I haven’t been in this sort of industry for awhile now, so I might be a bit of out of touch but I imagine this hasn’t changed since I left.
I saw a fedi post recently that talked about how corporate wouldn’t let them purchase a little switch for their office to make file transfers quicker. I won’t link it here because what I’m going to dive into isn’t the point of that post but I do have experience with why corporate don’t want you to plug in that 5 port Netgear switch that everyone buys1.
BTW, IT is likely doing their best and balancing reliability, cost and supportability, along with a dozen other user issues. Regardless your company should help you solve the problems you have with infrastructure rather than just saying no.
Today we’ll be focusing specifically on the layer 2 (ethernet) technical details. We won’t be talking about the security, privacy, safety, or physical reasons. There’s a lot of legacy reasons leading to cause of this, so before we dive in we need to understand some context as to why a corporate network have separate network segments and how this impacts the fault conditions we’ll discuss.
If you work in a big building like mine, or a large campus you could hundreds to thousands devices connected to the network. Devices broadcast a lot of traffic. This traffic goes to all devices. This includes working out what IP address should assigned, what hardware address maps to what IP address, and things performing network discovery so that icons pop up to indicate there’s a printer or streaming device available. This traffic is all sent to every device on the same segment. Scaling this up to thousands of devices would cause a lot of wasted bandwidth.
Even if we have enough bandwidth to handle all the screaming from devices, we still want to make sure our system is reliable. If some of the incidents I’m going to describe below happen, we want it to impact a smaller set of users, rather than the whole network.
Ok. Lets start building our network. One switch can’t handle all our users, so lets go down to our local office supply store and pick up the cheapest network switch we can find.
Perfect. Then someone accidentally kicks the switch with their foot, stuff gets unplugged and there’s a rush to plug everything back in. We then end up with this.
The two switches end up plugged into each other. If you bought switches with spanning tree protocol (STP), then this is fine and will work2. If you didn’t, we end up with a loop.
What happens is the ethernet frames get sent back and forwards forever building up until there’s no bandwidth left for any legitimate data. This is why we have spanning tree protocol.
Problem solved! Just buy switches with spanning tree…. except… it’s a little more difficult.
Consider this example. We add our switch into this complex network.
We plug in our pirate network switch. And suddenly the whole network stops for a minute or two. What just happened is that spanning tree had to reconfigure itself. This is because your switch happened to be configured with a lower priority than others and became the root switch.
You’ll notice that not only did we get hit with spanning tree reconfiguring, but also our pirate switch has forced the algorithm to select slower links than we would otherwise have available.
To make matters worse, there are multiple different types of spanning tree: STP, R(apid)STP, M(ulti)ST, P(er)V(lan)ST.
Lets go back to a dumb switch, that seems easier. What if we were to install it like above, but someone accidentally connects the dumb switch to two different switches on the network at the same time.
What happens here is that the spanning tree enabled switches can see a link to another spanning tree via the dumb switch. They aren’t aware of the dumb switch. This can cause issues like a large amount of traffic going via your tiny switch.
Ok. Maybe we are careful and we don’t connect another switch to ours. Someone finds a loose cable and accidentally plugs the switch into itself.
Of course we have a loop. However since spanning tree thinks everything is ok, that traffic is also transmitted to the rest of the network. From the point of view of spanning tree, there isn’t a network switch there. Even if the wired network can handle the bandwidth, the WiFi access points might not be able to.
Another little quirk is that many switches are configured with a system called “port fast”. Usually spanning tree waits a period of time to figure out if there is a network switch on the other end. Port fast assumes the port is meant for a device and skips that learning/listening phase. This means that loops can exist for some time before a loop is detected. Port fast exists so that computers don’t have to wait forever to get a DHCP lease to get going.
