. You don't want manufacturing to need a different software configuration depending on the physical location of the gas pump. For the same reason, all Linksys routers are configured with 192.168.1.1 and not random IP addresses.

Re:Why not just...

[danbob999]

Except that no one uses PPPoE without */IP on top of it.

Re:Why not just...

[umghhh]

I have worked with systems that had hard coded networking parts that were used for software management i.e. mostly installs and upgrades. In test environment we had multiple machines connected to one start server trough the switch. In some configs we had different vlans to make man installs going trough in such env. You can automate this either way. The question is:why would you and if so how would you go about it in a secure way (that is not the original question tho is it?). In some situations it is desired not to have a connection to wider networks. This is not meant as protection but one more level of difficulty for intruder - s/he has to physically plug their dirty cables into the virgin slot. OC usually this is a major vulnerability - most of such devices have no protection whatsoever, produced by SW plumber from Zamunda for spare cents ears ago when they did not about Putin palladium hackers nor NSA democracy fighters etc, no consideration and no competence enforced protective measures - you can install whatever you want if you have physical access. I wonder if this is the case here. I hope not but we know how that works...
Do we know anybody who updates software to those nifty highway toll cameras? I am sure with some digging the credentials are root/root or some other such....

Re:Why not just...

[RatherBeAnonymous]

Yes. I worked with a 3com phone system that ran on bare Ethernet.

Re:Why not just...

[phantomfive]

If they're using it as framing or as payload, then they're using IP.

Re:Why not just...

[AK+Marc]

TCP/IP is the name of the protocol suite that includes UDP. UDP is a subset of TCP/IP. TCP is a subset of TCP/IP. UDP/IP doesn't exist.

Re:Why not just...

[AK+Marc]

You didn't see the second part of the question. Yes, there are a few protocols that use Ethernet without using TCP/IP. Do any on that smaller list us IP addresses?

I can think of quite a few that use Ethernet, but I can't think of anything that uses static IP addresses that doesn't use TCP/IP, on Ethernet or otherwise.

That there may be something someone has made work in a lab doesn't mean that we should assume the most obscure and inane definitions for the task at hand.

Re:Why not just...

[hawguy]

TCP/IP is the name of the protocol suite that includes UDP. UDP is a subset of TCP/IP. TCP is a subset of TCP/IP. UDP/IP doesn't exist.

There's no UDP in TCP -- UDP is a completely different (and much simpler) protocol.

Here's the UDP RFC:

https://www.ietf.org/rfc/rfc76...

One possible UDP/IP interface would return the whole internet datagram
including all of the internet header in response to a receive operation.

Both UDP and TCP are transport layer protocols built on top of the IP Network Layer, you can have UDP without TCP, and TCP without UDP. They don't even require IP, you could build them on top of a different network layer.

Re:Why not just...

[AK+Marc]

TCP/IP is a suite of protocols that includes UDP. http://www.protocols.com/pbook...

UDP isn't TCP, but UDP is one of the many protocols in the TCP/IP suite.

Re:Why not just...

[hawguy]

TCP/IP is a suite of protocols that includes UDP. http://www.protocols.com/pbook...

UDP isn't TCP, but UDP is one of the many protocols in the TCP/IP suite.

Ok, if you're going to make up some ephemoral "TCP/IP Suite" that includes 6 of the 7 OSI layers, then sure, TCP and UDP fall into that group.

But the point remains that UDP is not part of TCP, they are completely independent.

Re:Why not just...

[AK+Marc]

Why are you being belligerent? "TCP/IP suite" wasn't made up by me. I gave a cite. There are millions more where that came from. It's not an obscure thing I made up. Go read any of the large number of good books on TCP, and they'll include UDP as a subset of TCP/IP. Something like TCP/IP Explained by Miller is a good book to start with.

UDP is a subset of TCP/IP.

That you don't know what TCP/IP is is a separate issue. Try learning something, rather than accusing everyone else of being wrong, when you don't know what you are talking about. You once heard TCP and UDP are different. I understand. But you don't know what TCP/IP is. Learn that before you make a fool of yourself. Oops, too late.

Re:Why not just...

[Mostly+a+lurker]

Correctly spoken, TCP and UDP are two completely separate transport layers available within the Internet protocol suite. When people talk about TCP/IP, they should be talking about using the TCP transport layer and IP (v4 and/or v6) internet layer. This does not include UDP. Of course, as with most complex technology, the wrong terminology is often used. I am sure you can find references where the "Internet protocol suite" is called "TCP/IP" and all the distinctions between different layers and protocols confusingly blurred. That does not make such terminology technically correct, and it certainly does not promote correct understanding. Wikipedia actually has a superb and very readable description of the Internet protocol suite and all the different components that are currently part of it.

Re:Why not just...

[AK+Marc]

http://en.wikipedia.org/wiki/I... repeatedly calls it TCP/IP, and it explicitly includes UDP. The confusion isn't there. The Internet Protocol Suite *is* TCP/IP They are the same.

Re:Why not just...

[hawguy]

Why are you being belligerent?

Belligerent? Are you sure you know what that word means?

UDP is a subset of TCP/IP.

Maybe it's the word "subset" that you don't understand?

UDP and TCP are completely different protocols, and the only thing they really have in common is that they are (usually) built on IP (the "IP" in TCP/IP and UDP/IP).

Re:Why not just...

[AK+Marc]

Belligerent? Are you sure you know what that word means?

http://dictionary.reference.co... "given to waging war." Synonyms: combative, quarrelsome (others trimmed)

UDP and TCP are completely different protocols,

Good so far

and the only thing they really have in common is that they are (usually) built on IP (the "IP" in TCP/IP and UDP/IP).

http://en.wikipedia.org/wiki/Internet_protocol_suite The Internet Protocol Suite is called TCP/IP. UDP is a subset of The Internet Protocol Suite. Thus, UDP is a subset of TCP/IP. There is no UDP/IP. That's a typo of TCP/IP or UDP.

You are just making it clear you don't know what TCP/IP means, or belligerent, for that matter. You are being deliberately contentious. You are ignoring cites that support my position, and can present none that support yours.

Re:follow defined procedures

[azav]

Seems like if you had more than one device or virtual devices, and more than one ethernet cable on more than one ethernet port, you could stagger your installs.

If the headline is posed as a question, the answer

[rwa2]

... is no.

The thing you propose sounds fine. But do they really want to upgrade all of the pumps at once? Sounds like a great way to brick an entire facility.

The only "improvement" I could think of would be to set up some kind of cheap router that can do MAC address filtering, that way you can set up the router to allow only one of each pump to show up as that one silly IP address at a time on a switched network. But then you'll still be able to only do one at a time.

