New AP floods desktop with SFW2 blocked NTP lines in dmesg

English Network/Internet
1

I’ve been scratching my head for some time with this.

Long story:

I bought a DLink DSL-2740E ADSL2+ Wireless N300 modem/Router to replace the ISP “technicolor” modem/router which besides having crappy WIFI also implements an open network I can’t disable, part of the so-called Worldwide FON network - https://en.wikipedia.org/wiki/FON. Note: choosing not to participate won’t disable the FON newtork, contrary to what the ISP site says.

I ran into two problems, the first, which I’ve kinda quit trying to solve, was:

Problem 1 ------------------------------

I can’t install the DLink using the wizard, but it does connect to the “internet” with manual config, mainly VPI/VCI setting using PPPoE and LCC encapsulation - not that I understand all this, but most are default settings, the same as in the technicolor modem.

The problem is, it appear not to resolve any names, but I can ping external sites - at least I could ping 8.8.8.8, one of Google DNS servers.

I compared both modem configs, but the interfaces are different and a number of settings in one do not appear in the other, etc.

I also tried setting the DNS servers manually (instead of the router internal IP), both using google servers and the ones listed in the crappy-but-working modem status page. No joy.

So until I had time to try to fix this - if ever - I decided to disable the technicolor modem wireless, which gets rid of the FON abomination, and use the DLink as a wireless access point.

End of problem 1 description, start of problem 2 --------------------------

Easy, right? After all, I’ve done this a number of times. Yeah, right…

Currently, my home network is like this:

modem/router/wifi in the office -----> wired-only gigabit switch (connected to three CPUs and WDTV) -----> secondary wired/wireless AP in the living room.

The modem/router has DHCP enabled only for a narrow range (for a chromecast and a few guests), all other NICs have manual IP set.

The modem/router wifi SSID is WIFI1 and the secondary AP is WIFI2, set on different channels.

So I connected the DLINK by wire to the technicolor (its not chained to the gigabit router), disabled technicolor’s wifi and enabled the DLink wifi, configuring it as SSID WIFI1 with same password et all so it would be a drop-in replacement.

FON network gone (after a “shocked” warning, as if it would be a bad thing!), and for a couple of days I had very good connectivity by wifi with the internal network, BUT very poor internet connection on BOTH APs, however WIRED connections could access the internet without perceptible loss of performance.

Summing up:

a) Good connection to internal network either wired or wifi.
b) Very slow/timing out connection to the WAN by wifi.

End of problem 2 description ------------------------------

technicolor modem/router LAN IP: 192.168.1.1/24
DLINK (as AP) LAN IP: 192.168.1.5/24
One desktop LAN IP: 192.168.1.3/24

The DLink as AP is not set to serve DHCP nor DNS, nor is it (obviously) connected to the phone line.

With the DLink AP, the desktop gets flooded with:

[Jan26 14:29] SFW2-INext-DROP-DEFLT IN=enp3s0 OUT= MAC=<*DST MAC*>:<*SRC MAC*>:08:00 SRC=192.168.1.5 DST=192.168.1.3 LEN=76 TOS=0x00 PREC=0x00 TTL=30 ID=56040 PROTO=UDP SPT=8888 DPT=123 LEN=56

Port 123 is the NTP standard port. IANA list port 8888 as:

|ddi-tcp-1|8888|tcp|NewsEDGE server TCP (TCP 1)
|---|---|---|
|[Fred_Yao](http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml?search=8888#Fred_Yao)]
|[Fred_Yao](http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml?search=8888#Fred_Yao)]|||||Known Unauthorized Use on port 8888
||
|ddi-udp-1|8888|udp|NewsEDGE server UDP (UDP 1)|[Fred_Yao](http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml?search=8888#Fred_Yao)]
|[Fred_Yao](http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml?search=8888#Fred_Yao)]|||||Known Unauthorized Use on port 8888||

End of long story…

So, why is NTP port being blocked in the internal network?

Is it possible that the DLINK as AP is still set to retrieve NTP time, and don’t know where (but it should)?

Thanks for any suggestions,

Bruno

2

Hi
Sounds like custom firmware;
http://forums.dlink.com/index.php?topic=62422.0

Port 8888 is not ntp (port 123 is), sounds like something in the firmware (see above).