To summarise all of this
All switches need to be spanning tree enabled for spanning tree to be effective
All switches need to be configured correctly so that the suitable paths are selected
For a stable network, switches need to be configured to prevent pirate switches
Preventing pirate switches
A number of configuration options exist to to prevent issues when switches are connected:
BPDU Guard : BPDUs are the messages sent by spanning tree. If a switch detects this on a port that has been designated as a user port it will disable the network port and requires manual reset.
Root guard : This flags which ports on the switch we expect to find the spanning tree root. We disable ports that would have resulted in a root we didn’t expect
Loop guard : Detects packet loops and disables the port
Setting low spanning tree priorities
Mac address limit : We can detect dumb switches by counting how many devices a switch port can see
Bonus 0: VLANs
How your network is configured to handle spanning tree and VLANs could be one of many many many configurations. The network might have VLANs have cover only some switches for some VLANs. Spanning tree could be running per VLAN, or a group of VLANs. This means connecting a spanning tree switch might only impact one spanning tree instance leaving loops possible in other VLANs.
Bonus 1: Unidirectional Link Detection
Unidirectional what? We like to think of network links as working or not. But there’s a secret third option - working only in a single direction. This is especially common with fibre optics and media converters.
From spanning trees point of view, it can’t see a switch on the other side and will start forwarding packets towards it, thus causing a loop. We use UDLD (Unidirectional Link Detection) to prevent this.
Bonus 2: Virtual machines
Virtual machine systems, especially complex ones, can introduce their own switching and bridging to the equation which can cause loops when trying to configure redundant links or port aggregation. They also pose other possible threats such as duplicate virtual mac addresses. Typically these will trigger the mac address limits on ports.
Bonus 999999: what about TRILL? SPB?
Network vendors don’t have your best interests in mind and decided to fuck the standards for their own vendor lock in needs.
Bonus 1000000: UniFi have a web interface to make configuring this stuff simple
So did Cisco in like the 90s. Much like UniFi it also sucked at enterprise scale.
Other reasons
So while we discussed just one technical aspect as to why just yeeting random switches into a network is a bad idea, there’s many more.
On going maintenance - firmware updates/patching
Security - if its a managed switch (common for STP support) then ensuring its configured securely
Privacy - we don’t want to open the network up to sniffing of traffic
Safety - Testing and tagging, cable tripping hazards
More technical - Sometimes what people think are switches are routers and provide a rouge DHCP server
I’m not sure if its just because they were super common or because they failed so often, but these were often found at the centre of network issues. ↩︎
Unless configured otherwise, this does not give you twice the amount of bandwidth. ↩︎
Facebook marketplace seems like the perfect place to grab a bargain on preloved bicycles looking for a new home. But is that new bicycle stolen property? Facebook’s lack of regulation, enforcement and inherent design makes it the perfect platform for stolen goods. Combine that with police unwillingness to aid in bike theft recovery (when compared to automobiles), it’s very common to see stolen bicycles on Facebook Marketplace.
Before we go to far, the below checks aren’t perfect. They are signals to be cautious but not definitive proof that a good was stolen or not.
Additionally the person selling the item might not even be aware it was stolen. They might have purchased it from someone else, it might have acquired from a police auction, it could be from an estate sale, or some other legitimate means.
Finally, we also need to consider why bikes get stolen. With the increased cost of living, housing crisis and lack of social support - people are going to resort to any means to get by. This isn’t excusing their actions, but provides context as to why we might be in this position start with.
PropertyVault
First up - the obvious. Has the bicycle been listed on a stolen bicycle websites. In Australia the goto is PropertyVault. If you do find out that the bicycle you’re interested in is listed on PropertyVault then please fill out the contact form on the site. Take screenshots of the Facebook listing in case it is removed.
Dodgy spray paint
For low end bikes, it’s not uncommon for bicycles to be spray painted to remove all discernible markings and customisation. The thought process I think here is that they can sell it has a generic bicycle without being caught or detected from selling “your” bike. I’m really not sure who buys these - but highly likely to be stolen. Often you see overspray on cranks, chain, spokes because disassembly isn’t trivial and who has time for that.