The "right" way to do this is just throw money at the problem and attach a real computer to each pump, with a separate interface to talk to the static IP. Maybe something as small as http://www.fit-pc.com/web/prod... or just some generic mini-ITX board in a telecom chassis or whatever.

Switch with VLAN

I have no clue how you would manage that in Windows, but I would think it would do the job somehow.

Solution

[TooMuchToDo]

1) Get a managed switch
2) Configure all ports but one to be on their own VLANs
3) Configure one port to be a trunk port
4) Configure your laptop or other computing device to support trunking
5) Configure your virtual machine so the entire process is scripted. It should boot, execute the upgrade procedure, and then provide logging for the process to you.
6) Start VMs, with each configured on one of the VLANs.

Done.

Re:Solution

[hjf]

This. It was the first thing that came to mind.

Re:Solution

[skids]

Yes, this. There are a good number of cheap managed switches and that would collapse the octupus USB hub into a neat little package.

(Actually you can also get some of the cable modems to vlan on the switchports, depending on the chipsets, but that's a bit more hinky)

The other possibility is to play ebtables tricks based on the device MAC address, but you still end up needing a hub, so just go with the managed switch.

Re:Solution

[ripvlan]

I was going to suggest contacting the pump vendor and see if they have a solution. It might be considered cheaper to pay this guy than it is to fix the problem.

Or - get a dozen of those new Intel PCs on a stick. Rather than running a dozen wires across the parking lot to trip on or finding a managed switch that can support that many VLANs - just create PC dongles.

Re:Solution

[viperidaenz]

Probably cheaper and easier to just buy 16 netbooks and leave the process how it is.
Bonus being not having to run ethernet cables across the forecourt, or a power cable to run the switch. Perhaps the petrol station doesn't want all of their pumps out of action at the same time too... since that could lose them business.

Re:Solution

[AK+Marc]

I expect the proprietary software wouldn't run on a netbook. Go for an actual computer, rather than a huge phone that can't make calls. Cheap notebooks cost about the same as a netbook anyway.

Re:Solution

[viperidaenz]

Traditionally, netbooks are x86 based. They're a small notebook with a screen 10" or less.
They were spat out by the truckload when Intel released the Atom.

huge phone that can't make calls

Perhaps you're confused with tablets.

Re:Solution

[AK+Marc]

Traditionally, netbooks are x86 based.

Traditionally, they also aren't running a full OS. Chromebook is a netbook. Windows 8 running on a small laptop isn't a netbook.

Perhaps you're confused with tablets.

Nope. My phone has more cores, more RAM, and more software options than the last "netbook" I saw (a recent HP chromebook). Setting a phone on my desk, connecting HDMI to it, and a bluetooth mouse and keyboard, and it'll out-perform the netbook. The reason they don't compare is that the netbook comes with the larger screen, and can't make calls.

Re:Solution

[viperidaenz]

The first netbooks ran Windows XP
They came around before Chrome OS and Android existed.
All there really was was a "full OS"

Windows 8 on a 10" or smaller screen with a folding keyboard is a netbook, even if it has a 64 bit Intel processor. It's a form-factor.

Re:Solution

[AK+Marc]

The first netbooks ran Windows XP

http://en.wikipedia.org/wiki/N...

Wikipedia disagrees with you. Feel free to correct Wikipedia, but for now, I'll take their word over yours.

Re:Solution

[viperidaenz]

My bad, they ran Linux. Windows netbooks came a few months later

Re:Solution

[AK+Marc]

The windows ones were less successful, which is why it has a functional, as well as form-factor meaning. A Windows 8 device with 16 GB or ram, quad-core i7, and big SSD isn't a "netbook" no matter what the form factor. "netbook" means small, cheap, and with only the power to surf the web. So the powerful small devices are called tablets, convertables, or ultrabooks, depending on the form factor, but never netbooks.

You look to be clinging to the "original" definition of them, that was form-factor driven, not the actual use of the word, which has evolved as devices evolved.

Re:Solution

[viperidaenz]

Technically the original definition of the term is was trademark for the Psion netBook from 1999.

I'm not sure where you imagined "A Windows 8 device with 16 GB or ram, quad-core i7, and big SSD" though.

The current Asus Eee Book's feature Intel Atom or AMD E-350 CPU's.
Samsung, Acer and HP make some Atom based netbooks as well.

Re:Solution

[AK+Marc]

I'm not sure where you imagined "A Windows 8 device with 16 GB or ram, quad-core i7, and big SSD" though.

So, there is no such device?

Easy!

[WPIDalamar]

Get 16 laptops.

Re:Easy!

[avandesande]

Or an intern?

Re:Easy!

[Kohath]

Crappy used laptops are cheap. You don't need 16. You need 4. The first one will be about done by the time you get the 4th one started.

Re:Easy!

[Minwee]

And then the Intern goes to Ask Slashdot, and we start the whole thing over.

It's some kind of Internception.

Re:Easy!

[internerdj]

Yeah, but then the submitter doesn't have to sift through all the snarky comments to get an answer.

Re:Easy!

[Lakitu]

Easy solution to that. Get 15 more interns.

Re:Easy!

[viperidaenz]

Then port the proprietary upgrade software from Windows/x86 to... Windows 10/ARM or Linux?... dumbass

Re:Easy!

[Etherwalk]

Crappy used laptops are cheap. You don't need 16. You need 4. The first one will be about done by the time you get the 4th one started.

The Dell Latitude E4300 I am typing this on concurs. And cost around $80 on ebay a year ago.

Re:Easy!

[toddestan]

My guess is the vendor's propriety upgrade software requires Windows. There's a decent chance he brought up XP, because it also won't run on anything else. Though I'd be tempted to capture the packets and see if the software is actually doing anything fancy like authentication or if it just blasts packets out to anything that looks like a gas pump.

Probably the way

[phantomfive]

The only way I can figure to accomplish this with the software we've been provided is to do this: Get a 16-port powered USB hub, with a usb-ethernet adaptor in each port; Set up 16 VM's with extremely stripped down XP running on each, with only one USB-ethernet adaptor assigned to each VM; Set XP to boot the application for loading software as its shell; and load each device that way at the same time.

That might be the best way, because you are limited by the software they gave you. Might consider trying Linux and Wine to save space. If that works, then you can load 16 raspberry pies into a briefcase and run it from there (I've seen similar operations for wireless monitoring).

If you actually do build that setup, please take pics because it sounds kind of cool.

Re:Probably the way

I'm pretty sure you can't run Wine on an ARM processor. Maybe you could run x86 Wine through QEMU on an ARM processor, but that's starting to sound crazy pants.