You should be able to set the DNS servers (check the manual)?
https://www.dlink.com.br/produto/modem/dsl-2740e

3

Hi Malcolm,

Thanks for the links. I’ve been there but to no use. The firmware has no updates - the one in the downloads page is for another ISP in Brazil. This have been confirmed by their tech support. At least they will send me a RMA if I think the modem is defective - as it might well be, since the wizard won’t work for the one of the largest ISPs here.

The modem was bought in the store, not from the ISP, so the ISP support only helps to set up, if at all. And one girl I talked to choked on the web interface being in English, as her example screens were in Portuguese, from the ISP-supplied version of the modem.

The manuals are very basic, no help there - I’ve been through them a couple days ago.

I’m thinking about setting the DLink again as an AP and see if the date/time is configured to NTP, if so I’ll disable it and see if the problem stops. But I don’t think so, since wifi performance is OK internally. This AP should have NOTHING to do with DNS serving, this is done in the crappy (technicolor) modem.

So I’m thinking the problem lies elsewhere, maybe a defect (firmware or hardware) in the DLink modem itself.

4

Hi
Maybe you can do a factory reset on the device? Should be a pinhole somewhere to press, plug in the power and wait for all the LEDs to flash, or something similar?

If that doesn’t work, sounds like it is perhaps defective…RMA time :wink:

Maybe you can get a different model and run openWRT on it?
https://wiki.openwrt.org/toh/d-link/start

5

Yes, after most failed configuration attempt I’d reset the modem to start from scratch. This time I reconfigured it as AP and set time/date manually, and guess what: IT’S WORKING!!! :slight_smile: :slight_smile: :slight_smile:

If it doesn’t fail again I’ll keep it as an AP, else RMA it is.

I looked into this some time back, but hardly any router I could easily find (i.e., at the mall) was compatible. I’d have to import one, or something, too expensive around here - or, to put it better, not an enticing cost/benefit ratio… :wink:

Thanks for the help, Malcolm.

6

I’m still puzzled about problem 1, however. No idea why it’s not resolving names.

7

And no dmesg flooding too.

8

Interesting problems. Thanks for posting the solution and I’m glad it’s resolved :slight_smile:

9

Just an observation…

You seem to have your secondary AP (Dlink) configured in bridging mode where the networkID is the same both upstream (your technicolor) and downsteam (your wireless clients).

That’s possible but unusual.

Without knowing more how and why you have a working sceario, IMO it’s impossible to do more than wildly speculate why things like packet filtering may be blocking.

TSU

10

I’m not sure I understand what you mean. The SSIDs are different: WIFI1 on the new, not-anymore-problematic DLINK, and WIFI2 on the secondary AP, also a DLINK but an older model.

Is that it?

11

If I understand correctly, I don’t think so. The secondary DLINK (this one: http://us.dlink.com/products/connect/wireless-n150-home-router/# ) is connected only through the LAN switch ports. It has no Bridge/AP/other setting in the web interface, and I read somewhere that for it to work only as AP - not as router - it would suffice to use the LAN ports only and, of course, disable the router stuff such as DNS server and such.

12

I’m going off what was described in the first post

**End of problem 2 description ------------------------------

technicolor modem/router LAN IP: 192.168.1.1/24
DLINK (as AP) LAN IP: 192.168.1.5/24
One desktop LAN IP: 192.168.1.3/24**

Whether intentional or not, to me it looks like his connection upstream to the technicolor is 192.168.1.x and the connection to his LAN is the same (192.168.1.x) using the default Class C mask /24.

APs are typically set up as routing devices which means that upstream and downstream networkIDs have to be different.

So, who knows why his setup works at all?
Maybe it’s working today but won’t tomorrow.

TSU

13

Well, this network configuration has been working for at least a year, probably more. My issues started when I tried to install the new modem, first as modem/router AP in substitution of the ISP one, and then only as AP. I probably didn’t explain the network well, it’s as below, with everything set as 192.168.1.x/24 (same LAN, same mask), where x is:

1 = ISP modem (technicolor), working as modem, router, DHCP (for guests only) and DNS, no wireless.
5 = modem DLINK DSL-2740E, working as wireless AP only, SSID WIFI1, modem and router disabled.
10 = router only DLINK DIR-601, working as wireless AP and switch only, SSID WIFI2, router disabled (by not connecting the internet port).

AFAICS it doesn’t seem to be necessary to have one network for each AP/different SSID, is it?

Well, AFAIU mine are not set as routers.