Selling a lot of bikes
The average person doesn’t have a stockpile of 20 bikes they are trying to sell. There’s certainly people who do like bikes, like repairing and enjoy selling them to get people riding so you do need to use some judgement here. Some ways of determining legitimacy further: are they operating under a company? Do they seem to have a workshop? Do the descriptions seem like they are written by someone who knows/likes bikes?
It’s also worth looking at sold history. Even though a seller might only have 3 bikes up for sale, they might have sold many many more under the same profile.
Broken spokes / damage from lock
This is more common on bikes with Axa locks, but check for spokes being damaged. It’s very easy for spokes to be damaged when snapping locks through twisting or in the case of Axa, not realising its locked and trying to ride. There might also be evidence of where an Axa lock used to be mounted.
Missing e-bike charger
There are many e-bike charger standards and pretty much all e-bikes come with a charger. If the bike is being sold without the charger, or without the key to remove the battery, then good chance its been stolen off the street. The common story is “lost in house move” - which to be fair, is very likely. But treat with a lot of suspicion.
Selling lots of high value items
Is the seller also selling other suspicious items. Lots of powertools? Many iPads and iPhones? Gold and jewellery?
Profile doesn’t match actual person / sus
Facebook profiles that don’t match the sellers location or the person you meet doesn’t look like the profile picture. Maybe it’s a brand new profile, or no other items listed.
Poor / odd photos
High end bikes being sold with 2 crappy at night photos? Photo taken from within a public toilet? (I’m not even joking)
Incorrect model or part descriptions
Not looking for typos here but rather completely getting the model or parts wrong. In the below example this Aldi “ROAD 700” is being sold as a “RORO” because thats what it looks like when you look at the decal from the side. Another common example is when parts have been replaced. Sellers sometimes use the specifications found on manufactures websites rather than the actual parts installed. Some listings even have have bikes model or brand listed as one of the drivetrain parts like “Shimano”.
Example of parts not matching bike:
Same bike listed by multiple sellers
Some sus sellers use multiple accounts to sell their wares. Sometimes they get sloppy and sell the same product on multiple accounts.
If you’re reading this looking for possible solutions to Toyota LandCruiser 200 series 4WD system or door locks - remember that this post is very bias’d towards a very specific problem. If you have a sun roof then check electrical connectors and wiring for corrosion and water damage first. If your actuator isn’t working correctly start by cleaning it.
It’s unlikely that your issue will be the same as ours.
While/after visiting Adelaide for Horus 64B launch our car had developed two issues. The 4HI/4LO actuator was failing to operate correctly - the main symptom was clicking/ticking.
The second was slow door locking action. Lets tackle this one first. For Horus 64B launch I decided to locate the door motor wire for a passenger door and disconnected it. The reason for this is that it allowed us to safely run cables out the window without the risk of coax cables being pulled out from accidental door opening.
After the launch I wired the door back in but the doors unlocked really slowly and often the passenger door I modified failed to operate at all. I checked all the fuses, voltages, terminals and everything seemed fine. Disconnecting the motor and the other doors look worked ok, though maybe a little slower than I was used to. Maybe it was a coincidence? I’ve ordered a replacement door motor to see if that resolves the issue. We’ll return to this some other time.
Back to the 4LO problem. The issue was first discovered when performing a routine exercise of the actuator. This happens so that the unit’s grease doesn’t dry up and cause issues with the motor and contacts. Unfortunately the operation failed and not in a great position either. It was neither in 4LO or 4HI, and we were still in Adelaide. The way these work is a long rod that has a rack and pinion that pushes a shaft in and out to engage high range or low range. My initial thought was open up electric motor assembly, either fix it or at worst push the rack into the correct position to get home.
This is from a different vehicle but it shows the core components of the actuator
The assembly is in a plastic housing. I foolishly thought what I was removing was just a plastic cover, however both sides hold components. So in removing the plastic cover, which required a bit of force to break the seal, many of the components fell on the ground.