Use VLANs

How about getting a managable switch, assign a different VLAN to each port. Then have one port connected to all VLANs and connect your XP VMs to different VIDs. Should at least save you the hassle of using 16 usb dongles as well as the USB hub.

What will you do with your free time?

Let's pretend we solve your problem and now you can update all systems at once reducing a day's work to 30 minutes.

Are you getting paid by the hour?
What will you be able to do in your new found time?

It looks to me like you are solving a problem with zero benefit to you. You didn't create the inefficient system you are required to work and improving it won't help you.

Re:What will you do with your free time?

[f205v]

I do fully subscribe to this point of view. If you solve the problem for cheap, test it a couple of times just to be on the safe side, and then SELL THE SOLUTION to your employee.

KISS (Keep It Simple Stupid)

[Ariastis]

Go on FleaBay and get a few older laptops for dirt cheap ; set one up with your software and copy it to all the others.

You can now do thay many pumps at once, and if one has a problem it wont screw up the whole lot.

Vm's

[t8z5h3]

not really, what your really talking about is "doing the right thing". what i mean is that a short cut would be to connect everything to a network and basically brake the security of the Air Gap, also your idea may fail because the VM software will have to do Time Sharing with the limited cores of your laptop. witch at time may make some vm machines look like they are Frozen. and also Even Ram maybe a issue two. but good luck anyways.

Arduino to the rescue!

[RecursiveLoop]

Create 8 battery operated arduino's whose sole purpose is to translate and then broadcast the single IP Ethernet to unique IP on a wireless network, run a local ap, then I'm sure there are apps/scripts that will allow you to sandbox the OEM app allowing the reversing of the IP translation back to the original and running multiple concurrent independent instances(no VM required), i did this with outlook prior to it allowing multiple exchange accounts, although didnt tackle the ip routing. Then sit back and get fat while you compete you full days job in an hour.

Re:Arduino to the rescue!

[phantomfive]

i did this with outlook prior to it allowing multiple exchange accounts, although didnt tackle the ip routing.

The routing is the hard part.....it's like some kind of weird reverse-NAT. It seems like there should be some simple IP-Tables command to do this based on MAC address, but I don't know what the command would be. Then he could run multiple instance of the same software (depending on the software).

I don't think there's a way to set up that kind of routing in Windows, though.

Re:Arduino to the rescue!

[g0bshiTe]

Petro-tech, asking about servicing gas pumps, doesn't mean the guy has the skillset to build out and program arduinos or anything we suggest as well as the ability to debug it to make it rock solid.

It's like giving medical advice to someone over the phone.

The laptops while not elegant are the easiest for layman to implement with the least amount of "dafuq just happened" involved.

NAT?

[MightyMartian]

I guess you could throw each one behind some sort of NAT router; maybe something like a Raspberry Pi, so that to the actual LAN they each have a unique IP. But even going for a low end computer-on-a-stick solution, you'll need a second USB ethernet adapter, or ethernet-to-WiFi bridge, not to mention it sounds like they are still air gapped, so can you reasonably get cabling to the pumps? So you're talking here about 20-30 NAT routers plus cabling. A big cost, with some security implications that need to be thought out.

Have you thought about talking to the vendor?

Re:NAT?

[phoebe]

This sounds the most practical method, configure a set of Raspberry Pi devices each in a self contained case with one USB for Ethernet to the pump and the second USB for WiFi. Each Pi device should be configured with plain NAT or HAProxy across each interface for the required access ports. Then bring your laptop and an access point in and update away.

Re:NAT?

[viperidaenz]

All the pumps have the same IP address. Perhaps they all have the same MAC address too.

Don't

[HornWumpus]

If you fix this problem they will more then likely fire you. Nobody likes a smart-ass. They know what your time is worth, likely not much. Just do it the slow way.

Seriously, you are an upgrade monkey.Just monkey on and look for a better job where you can use your skills and you will be _paid for them_.

Alternatively: If your employer is contracting to do the upgrades, figure out how to do it in 25% of the time and take the business from them. They don't own their clients, but likely think they do.

Re:Don't

[HornWumpus]

I used to dream of working for a manager that had such wisdom.

Instead they got their tech advice from marketers spewing buzz words.

VLANs are your friend

[Mr.+Sketch]

I think you could configure each port on the switch with a different default VLAN and plug those into the terminals (e.g. Port 1 gets VLAN 1, Port 2 gets VLAN 2, etc). That will by default separate each port into a separate network. Then use VLAN tagging on your XP VMs that you were going to spin up, so they each are effectively connected to a separate port on the switch (e.g. VM 1 is tagged for VLAN 1, VM 2 is tagged for VLAN 2, etc).

This is just the high-level details of what you'll need to do. Most lower-end consumer grade switches don't have VLAN support, so you may need to spring for a better switch, and make sure your VM software supports VLAN tagging.

You're thinking about this backwards

[dlkwnt]

Instead of trying to centralize the operation and running cables all over the place, you should be thinking about distributing the task. How much horsepower and/or interaction does this updater app require? Why not look at getting a bunch of cheap/small computers for this task like a Raspberry Pi or a NUC or something? Seems to me, that you could even design something that would approximate an embedded solution. Maybe even add an LED that turns green on completion. Then just carry around a mini keyboard/trackpad and a battery powered portable monitor in case you need to interact with any of the computers.

Re:You're thinking about this backwards

[bugs2squash]

It's hard to imagine any packet loss on a short point to point ethernet cable. If there's no complex crypto involved or differences in the pumps, maybe it would be feasible to update one pump, capture the packet sequence in a pcap file, and then replay that packet sequence to the next pump using a raspberry pi. I would have thought a suitable "expect" style script could be cooked up... play outbound packets and expect the next inbound packet.

None of these solutions "work"

[mschuyler]

OP said "day to day" activities. He's updating one pump at a time. What are the other pumps doing? Dispensing gasoline. To update all 16 pumps at once would render all 16 pumps out of service for half an hour. That is simply unacceptable for the station. They would not want to just shut everything down and eliminate a half-hour's worth of revenue from 15 pumps just so OP is not inconvenienced.

This is a typical IT viewpoint. We have a technical problem to solve, and to hell with the users. They're just in the way of our supreme elegance anyway.

Re:None of these solutions "work"

[__aaclcg7560]

This is a typical IT viewpoint. We have a technical problem to solve, and to hell with the users. They're just in the way of our supreme elegance anyway.

