NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
sveinse
Apr 19, 2025Aspirant
SSDP multicast leakage across VLAN on GS308EP
Setup
- Switch is in Advanced 802.1Q VLAN mode
- Port 1-6 connected to VLAN 1. Port 1-6 untagged, port 7-8 exclude.
- Port 7-8 connected to VLAN 2. Port 1-6 exclude, port 7-8 is untagged.
- Port 1-6 PVID 1 and port 7-8 PVID 2
This is basically setting up two independent networks with untagged ports.
When connecting to port 7 (which is connected to VLAN 2), I'm seeing multicast SSDP messages containing IP addresses from VLAN 1.
E.g. 192.168.0.42 (from VLAN1) > 239.255.255.240 port 1900. Messages typically contain "ssdp:discover"
This behavior is effectively leaking IP-addresses and messages from VLAN 1 into VLAN 2.
I've tested turning "IGMP snooping" on and off. I've turned on and off the UPnP "switch discovery" setting. I've tested turning "Broadcast filtering" on and off. Nothing changes the behavior.
Are there any setting that permits me to disable the forward of these SSDP multicasts? Have anyone else observed this behavior?
Firmware: v1.0.1.4
If anyone arrives at this page:
I reached out to NG support, and the issue have been fixed. They have released a new firmware for the switch that can be downloaded here:
https://kb.netgear.com/000066737/GS308EP-Firmware-Version-2-0-0-5
6 Replies
- sveinseAspirant
I've tested more and I'm now getting confident this is a bug in the switch!
It sends IP multicast messages between independent VLAN1 to VLAN2. This is an unexpected error. Arbitrary formatted messages with destination address to any IP address of "<224-239>.<1-255>.255.250" to port 1900 are broadcast across the VLANs. The communication works both ways. This can be used to create backdoor communication between any of the 4080 open IPs between the VLANs.
The 239.255.255.250:1900 is used for SSDP which is UPnP protocol for advertising availability of equipment. The described behavior is effectively:
- Sending IP addresses between VLANs
- Sending presence and status of UPnP equipment
- Can be used as a unsolicited data channel between the VLANs
How to repro the error:
- Configure two independent VLAN 1 and VLAN 2 that share no common ports
- Insert computer1 (generator) into a VLAN 1 port
- Insert computer2 (observer) into a VLAN 2 port
- Computer 1: Send UDP datagram with payload "foobar" to IP 224.255.255.240 UDP port 1900
- Computer 2: Observe with wireshark the reception of the UDP "foobar" message from IP of computer 1 and destination to selected multicast IP
I've tested a lot of different settings, IGMP on/off, UPnP on/off to no avail. I've tested firmware reset of the device without any resolution.
Where should error reports like this be reported?
- sveinseAspirant
If anyone arrives at this page:
I reached out to NG support, and the issue have been fixed. They have released a new firmware for the switch that can be downloaded here:
https://kb.netgear.com/000066737/GS308EP-Firmware-Version-2-0-0-5
- brian20930Aspirant
Did this actually solve your problem? I noticed the problem today, found your post, found that my GS316EP had a firmware update that mentioned the same fix (though the version is 2.0.0.3). But after installing the firmware the problem remains exactly as it was. Thanks! This is very frustrating!
Related Content
NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!