My R7800 X4s cannot sync proper time behind att Pace 5268AC
Ok heres the deal. after I configure the r7800 for DMZ+ and get wan IP address assigned on this gateway (pace 5268AC) and reboot the router it will not get a time sync.
Log: [DoS Attack: ACK Scan] from source: 162.125.18.133, port 443 [DHCP IP: 192.168.12.105] to MAC address e8:50:8b:ef:47:73 [admin login] from source 192.168.12.100 [Internet connected] IP address: my ip address [Initialized, firmware version: V1.0.2.28]
If its in the private dhcp pool for the gateway it gets the time sync. Connection Status
IP Address 192.168.1.64 Subnet Mask 255.255.255.0 Default Gateway 192.168.1.254 DHCP Server 192.168.1.254 DNS Server 192.168.1.254 Lease Obtained 1 Days, 0 Hours, 0 Minutes Lease Expires 0 Days, 23 Hours, 59 Minutes
Log: [Time synchronized with NTP server] Friday, March 31, 2017 13:01:40 [DHCP IP: 192.168.12.106] to MAC address e8:50:8b:ef:47:73, Friday, March 31, 2017 13:01:14 [DHCP IP: 192.168.12.104] to MAC address 48:d2:24:95:1f:7d, Friday, March 31, 2017 13:00:57 [admin login] from source 192.168.12.100, Friday, March 31, 2017 13:00:51 [DoS Attack: Ping Sweep] from source: 192.168.1.254, Friday, March 31, 2017 13:00:49 [Internet connected] IP address: 192.168.1.64, Friday, March 31, 2017 13:00:49 [DoS Attack: ACK Scan] from source: 162.125.18.133, port 443, Friday, March 31, 2017 13:00:46 [Initialized, firmware version: V1.0.2.28] Friday, March 31, 2017 13:00:43
Re: My R7800 X4s cannot sync proper time behind att Pace 5268AC
The Modem (Pace5268) has been set to what ATT seems to think is Bridge mode (DMZ+). Come to find out ATT blocks port 123. What is weird is it will get a time hack if I turn Off DMZ+ and let the Modem assign an IP address to to it. It has been a documented issue with ATT Gigapower (Fiber).
Re: My R7800 X4s cannot sync proper time behind att Pace 5268AC
This thread over on AT&T's forum seems to have the best information. AT&T blocks packets with a source port of 123 (NTP). My hypothesis is that Netgear sources NTP packets with source port 123. When the Pace is in DMZPlus mode, it passes outgoing traffic without performing port masquerading, hence NTP traffic from Netgear is blocked. When the Pace is not in DMZPlus mode, it will masquerade the port to a random source port and NTP will work.
A possible fix is for Netgear to use a random source port for NTP instead of 123.
Perhaps Netgear engineers can confirm whether or not NTP is sourced with port 123.
Re: My R7800 X4s cannot sync proper time behind att Pace 5268AC
Any chance of getting into a modem only device with you ISP?
My Setup | ISP SparkLight | Internet Cable 1000↓/50↑ CM2000 Modem | Wifi Router RAXE50 and R8500(v.158) Router Mode and RBK752(v.2) AP mode | Switches NG GS105/8 |