This is a typical user whine. Ask the user to log off at the end of the day to allow the computer to be accessible during the nightly maintenance window, it becomes a life-and-death struggle for them to log in the next morning, launch their applications, grab coffee and -- gasp! -- talk to a coworker in the hallway. And then get mad when all the systems are rebooted during a three-day holiday weekend to deploy the security patches.

Re:None of these solutions "work"

[avandesande]

Yeah it's hard to imagine having a bunch of nework cables strung over a gas station being acceptable. Maybe just doing a cluster of pumps would be a better goal.

Re:None of these solutions "work"

[sunking2]

Somebody doesn't understand what it means to be in a support role.

Re:None of these solutions "work"

[FalcDot]

You are quite right.

Then again, he also mentions that "some sites have 8+ pumps with 2 devices in each".

Just being able to update both devices in a single pump should already cut his worktime in half, while having two stations down instead of one should not affect the business very much.

Re:None of these solutions "work"

[sexconker]

OP said "day to day" activities. He's updating one pump at a time. What are the other pumps doing? Dispensing gasoline. To update all 16 pumps at once would render all 16 pumps out of service for half an hour. That is simply unacceptable for the station. They would not want to just shut everything down and eliminate a half-hour's worth of revenue from 15 pumps just so OP is not inconvenienced.

This is a typical IT viewpoint. We have a technical problem to solve, and to hell with the users. They're just in the way of our supreme elegance anyway.

Not to mention the lawsuit when a customer trips over the cat5 obstacle course.

Re:None of these solutions "work"

[mschuyler]

That's your experience, maybe, assuming you really keep tabs on them, but it isn't mine. With the two stations I frequent, one a 30 pump station, it is often difficult to even find an empty pump.

Point being that none of us here get to tell the gas station how to handle this situation. The gas station gets to tell us how to handle the situation. We're here trying to find an elegant solution to a problem we think we can create without regard for the users just so we don't have to work so hard.

So what are you going to do about the lost revenue? You know, the revenue that ultimately helps pay your salary? IT still has not learned that the world does not revolve around it and seems blissfully unaware of the utter contempt the rest of the world has toward it. It's a reputation that is not unearned.

The REAL solution here is to network the pumps and push the software from afar, one at a time, late at night, laying off OP in the process. There is no reason you can't be replaced by a droid. Face it: You're doing grunt work. No particular expertise required.

Re:None of these solutions "work"

[GrumpySteen]

And somebody doesn't understand that the 'users' in this case are customers who will leave and go elsewhere to fill up if all the pumps are shut down. Explaining to management that they're losing revenue because you don't want to upgrade the pumps one at a time is sure to go over well.

Re:None of these solutions "work"

[__aaclcg7560]

Unfortunately, in all the Silicon Valley companies I worked for in the last 20 years, no one ever got fired for not obeying corporate IT policies.

Re:None of these solutions "work"

[kevmeister]

Most stations are not open 24 hours. Updates are normally run at night when there are no customers.Even stations open around the clock, at night have light business loads, so taking two to four pumps off-line at a time may be quite reasonable. So some of these solutions should work. The ones to avoid are those that remove the air-gap to the Internet as these expose lots of potential issues.

The switch with VLANs looks like a reasonable approach.

Oh, and every gas station has ducts running to the pumps, so there won't be any exposed cables to trip over. Just be sure that the cables and how they are run comply with codes.

Re:None of these solutions "work"

[Ichijo]

He's updating one pump at a time. What are the other pumps doing? Dispensing gasoline... They would not want to just shut everything down and eliminate a half-hour's worth of revenue from 15 pumps just so OP is not inconvenienced.

If you are correct that all the other pumps are in use, then shutting down one pump at a time will result in the same amount of lost revenue (8 pump-hour's worth) as shutting them all down at the same time.

A better solution is to raise the price of gasoline slightly so fewer than 16 pumps are in use at a time. This way, a financial optimum can be achieved between lost pump revenue and the cost of the technician's time.

Re:None of these solutions "work"

[__aaclcg7560]

The 'users' in this thread are employees at a company, not customers at a gas station.

Re:None of these solutions "work"

[GrumpySteen]

The first comment in this thread:

OP said "day to day" activities. He's updating one pump at a time. What are the other pumps doing? Dispensing gasoline. To update all 16 pumps at once would render all 16 pumps out of service for half an hour. That is simply unacceptable for the station. They would not want to just shut everything down and eliminate a half-hour's worth of revenue from 15 pumps just so OP is not inconvenienced.

The IT is the guy updating the pumps. The users are the customers using the pumps to get gas.

Somebody either didn't read or didn't comprehend the previous posts in the thread they're posting in.

Re:None of these solutions "work"

[__aaclcg7560]

My thread started with the OP quote: "This is a typical IT viewpoint. We have a technical problem to solve, and to hell with the users. They're just in the way of our supreme elegance anyway."

The typical IT viewpoint is typically found in a Fortune 500 company with employees. Data acquistion at a gas pump isn't a typical IT activity. The only person who is making reference to gas pumps in the context of my thread is YOU. As a professional IT technician, I can reassure you that your problem is located between the keyboard and chair.

Re:None of these solutions "work"

[GrumpySteen]

And he's talking about an IT person who updates firmware on pumps at a gas station. Who are the users who are using those pumps? The customers buying gas.

The only problem here is your lack of comprehension.

Re:None of these solutions "work"

[__aaclcg7560]

The only problem here is your lack of comprehension of the point that I was trying to make.

Re:None of these solutions "work"

[__aaclcg7560]

After a decade in help desk IT, I'm currently working in computer security and writing scripts to automate routine tasks.

Re:follow defined procedures

[Adriax]

Yup. A bunch of cheap single boards with ethernet would work. Like raspberry pi.
Strip down the OS and script it to push the update from a given directory on boot up. Then you can just clone the SD card for 4/8/16 devices and update them with the new firmware as needed.

Pi, case, battery with power switch, small SD card. $50-$75 a piece depending on how fancy your want to get with the case and battery.

Re:If the headline is posed as a question, the ans

[Andrewkov]

Not only that, the gas station may not want more than 1 pump down at a time.

Priority Crucial Question

[NEDHead]

Are you paid by the job or by the hour?

I have a question.

[SuricouRaven]

What type of idioticly designed pump takes half an hour to run a software upgrade?

Let me guess: Some useless manager thought it'd be easier to stick a full-fledged PC running Windows inside every pump than it would be to hire someone who can do proper embedded software development?

Re:I have a question.

[rudy_wayne]

What type of idioticly designed pump takes half an hour to run a software upgrade?

According to the OP, the update process involves "running a manufacturer-provided program that connects to the device and pushes the new software."

