Tag: imposter syndrome

Double Nattering……..

Well, stepped far out of the world that I’m allowed to exist in.

I’ve said before that I really don’t particularly care about computers.

Didn’t say that I didn’t understand them, just that I didn’t particularly care about them.

Recently one of the last remaining electro-mechanical elevators was modernized at the hospital. Due to a misunderstanding there was no provision for connecting the elevator to the existing monitoring system to allow the shift engineers to be notified when an elevator breaks down or when someone accidentally presses the alarm button but doesn’t stay to answer the operator, the engineer can prioritize responding to the elevator depending on if the system says the car is out of service or if the car is in service.

Anyways, to run a direct line from the elevator controller to the computer in the engineer’s office was going to cost about $10k to run the shielded CAT6 cable in conduit with about four holes that would need radiographs and coring.

Existing hospital network to the rescue.

The entire hospital is covered with CAT6. Each subnet on the network is basically a switch or gang of switches. The switches in use have 48 ports on them and the switches can be physically uplinked together giving the hospital at least 6 switches per subnet which is 288 ports, 286 when you take away the broadcast and gateway for the subnet. That’s 254 subnet ports + 32 ports that can be used by other VLANS.

So, lots of room for a measly elevator controller to traverse the network.

Isolation Meets Legacy Monitoring: A Practical NAT Story

For the sake of illustration, I’ll use the following fictional IP addressing:

NAT 1 (Engineer’s Office)
  WAN uplink: 1.2.2.3
  Monitoring gateway (LAN): 2.2.1.1
  Monitoring workstation: 2.2.1.2

NAT 2 (Comox Building Elevator Closet)
  WAN uplink: 1.2.3.4
  Elevator B11 gateway (LAN): 2.2.2.1
  Elevator controller: 2.2.2.2

My goal was straightforward: keep the elevator controllers off the main hospital user network, while still allowing structured monitoring traffic to traverse it. To solve this, I deployed a pair of Moxa NAT‑102 devices as dedicated Network Address Translation gateways between the monitoring workstation and the elevator controller domains.

Though NAT devices live in private space internally, they behave more like protocol-opinionated security routers than plug-and-play default gateways. Their firewalls operate in a default-deny, stateful inspection mode: inbound traffic is rejected unless it matches an existing outbound session or a specifically declared rule. In this architecture, flows are permitted because they originate from the monitoring workstation (the client) and are expected by the controller (the host) — not because broad inbound access was opened.

Here’s the packet walk:

  1. The monitoring workstation (2.2.1.2) sends an outbound request for controller data, addressed to the remote NAT’s WAN (1.2.3.4) using the local closet NAT (2.2.1.1) as its next hop.
  2. NAT 1 modifies only the source address, replacing the original host IP 2.2.1.2 with its own egress IP 1.2.2.3, and forwards the packet across the backbone to NAT 2.
  3. NAT 2’s firewall permits the packet because a rule exists to allow flows from NAT 1’s WAN IP (1.2.2.3) into its routing table.
  4. NAT 2 routes the session internally to the Elevator controller LAN (2.2.2.2) via its local gateway interface (2.2.2.1).
  5. The elevator controller processes the request and replies with the requested data. The reply is not blindly broadcast across the LAN — it is returned inside the NAT session state table, allowing NAT 2 to map the translated session back to NAT 1.
  6. NAT 2 applies NAT in the same direction as the reply flow: replacing its own source 2.2.2.1 with its WAN 1.2.3.4, and sends the packet back across the backbone.
  7. NAT 1 permits the inbound packet because it matches an expected reply from NAT 2 and then delivers it back to the original client (2.2.1.2) through its LAN interface.

This design keeps critical OT equipment segmented, predictable, and unscannable from the wider network, while still allowing exactly one channel of monitoring truth to pass in and out. It’s not glamorous, but it works — and that’s often the most important engineering KPI in a 24/7 healthcare environment.

And thus the elevator LAN is isolated from the hospital LAN and vice versa even though they are directly connected to each other

The engineers can see the status of elevator B11 and can receive emergency email notifications when it breaks down.

Bobbie, you must be so proud of yourself!!!!!

For what?

As my father always said, it’s not like I built this shit. So why the fuck am I taking credit for something that somebody else created and made possible?

I didn’t build the fucking Moxa NATs.

I didn’t create the idea of using NATs to hide one private network from another private network.

I didn’t write the software on the monitoring computer.

I didn’t write the software on the elevator controller.

