NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Why does blocking ICMP cause constant Orbi reboots?
OK, I'll start this by saying please do not respond if you are only going to comment, "why do you care about ICMP, why are you blocking it, etc.". This is just an academic question from my own curio...
I appreciate all the input, it's nice to see a forum where people actually help one another. While it is annoying to have 30k unnecessary pings a day in my firewall logs, I can just filter them out in the future. I did notice during some packet inspection that all of the Orbi satellites are also pinging the router, however blocking these doesn't seem to cause the Orbi to reboot for some reason, so I'll just leave those blocked.
Thanks everyone, see you all next time I have an obscure networking question.
Well, I haven't generated a .pcap capture but even with pfTop on the firewall you can see the Orbi (in AP Mode) 192.168.2.2 CONSTANTLY pinging the firewall 192.168.1.1, seems to be at a rate of between every 1 or 2 seconds.
Topology is cable modem LAN port plugged into pfSense WAN port, then pfSense LAN port plugged into unmanaged network switch, then network switch plugged directly into Orbi WAN port. The switch has many other items plugged into it as well, however none of these items are pinging the pfSense. As soon as I tell pfSense not to respond to the pings, immediate and repeated restarts of the Orbi.
This looks pretty clear (to me). Orbi engineers wanted some mechanism to validate that "something is out there" and decided to Ping the device that assigned its IP address with DHCP. The standard DHCP process does not typically include further connections until half of the lease time has expired. With typical lease times being 86,400 seconds (one day), that would be a long time. This conjecture could be validated by changing the DHCP server (temporarily) to a different IP and watching to see if the Orbi begins to Ping that host instead of the pfSense itself.
My guess is that the issue is resolved:
no ICMP response means "No Network".
Very creative experiment.
I remember seeing a similar thing happen after getting my 8 series. After NG pushed everyone to v4 from v3 FW and causes problems, I wanted to check to see if we could block certain auto update addresses. We could block but noticed that the RBR wouldn't work right or the front LED came on PINK and it lost internet services. Figured NG put something in the FW that if certain addresses were blocked, the RBR wouldn't work. Kinda creative to keep there services tied to operation. 🙄
I appreciate all the input, it's nice to see a forum where people actually help one another. While it is annoying to have 30k unnecessary pings a day in my firewall logs, I can just filter them out in the future. I did notice during some packet inspection that all of the Orbi satellites are also pinging the router, however blocking these doesn't seem to cause the Orbi to reboot for some reason, so I'll just leave those blocked.
Thanks everyone, see you all next time I have an obscure networking question.
đź‘Ť