I don't think it's too hard to guess what level of software quality is provided by the pump manufacturer.

Can we say DUPE POST!

[__aaclcg7560]

All the pissing matches about IP access for gas stations were covered in a past post.

http://it.slashdot.org/story/15/01/23/1856201/us-gas-stations-vulnerable-to-internet-attacks/

Is the software locked down to the specific IPs?

[rikkards]

Basically what I wonder is if although the units are locked down to a specific IP is the software used to do the uploading?
If not, you can use arp to give the machines a new IP against their MAC addresses. Then run multiple instances of the install software and point at each IP.

https://technet.microsoft.com/...

Re: If the headline is posed as a question, the an

[jo7hs2]

That's exactly what I came here to say. Why this would save OP time...it will cost the station money. The current setup means one pump is down at a time. His proposal means all the pumps at the station will be down, or even if he is more responsible and does half and half, half of them will be down. This is unacceptable from a cost-benefit perspective (no way is his time savings worth the loss in sales) and from a customer service perspective. Just forget it and bring a book. You're getting paid, right? Unless you are paid by the job and not by the hour or salaried, it isn't your problem.

Re:If the headline is posed as a question, the ans

[johanwanderer]

Besides, if you can do it in 1/16th of the time, you might find your maintenance budget get slashed to 1/16th of previous year/quarter.

From what you described, it seems you/they allocate about a day to upgrade each station (16 units at 0.5 hour each.) Beats driving around in traffic to 16 different stations a day, too.

Aren't they already networked?

[Andrewkov]

Curious how the pumps communicate with the POS system in the office, some other type of network? Too bad the updates can't be sent via that network.

Get a second ethernet adapter.

[Psychofreak]

This might half the time required. You say you have a VM already on the laptop. Get a handful of external ethernet adapters. I think the best number will be in the neighborhood of 4, but learn with 2.

Run the VM and have one adapter present in each VM. Connect to device inside the pump. Start the next VM. etc. This is still a 2-node network, each instance will have a "fail safe" in an error will stop the one instance. With a typical gas station having 2 double pumps per island having 4 connections means one island at a time. 2 connections means 1 double pump at a time.

Best part is the headache is all in the VM working properly, and should be transparent to the software and to the pump. I am sure you have a training system to practice on before taking this live to the field.

Re:Get a second ethernet adapter.

[RockDoctor]

To be honest, I was thinking of a second laptop on a cart, with a bunch of cables hanging out of the back end of it. Possibly four laptops (TFS mentions VMs running XP so any brain-dead 32nd-hand laptop should have the necessary grunt) on a cart so you can do an entire island at a time.

- set out the cones to stop new cars arriving at the target island then hook up the cables as existing drivers finish and leave.

- set upgrade running on first system to be ready. When you're blocking on that pump, swap to starting the process on the next available pump ; lather, rinse, repeat until all 4 are running away.

- meanwhile, start moving the cones so the first machine to be finished will be the first available to the next customer, and you're ready to start isolating the first pump of the next 'island'

If you can spread things out evenly, then your maximum hanging around time has dropped to 7 and a half minutes, and if there is any significant amount of user input, your idle times are going to be shorter than that.

Though it is a networking problem, it's really an optimisation issue.

Security challenge

[bbasgen]

As others indicate, it is certainly possible to overcome this challenge. Practically, I wonder about cost to scale. The cost efficiency argument is cost to build out and maintain the solution versus the labor cost of manual changes.

Security hasn't been mentioned, and is rather important. Principally, I would want to know about (a) the regulatory requirements and (b) the risk of whatever security controls you would put in place (e.g. the loss potential) versus the value gained.

All of that said, if I owned a company doing what you described, I would certainly investigate options six ways from Sunday to find a better method, and I would suspect a better one than what you described is possible.

Re:Security challenge

[jbengt]

Somehow, many people are reading the question as "How do I create a permanent network for these pumps" where I believe he's asking "How do I hook up temporary cables from my laptop to multiple pumps in a way that lets me update them all at once?"

ToTo, I don't think we are on Slashdot anymore.

[GrantRobertson]

A competent, helpful answer in the third post.

Why make it less secure?

[Etcetera]

Dear Lord...

You have an airgapped network that prevents remote access, reducing the question of security to one of physical security... which is typically handled with big locks, cameras, 24 hour staffing at the gas station, and maybe men with guns if it comes down to it.

Why would you network these together and create an avenue for simultaneous, surruptitious hacking and attacking of your industrial equipment?

Be thankful you have a job, and don't let the SysAdmin's (natural, and usually good) desire for laziness and efficiency to lead to a future security issue justified by convenience.

where are the ports?

[rhcreed3752]

didn't see this in the initial description, but where are the ports you're connecting to? Are they wired back to the station, where you have a panel to jack into, or do you have to stand at each pump with a cable and a laptop? If it's an active station, standing there, with 16 cables draped along the pimps may be another logistical issue.

Cakewalk

[Spazmania]

Get a switch which supports VLANs, 1 vlan on each port and the trunk on your laptop. Then run the mfg's software inside virtual machines, each of which has one of the vlans connected to its virtual ethernet, using the mfg's IP address. Now you can run all the updates in parallel.

The better solution is for the mfg to give you software and a configuration that does not suck. But if you're stuck with it, the above will work just fine.

Contact the vendor

[moorley]

You know I'm all for open source but if you have a proprietary system that's vendor supplied, contact the vendor.

Make it a time/cost/material problem...

Yes, there is a technical work around for this, but if the firmware update is this half-assed you have other issues.

Too many VMs

[sentiblue]

Uhhh.... what you suggest is probably not a benefit overall...

Running a few VMs on a laptop is already a resource constrains... even if you run a minimal setup of XP, you'll still have a horrible time trying to power on 8 VMs.

I have done this on a MacMini before as I tried to simulate a network for a program I wrote, and I literally had to return the MacMini for a swap with iMac having top configurations.... Still had a horrible time with 12 nodes

Regardless how powerful your laptop is, I dont think it can do 16VMs at a time.

Re:Too many VMs

[terbeaux]

I have done this on a MacMini before as I tried to simulate a network for a program I wrote, and I literally had to return the MacMini for a swap with iMac having top configurations.... Still had a horrible time with 12 nodes Regardless how powerful your laptop is, I dont think it can do 16VMs at a time.

The latest MacBook Pro has an 8 core i7 with 16GB of ram and an SSD that writes at over 5 Gbps. I think you meant: "The crappy laptop they issue for upgrading firmware probably wouldn't run 16 VMs very well."

it's a security nightmare, distributed

[swschrad]

not a central one at this point. I will bet you a gallon of Ethyl that the pumps have hardcoded authentication, and the software probably has enough holes you could drive the Indy 500 through.

you don't want that on a network. not even for a little bit. you want that locked behind a panel. if there is no security, all you have is obscurity.