I didn’t create the Transmission Control Protocol / Internet Protocol.

I’m not a genius.

I’m not a geek.

I’m just doing something that anyone can do.

Imposter Syndrome

I think one of the most crippling aspects of my personality is the imposter syndrome that I suffer from.

I have absolutely no idea of what I could have done in life.

But it hasn’t just been my lack of formal education that has held me back.

Yes, I only have grade 8.

But I also obtained my grade 12 GED with absolutely no preparation and no studying.

My marks were in the low 50s. Which is actually quite good.

The final scores on a GED equal the percentage of graduating high school students that your grades were equal to.

On the GED you absolutely do not want 100% as your final mark.

I consider myself to actually be quite stupid.

Yes, I know that there is a lot of shit that I can accomplish, but still my brain is locked on to this idea of how absolutely stupid I am.

And this causes problems at work. Oh boy does this cause problems.

I’m a qualified 4th class power engineer.

I am the Chief Engineer of a 4th class power plant.

I oversee 5 shift engineers, 3 maintenance engineers, an assistant chief engineer, and some casual engineers.

But where my imposter syndrome causes me issues is with the other engineers.

I can do things that are so far above my qualification levels.

The most recent being the replacement of the soft starter on chiller #3.

Chiller #3 has a 600 volt 450 hp motor.

This motor cannot be started across the line.

Originally it had a mechanical reduced voltage Wye-Delta starter that had been replaced with a solid state soft starter in the 90s. Well, that soft starter up and died last year.

The service company came back with a quote of $32k to replace the soft starter.

I found a brand new soft starter for $7.5k, so I decided to go with this ABB soft starter.

I had to guide the electrical department through how to connect this drive to the chiller and interface it with the chiller.

Chiller Brains
Soft Starter Relays
Soft Starter and Line Contactor
Soft Starter running for first time

Absolutely none of my engineers would have been able to do this. And it’s not for a lack of training or explanation.

And this is where the imposter syndrome kicks in really bad.

If a fucking idiot like myself can understand how to interface the soft starter to the chiller so the chiller can command it and so it can send feedback to the chiller, why can’t my subordinates understand too? We’re all 4th class power engineers. Actually two of my guys are 3rd class power engineer, but still?

I have no special training.

I have no special schooling.

And there was even some eye rolling from the chiller mechanic when I told him what I was going to do with the chiller.

“Bobbie, make sure that you connect the MCR1 and MCR2 relays as they are or the chiller won’t start”.

So I hauled out the schematics for the old Wye-Delta starter and the MCR1 and MCR2 relays were only used with the old mechanical wye-delta starter that had been tossed in the bin in the ’90s. The relays actually had to be jumpered in such a way just to make them engage so the chiller would start.

This caused ‘discussions’ back and forth.

I’m happy to report that the chiller starts just fine without the useless MCR1 and MCR2 relays.

Originally the chiller used a current donut on one of the 600 volt phases to monitor how much power the chiller was consuming. This went through a little converter board that changed the AC current into DC and then put it through a divider network to obtain a 0 to 5 volt signal. This 0 to 5 volt signal was then fed to the chiller CPU.

I happy to report that the chiller works just fine without this convertor board and that the chiller amp display now matches the actual current consumption of the chiller.

Well Bobbie, why don’t you take training or courses and move up in the world?

I am literally the dumbest fucking person you’ll ever meet. I am not smart. I just read. That’s it. My magical skill is reading.

And this causes me issue.

If I am the dumbest fucking person that I am aware of, why can’t anyone else do what I can?

A few years ago I put together a networked monitoring system for monitoring the temperatures of the refrigeration systems in the kitchens, the pharmacy, and the blood bank. This system just uses a bunch of stand alone refrigeration controllers networked together with RS-485 and some web servers. When I try to show the other guys how to program the system, or change settings on the system, you can see the puzzled looks coming across their faces. It’s almost as if I’ve started speaking in a long forgotten language or there are tentacles popping out of my face.

Again, there’s no coding involved. It’s just logging into a system made from off the shelf components. The webserver is meant to be programmed by supermarket store managers.

Where could I have gone in life without this imposter syndrome?

Who knows?

What causes imposter syndrome?

Apparently having depression and anxiety set one up for experiencing imposter syndrome.

Upbringing also plays an important part in setting one up for experiencing imposter syndrome. Apparently inconsistent parenting and unsupportive parenting place one at risk for developing imposter syndrome.

In the mean time I guess I have to be content with being the asshole who won’t “share” his knowledge with others…….