I’m not sure if I caused the microswitch to be damaged (I assume so) or if its been broken the entire time - but that seemed like a problem. Seems simple - just order a replacement micro switch - however that microswitch is unobtainable. It seemed to have only been made specifically for these transfer case actuators.
I forced the rack into the correct position and we drove home without issue.
With no way to obtain a replacement micro switch (did consider 3d printing) and being unsure of the exact issue Droppy ordered a replacement actuator - $700. The actuators are known to get weak or not work correctly after time. This is a 2008 vehicle after all.
The “correct” way to perform this replacement is to drop the transmission and replace the entire actuator assembly (both center diff and 4lo). That’s not something we are going to do. The reason for this is that the actuators are “clocked” or aligned in factory so that the encoder slip ring contacts are lined up with the position of the rod. Removing the main gear removes this alignment which means it requires realigning/clocking/timing. IH8MUD (huge shout out, always a ton of good info there) has some advice on doing this alignment - but I’ll share a trivial method below.
When the new actuator arrived we instantly noticed that the microswitch for the 4LO system was missing. This actually wasn’t to unexpected - we were aware that new revisions of the part were missing the switch. The diff lock side still had the switch if we needed it.
The first step was to install the new 4LO actuator as is and see how it goes. The clicking remained and worse is that it didn’t put the rod into the correct position. It took about 6 to 3 minutes to change - and the slow transition resulted into some not nice noises (while it was getting in or out of gear). We initially thought that given that a DC motor was used that there was some calibration process that configured a motor powered timer. This was not the case.
Side note here. I was wondering why there’s “bad noises” when placing the car into park when the car is in between 4LO and 4HI. I think the reason here is because the output from the auto transmission has no resistance and is freely spinning as the wheels typically would force the shaft to stop. Putting the car into park will be resulting the parking pin trying to be inserted with the output shaft moving. If you know your not in 4LO or 4HI (neutral) then stop the car in neutral gear then shift to park.
When looking at the new and old part more carefully you can see why. The positions of the contacts are entirely in a different spots.
Droppy went and found a bunch of the part numbers and it seems like there are wide variety of parts with unknown compatibility between series.
Actuator
36410-60101 is 2017-11 -> 2010-01, but 36410-60102 can be substituted for that according to the parts list.
36410-60102 was fitted 2010-01 -> 2010-09.
36410-60120 (which we have) was fitted 2010-09 -> 2015-08
4wd computer:
89533-60240 (2007-09 -> 2007-11)
89533-60241 (2007-11 -> 2010-09)
89533-60380 (substitute for above) (2007-11 -> 2010-09)
89533-60242 (2010-09 -> 2012-01)
89533-60390 (substitute for above) (2010-09 -> 2012-01)
Transfer case:
36100-60B11 (2007-09 -> 2010-09)
36100-60B12 (2007-09 -> 2010-09)
36100-60B20 (2010-09 -> 2012-01)
So the next idea - use the parts from the new actuator but the base of the old to rebuild one good one. Motor, gear, microswitch all replaced out. A gear puller was fashioned out of some box section (this was so I could use the center diff lock motor).
With the new/old one built it was reinstalled in the car and….. the same issue. Even running the assembly without the rack it still struggled to move around.
At this point all the wiring to the actuator was tested. All good and fine.
I guess the 4WD ECU is dead? Alex helped me remove the drivers side dash and panels to get to the 4WD ECU.
Removing the case from the 4WD ECU, nothing revealed itself.
Although the 4WD ECU has CANBUS maybe it’ll still set the actuator position at start. After running through the wiring for the actuator and 4WD ECU a ton of times we were able to trigger it to run the actuator on the test bench and …. it works. So what the heck is going on in the car.
The 4WD ECU can (well ours can) be tested on the bench by faking some signals. We can use the service docs to find those signals.