Re:it's a security nightmare, distributed

[suutar]

depends on the network. Right now the process is to put the pump on a 2 node network temporarily. Sounds like he just wants to be able to do them in parallel. His listed solution is to use 16 2-node networks, but even if it becomes a 17 node network it's still temporary.

16 VM's!

[nuckfuts]

I've built a fair number of hypervisors, both VMware and Hyper-V. The hardware required to run 16 VM's concurrently is quite substantial. Good luck running 16 instances of Windows XP on a laptop!

Re:16 VM's!

[Voyager529]

http://apcmag.com/pirated_wind...
http://www.newegg.com/Product/...
http://www.newegg.com/Product/...
http://store.vmware.com/store/...

New laptop, an SSD, and VMWare Workstation, all for less than $1,000. The key here is TinyXP, the custom-built flavor of XP circulating the internet that uses 50MB of RAM after installation. Boot time for all of them would certainly be measurable if not staggered, but 16VMs on a laptop that's got 16GB of RAM, running stripped down XP installations that have one job...I think it's doable.

I still think the Layer 3 Switch option is a better one. Where that might be a bit more of a problem would be with regards to whether the update software is capable of handling the possibility of seeing more than one device available to update at the same time. Even though it's possible with networking tricks to get all the pumps addressable at the same time, there's no guarantee that the software is built for that use case. For that matter, it's entirely possible that the software will throw up if multiple instances are attempted to run concurrently. Thus, the 16-VM route may be necessary for that reason, regardless of whether or not a layer 3 switch could solve the networking problem.

...oh, and can anyone recommend an exacto knife?

[aaarrrgggh]

Sometimes, for diagnostic purposes I also need to add a second read head to the credit card scanner. It would really be helpful if I could add this to the network, along with the keypad's diagnostic port. Any ideas?

In all seriousness though, there are some real fire protection issues with taking cables from the pump zone elsewhere. Everything in and out needs to be properly sealed to prevent explosive vapors from entering into a non spark-resistant system.

VLANs...

[sdguero]

You'd need a configurable switch, which can run a couple hundred dollars. THen you can put each port of a switch on a seperate VLAN. Should work.

Multiple devices

[ChrisC1234]

Is there any reason you couldn't buy multiple single-board computers capable of running a minimal XP install? You could set each device up so that it could boot, and directly initiate the software update. You could then just plug it up to a pump, start it up, and then move on to opening up the next pump and starting the next units. I'd be that with only 5 or so units, by the time you get to the 6th pump, the first unit would be finished with an update. And I think this would probably take less time than it would take to open up and wire up all of the pumps to do it at once.

Outages

[phorm]

You assume that they're a 24 station. Many stations (particular those at grocery stores, etc) do not operate 24hr, so it's feasible - possibly even likely - that the updates are being done during the off-hours.

Network the pumps

[mschuyler]

Network the pumps. Push the software one at a time. Lay off the tech. Problem solved.

Some good points above...

[clicker666]

Just because there may be a faster way to do it does not mean you should do it. One commented mentioned the entire system being down for the entire duration of the upgrade. That would be a no-go as far as the customer is concerned. One pump is a manageable inconvenience, half is inconceivable, all is grounds for termination. Gas stations sell more than gas, and those pumps draw people into the stores attached. Let's say you can get the process down to five minutes somehow, and the customer is actually on board with this. You do have the risk of bricking an entire station at once now. Stuff happens when upgrading firmware. Five minutes turns to thirty. Good uploads get interrupted. Shit happens. Lastly, why would you want to reduce your hours of billable time? You figure out a way to make your job part time and it will become part time, or part of someone else's job. Had it happen once. Literally worked myself out of a job.

Obvious solution

[mjm1231]

I can't believe nobody has posted the most obvious solution yet. Upgrade to IPv6.

Use VLANs and address translation...

[rMortyH]

Hello-
    If the 16 port switch is a SMART switch, you can, make the last port a TAGGED port, that carries tagged vlan traffic.
Make each of the other ports (except number one) an UNTAGGED vlan. (keep number one stock so you can access the switch!)
Maybe reserve one for the windows box.
Then, on your computer, run a linux instance with vlans configured, like eth0.2, eth0.3 openwrt would be great for this, you can run it on a little router or a VM.
On the linux box, (openwrt) set up address translation with DNAT and SNAT to make the same IP on each of the VLANS appear as a unique IP on the same network as the windows box. (There's a little voodoo because you don't want any routing to happen, since you have several networks with the same address scheme.) Then, you can run upgrades simultaneously to several different IPs on the windows box (if it lets you) and the physical box it goes to will just depend on which port it's plugged in to.
This VLAN trick is a great way to fake having a whole bunch of network cards in a single box, even a virtual one.
=Rmortyh

Rapberry PIs

Raspberry PIs with cross-over cables.

Every one of them with the same scripts. Buy 10 of them. By the time to finish hooking up the last one, the first one will be done.

Wait... what cabling?

[irving47]

So he's going to run up to 16 cables to 8 peds of 2 pumps each...? I guess if you're OK with doing that each time, sure...
Also, if it's only you/your company doing these, why can't you change the IP's on the pumps? Sure, if there was some other application or device needing them to be on a set IP, that would nix that idea.... but as said... they're not networked anyway.

Just get paid by the hour.

[jpellino]

Instead of by the device. Problem solved!

What's the best way to sharpen my football bat?

[netsavior]

I am having trouble with my billiards table, could you please tell me the best way to keep my football bat sharp so that my chlorine levels stay consistent?

Forcing application interface binding?

[snookiex]

Can you run multiple instances of the application? In that case, this (or a similar application) could be helpful. The idea is to make every instance to use a particular interface. I also thought that maybe, if the application can be run using wine, you could lunch multiple instances on a Linux box, each one using a different network configuration, but seems that it's not possible.

What manufacturer?

[Todd+Knarr]

What manufacturer is this? When I dealt with POS interfacing with Tokheim and Gilbarco pumps (including the MPDs) all the smarts was in the controllers and the modules of our POS software that ran the pumps, card readers (Petrovend units for non-MPD stations) and RF tag hardware. The pumps were relatively dumb and only required software updates when the physical hardware was modified, and we could do the software bit while the pump was down anyway for the physical work. Most "software updates" were just changes to the database tables that told our software how to react to events and what settings to send to the pumps for mix ratios, prices and so on. Your description sounds like you've got a good chunk of the POS system actually running in the pump itself.

