NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
[BUG] GS108tv3 blocks udp broadcasts to port 123
Hi Guys, I was evaluating the GS108Tv3 for table/POS access switch usage. I discovered that third party hardware suddenly was not able to communicatie with eachother anymore, so I investigated it...
Update:
We got a beta release 7.0.4.7beta that fixed the issue.
Currently the switch has been running production for 2 months I think, and not a problem that's related to that switch.
Of course I've seen weird things going on in the switch (upnp, weird configuration daemons and such), but it doesn't stop it from working. So that beta seems good.
Changing the management vlan will be my next achievement, I fear I have to do that with scripted tftp download, sed, tftp upload, reboot. As the web doesn't allow it, and the command line doesn't allow it. Maybe if we use the serial console, but we do not intend to solder one on every switch ;-).Anyway, past the initial problems of getting a support ticket opened (the "owner" is a different person than the tech support here), the support crew was helpful in getting it resolved.
Regards,
Ard van Breemen
So:
If I move the management-vlan to out-of-band (which is hard to do, because it refuses to do it from the web interface, you need to upload a configuration file with the management-vlan set) then it still blocks.
However: if I configure sntp broadcast syncing or disable sntp at all, suddenly udp port 123 broadcasts are forwarded, independent of the VLAN.
I would have settled for an OOB workaround, but I can not settle for a managed switch that I can't time sync. I need port 123 broadcast forwarded, it's a switch.
YeZ something to push towards Smart Managed Pro QA - specifically for this GS108Tv3 model, and in general for all Smart Managed Pro switch specs ....
schumaku and YeZ do you know what is the best way to get attention for this bug from netgear? I mean we are not really tiny customers. But a switch as the GS108Tv3 in it's current state should not have been sold if it fails to do it's one major task: switch traffic undiscriminately. And I think the fix should not be that hard, because the code currently actively ads an acl for udp port 123 on the switch asic. It can just not do that and everything is fine.
- YeZ is with Netgear and can talk to the product management internally. I didn't had a chance to chat with him for about two days why ever.
- You can fetch the running config from the switch by Maintenance - Upload - Text Config to see if there is really such a config in place intentionally.
Sorry to reply you later, this's by design on GS108Tv3 that SNTP using unicast mode by default, device drop UDP broadcast over port 123. If you don't mind, please change client mode from unicast to broadcast, the UDP broadcast over port 123 could be forwarding successfully.
Let's know if you have any, thanks.
Retired_Member wrote:please change client mode from unicast to broadcast, the UDP broadcast over port 123 could be forwarding successfully.
I'm struggling to understand why the existence of an SNTP client talking unicast (to/from a defined, single IP address!!!) should impact what is going on on both the management and other VLANs. Why should the CPU port "capture" UDP broadcast as this traffic is clearly not intended for it - and then the same on ALL VLANs? This ready like a fat bug to me...
And what-if the customer does not have a local (S)NTP server within the broadcast domain (that IP subnet)? The time on the switch would not be set... Many smaller networks relay on external NTP sources.
PS. I could understand oddities (impacting traffic on all VLANs) on a Smart Managed Plus switch due to the way the microcontroller for the management is attached - but not here on a Smart Managed Pro device.
Curious whart Ardje will say...
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