The motor is connected to pins 2 and 6 on the large pins of the ECU. These correspond to pins 1 and 2 on the actuator side. You can connect these either way during testing if you aren’t placing the gear assembly in the housing as the motor will just spin the opposite way.
Pins 1,2,3 on the small pins correspond to the position sensing of the 4HI/4LO actuator. These are either disconnected or connected to neutral to signal position. From memory I connected pins 2 and 3 to neutral to trigger the motor to spin. This should signal to the ECU that the transfer case is in between 4LO and 4HI
For power of the ECU, pin 4 on the big contacts is neutral and pin 3 for power.
I also connected pin 8 on the small contacts to ground to simulate the diff being in the correct position.
To make the connections I used alligator clips on the large pins alternating between using the pins or making connections on the back of the connector. For the small pins DuPont connectors were used.
Please don’t trust me, double check my work.
Thinking some fucky electrical thing was happening we disconnected all the dual battery system, removed all the electronics that were plugged in and removed all the main body fuses that weren’t necessary. This did not help.
The next part was to test the wiring to the 4WD ECU itself. We noticed a ~5 Ohm resistance between the 4WD ECU neutral terminal and the body of the car - which seemed a little high. This indicates a wiring harness fault. Uh that’s not fun.
I expected that the neutral would be found near the drivers dash as well - however the neutral runs all the way back to the Main Body ECU in the passenger side dash. Sigh. Ok all the passenger dash ripped out to get to the Main Body ECU.
I spent far too long trying to work out how to remove the Main Body ECU however once the glove box is removed it does just come straight forward. We had a lot of extra cables in the way that made that non obvious.
With the ECU removed we tested the resistance between the two ends of the wiring harness - fine. We tested the neutral between the Main Body ECU and body earth - fine. What the heck is happening. Then I decided to test the neutral across the front and back of the ECU. 350 Ohms.
That’s uh. weird. We removed the cover from the ECU and found the secret “fuse”. For some bizarre reason Toyota thought it was completely ok to run the neutral for bunch of subsystems across this tiny trace which wouldn’t be able to handle the max fault current in the slightest.
At least the fault was self evident though a clean break would have made troubleshooting easier. Some bodge wire was added. The actuator motor now spins fine.
So how did this happen. Well remember at the start when I said I was messing around with doors. I believe while I was metering out what to cut I caused a short. I didn’t think much of it at the time because no fuses blew and everything worked ok. Now that that the Main Body ECU PCB trace is fixed the doors work fine.
I did wonder if maybe there was a lifted neutral as well. But checking the circuit diagram reveals that everything I’ve discovered is the correct/only neutral path.
What was left to do was align the actuator position/timing (“clocking”). I discovered a fairly novel way of doing this. Hold the assembly in your hand, connect it to the car, but don’t connect it mechanically. Hold it in a way that your hands are clear from the gears (it moves faster than I thought it would), but applying a bit of force to the shaft to keep the contacts down - then have someone turn the car to on (don’t need to crank) and let the motor spin and it should stop at the correct position. For us, setting the 4WD to 4HI is easiest as the then rack just needs to be pushed ALL the way in. Without adjusting the position of the actuator gear, now insert it into the rack and screw it down. It should be in the correct position.
Now about that micro switch - it’s not required. I suspect the purpose of this switch was to signal to the car/transmission that the car was effectively in neutral. I believe it might throw an A/T/P warning (warning you that the transmission isn’t in park so the car can roll away if the parking brake isn’t engaged) when this switch is active. I guess maybe Toyota were concerned that the 4WD ECU might fail and not report the neutral position, or possibly that part might be replaced with one that doesn’t output the signal?
However the transfer case already knows this information (it’s how it knows to keep driving the motor) so they likely just removed this from future versions since the switch was pretty useless and kept breaking. I tested that the switch isn’t needed by taking the left over no micro switch version and letting it run from 4HI to 4LO without issue.
Here’s a video of the actuator being clocked and the microswitch not being required.