Bring 8+ laptops

[Vincy]

... and don't wait for one to finish before starting the others.

Best way? Get more laptops.

[Chelloveck]

Consider this: They're paying you to spend a full day at each gas station doing firmware updates. If they care about the time it takes you should be able to get them to spring for a bunch of laptops so you can load all the pumps at once, properly, without resorting to VMs and trickery. Issuing you 16 laptops so you can do three or four stations in a day is a hell of a lot cheaper than hiring three or four more technicians as babysitters. Argue your case from that perspective and don't bother with the half-ass solution. If they don't go for it, then find a good book and keep doing it one pump at a time. They've decided that you're worth the expense.

Re:Best way? Get more laptops.

[TsuruchiBrian]

Why on earth would you want to do a solution that uses 16 laptops? In addition to being expensive, and inconvenient, it requires keeping 16 laptops maintained.

Using advanced routing techniques isn't trickery. It's how networks are supposed to be used to solve problems. This is the benefit of a network interface over something like a PPP serial connection. It sucks that all the pumps have the same IP address, but due to the versatility of network technology, that's not an insurmountable problem.

Buying a single 24 port smart switch will be much cheaper than buying 16 laptops.

There is one obvious solution

[TsuruchiBrian]

Network address translation.

The most elegant way to do it, is to buy a potentially expensive smart switch that can do all this for you in a compact and efficient. You may have to do some research on how to configure it properly.

The next best way would be to build a PC with a bunch of NICs and basically build the switch from my first suggestion. It's probably even more effort to configure it. It may be even more expensive if you need to buy all the parts new, but you are more likely to have these common parts or know someone who does, and they can be old.

The way that requires the least technical know-how but might be the most MacGyvery, ugly, and fun, id to get a bunch of old routers (one for each pump). Set the DMZ address of each NAT router to be the fixed IP of the pumps. Configure the wan addresses to something like 192.168.0.1 (for pump 1), 0.2 (for pump 2), etc. Then hook all the wan ports on the routers to a big switch along with your laptop. And hook up each pump to one of the lan ports of it's corresposnding NAT router. And bingo, you are on a network where each pump has a different IP address.

The downside with this last one, is that you have a lot of points of failure. Old routers are not known for being very reliable. The good news is that they are cheap, and you don't need the wifi to work. You don't even need them all to be the same make/model.

vlans, virtual machines, and a managed switch

[TheCow]

Get a 16 or 24 port managed switch that supports vlans (you need a port for each pump plus your laptop)
Put each pump in a separate vlan
Use a descent laptop with parallels or VMWare workstation
Run X number of machines to run the upgrade, each connected to a different vlan (trunk the vlans to the VMs through the laptop NIC (maybe use a USB nic)
Get a little fancy and see if you can script the running of the upgrade so when the VM starts it automatically starts the upgrade process.

Another option that could be wireless would be to use a device that supports multiple SSIDs like a Mikrotik router with wireless.
Each SSID would be a separate vlan/separate pump.
On the pump side use a similar mikrotik device to bridge the wireless and ethernet port. (you might be able to use something like a Raspberry Pi as this client device)

8 routers and it becomes a network

[holophrastic]

Let me start by saying that I have no real experience with solving networking systems. I do, however, have plenty of experience with network problems. With that out of the way. . .

What if you connect a router to each pump (that's 8 cheap routers I guess), each NATing it's pump. Then you can configure each router with a different IP address of your choosing. A ninth router (or a switch) connects your laptop to the 8 routers as a network of 18 nodes (8 pumps behind 8 routers, a switch, and your laptop). All ethernet, a normal network, your laptop addresses the "outside" IP address of each of the 8 routers.

I picture you with a rack of 8 routers, a switch at the top, your laptop, and a whack of ethernet cables.

Re:Consider a mechanical/hardware solution.

[Karmashock]

Because if you can remotely connect and disconnect them then you can update them in you pajamas from the other side of the world.

You can also automate the entire process so that while it might take eight hours... you are personally not sitting there while it happens.

You can have a script run that sequentially updates each station and you can do so without actually having to physically go to the station.

The construction of the rig would be pretty cheap. You could hack something together with an arduino with an ethernet shield. or get yourself a Yun.

Your solution was pretty good

[LostMyBeaver]

It's not great... It's pretty awful actually, but it's about the best you can hope for if you can't get a software update to support something better.

I can recommend a much more efficient method of it works.

if the software will operate on Windows Server 2012 R2, you can do a core installation which runs pretty well on 256megs of RAM.

If you can make it work with WINE, you can run a Linux installation which consumes much less.

If it runs on ReactOS, that might be even smaller.

If it's command line, you might be able to run it on Intel Galileo boards and have one for each pump.

You can actually probably do a single USB Ethernet adapter and a switch with multiple VLANs and run Hyper-V which is amazingly efficient for running Windows guests.

There are many ways. I would be most concerned about Ethernet cables sprawled all over the gas station.

Small Form Factor PC With Quad Port NICs?

[_hAZE_]

Setting aside all the negativity (most of it relatively justifiable, even if absurd sounding, and most of it also relatively work-around-able):
  - Bricking all the pumps at once (I assume this is being done before/after hours, and there IS a recovery procedure)
  - Networking creating sparks that blow the place up (How is hooking up 2 cables to 2 pumps different than hooking up 1 cable to 1 pump)
  - Interrupting customers (Again, before/after business hours, or during non-peak hours, and only doing a few at a time)
  - Simultaneous hacking exposure (Connecting device doesn't have to be internet-connected, and in that case, how is connecting to one a time different than connecting to all of them)
  - Automating yourself out of a job/hourly pay (Nothing wrong with working smarter, rather than harder; applies to just about every career, even with an hourly wage) .. I'd look at something like a small form factor PC (yeah, not as convenient as a laptop) with a couple of quad port NICs.

Run your virtualization hypervisor of choice (VMware ESXi or VMware Workstation, VirtualBox, whatever), and install your vendor's preferred OS and software application as a VM. Clone it many, many times (as many times as you have NIC ports). Give each one of them a single dedicated NIC. Run cables to each pump, and start your engines (that's about as close as I can come to making a gas station pun).

It's a fairly simple solution in that it doesn't require any fancy networking knowledge (VLANs, iptables, NATting, etc), and you're using a very straightforward virtualization configuration that most vendors will agree is supportable (their preferred OS, a single network port, etc).

If you can find a way to setup a couple of quad port NICs on your laptop, you could probably use that as well. In fact, many laptops have the option of purchasing a "docking station" that often have PCIe slots. If that's the case, maybe that's all you need to make the above solution work.

