NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
GS748Tv5 Printer Multicast blocked by Auto DoS
Hi. I recently pruchased a ProSafe Smart Switch. One of the features I wanted was Auto-DoS detection that shuts off ports that are suspected of a DoS attack. Whenever I enable this, the two Lexmark printers on our network are quickly disconnected. I have contacted support twice. The first time I contacted them, they told me that this feature should be used as a fallback and I should have a firewall in place between the modem and the switch. I have since purchased a ProSAFE firewall and got it set up, but this has not solved the problem.
I contacted them again. They requested I monitor the packets and send them too them, but they have not gotten back to me on a solution. The packets that cause the alert art MDNS or Multicast packets. Here is what one of the packets looks like:
1 0.000000 10.0.53.17 224.0.0.251 MDNS 278 Standard query response 0x0000 PTR Lexmark T430._http._tcp.local PTR Lexmark T430._ftp._tcp.local PTR Lexmark T430._tftp._udp.local PTR Lexmark T430._printer._tcp.local PTR Lexmark T430._ipp._tcp.local PTR Lexmark T430._pdl-datastream._tcp.local
I have changed some of the flooding settings for that port, but this makes no difference. Are these just old printers? Is there a way to add an exception for a port and still have Auto-DoS enabled?
Thanks for the help!
-Joel
Hi Joel,
Welcome to NETGEAR community!
I just check packets as your mentioned.:smileyhappy:
Please try operation as below to work around this case on GS748Tv5.
--Disable UDP port service in Denial of Service Configuration page
The root cause is the special MDNS packets that "Source port must be equal with destination port In MDSN according to RFC6762"
This option "UDP port" in Auto-DoS will drop these special packets and shutdown the port which receive its.
Let me know if this work around don't work.
Regards,
Daniel.
1 Reply
Hi Joel,
Welcome to NETGEAR community!
I just check packets as your mentioned.:smileyhappy:
Please try operation as below to work around this case on GS748Tv5.
--Disable UDP port service in Denial of Service Configuration page
The root cause is the special MDNS packets that "Source port must be equal with destination port In MDSN according to RFC6762"
This option "UDP port" in Auto-DoS will drop these special packets and shutdown the port which receive its.
Let me know if this work around don't work.
Regards,
Daniel.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