I think that being able to do "4 or 8 at a time", using a solution like this one, would be a huge improvement over doing 8 or 16 of them "one at a time".

Re:Small Form Factor PC With Quad Port NICs?

[coastal984]

"Run cables to each pump, and start your engines (that's about as close as I can come to making a gas station pun)." Could have gone with "lift the handle". Decent solution though. A little 35w i3 packed full of memory might be able to get this done, and could be run off of a dc power inverter if need be. Get a little 15" USB powered LCD and one of those logitech keyboards that has the trackpad on it, and boom you're in pretty decent shape.

Re:VLANS

[ze_jua]

+1

Re:If the headline is posed as a question, the ans

[jittles]

Besides, if you can do it in 1/16th of the time, you might find your maintenance budget get slashed to 1/16th of previous year/quarter. From what you described, it seems you/they allocate about a day to upgrade each station (16 units at 0.5 hour each.) Beats driving around in traffic to 16 different stations a day, too.

Don't be silly. The maintenance will still take just as long. He'll just have much more time to focus on his real priority - Clash of Clans.

What?

[barbariccow]

Aren't you paid by the hour? Why would you want to work yourself out of a job

The absence of simple networking is by design

[dcooper_db9]

I don't know what laws might apply but since I used to maintain the certification databases for the American Petroleum Institute I would strongly discourage any workarounds. In the USA every nut, bolt and screw used in the oil industry pipeline is certified by the API. If you wanted to connect any device to the system you'd have to get it approved, tested and certified.

I would guess that the lack of a unique IP is just the first layer of security. If you hook two devices to the pump a the same time it would probably trigger a shutdown of the station. A subsequent internal investigation would find that someone had connected an unauthorized network device to the system. I won't guess what would happen after that but I wouldn't be surprised if it set of alarms in one or more federal agencies.

16 netbooks

[Bitmanhome]

Why 16 VMs? If you're looking to learn VMs and/or advanced networking, then sure go that route. If you're just looking to save some time, just get 16 old laptops or netbooks with ethernet.

Re:If the headline is posed as a question, the ans

[Cramer]

If this is like the upgrade I've seen, the ENTIRE STATION is down for the duration of the updates. The back office systems, credit card readers, EVERYTHING is down for updates and/or replacement. And the software is such a work of art, if any single piece doesn't work, you have to rollback the universe.

You're offtopic but I'll answer anyway.

[Medievalist]

Is there anything that uses Ethernet without using */IP?

Yes, tons of stuff. Dozens of protocols.

Is there anything that uses Ethernet without using */IP that also uses IP addresses??

Yes; there are a number of "companion" protocols that interoperate with IP when it's on an ethernet. You've probably heard of ARP and ICMP, to give just two examples. Neither of those is actually part of the Internet Protocol, and they don't ride over it, but they do use IP addresses on an Ethernet.

Re:You're offtopic but I'll answer anyway.

[phantomfive]

ICMP uses IP, and ARP typically does too.

Re:You're offtopic but I'll answer anyway.

[herbierobinson]

ICMP uses IP.

You are correct that ARP doesn't use IP.

The LAT protocol doesn't use IP, but nobody uses LAT any more.

There used to be audio distribution protocols that ran in the MAC layer on 100Mb Ethernet, but I believe they switched to running under IP when switches and routers learned how to do vLans and QOS.

Appletalk used to avoid IP, but I believe they switched, too.

Protocols the use IP are routeable; so, they are limited in utility.

See http://en.wikipedia.org/wiki/EtherType for a more complete list.

Begging The Question

[Jane+Q.+Public]

What OP doesn't say (and probably doesn't know) is how that IP address is assigned. As likely as not, it's assigned by the software he is using on his laptop, via DHCP by his host software; that would explain why they ALL have the same IP address. (Certainly that could be in the pump firmware, too, but we have zero evidence of that, so it could just as likely be the other.)

If the pumps actually get their address via DHCP, the software could be hacked to assign a different IP to each pump, and then using a simple ethernet hub or switch, run the firmware update in multiple threads, one thread per pump.

I don't know that's the case, but I have been given no reason to believe it is not.

OP should find out how the IP address is being assigned. He could probably do that simply by trying to telnet into the pump, or using one of the many bits of network analysis tools available.

No wireless, use multiple laptops

[Brianwa]

Many people on here are suggesting the use of wifi to avoid having wires going everywhere. Don't do that. Many embedded devices don't do sanity checking on their firmware images. A dropped packet could silently corrupt the firmware, or cause the process to stall for no apparent reason, or some other headache that you don't want to deal with.

In any case, these devices are on isolated machine networks and it's probably best to keep it that way. You should really just get multiple laptops. Once you get a rhythm going it's easy to babysit 3 or 4 laptops. You'll crank through the job pretty quickly and the constant motion from one to the next will keep boredom at bay for much longer than just staring at a progress bar.

Re:Consider a mechanical/hardware solution.

[Karmashock]

As someone that has worked with small business customers a lot... they don't care so long as it works.

If I need to update the firmware on the pumps, then no one is going to care how I do it so long as it works.

I also fail to see why this idea is less attractive then the more fully software methods? This is pretty simple and you could build a rig that did this in an afternoon.

what about cc sales?

[uncwjason]

Are the pumps not carrying out POS functions? If so, they're networked-

Please let us know what solution you choose

[sydbarrett74]

Petro-Tech, I'll echo others: please do a small write-up and let us know how you end up solving this. This project sounds cool. Pictures would also be nice. :)

Get Cheap Laptops

[WillShattuck]

The OP Said:

Set up 16 VM's with extremely stripped down XP running on each, with only one USB-ethernet adaptor assigned to each VM

Instead, get 8 cheap laptops, and set them up to do the same thing. As others said it may only be a serial interface rather than an actual network port and you don't want broken pumps.

An actual answer that isn't idiotic

[CyprusBlue113]

Why the hell is everyone saying he needs crazy vlan rules or expensive switch magic or even some rediculous number of VMs?!?!

Switches are fucking stupid and don't inspect layer 3 unless you beg them to.

Step 1, see what the list of mac addresses is with basic ping and dump
Step 2, just throw a translation table up for a pile of 10 addresses to static far side arps + DNAT and just do what you need to to those with a 5 line bash script.

This is literally a 2 minute job...

Fucking amateurs....

Re:An actual answer that isn't idiotic

[CyprusBlue113]

I'm sorry, mangle not DNAT, so it's post routing / arp translation. The idea is you don't nat, but just rewrite the ip header and do the real communication all at layer 2 via mac addresses.