× NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Start a New Discussion

Start a New Discussion

Orbi WiFi 7 RBE973
Reply

Re: GS110TPP auto-ds continuing shutting down port/s

gwaitsi
Guide
Guide
‎2021-01-12 02:56 AM
‎2021-01-12 02:56 AM

GS110TPP auto-ds continuing shutting down port/s

I have a GS110TPP with a TLink WR1043NDv2 (OpenWRT 19.5) connected as an Access Point.

The point the wr1043nd keeps shutting down if i use the auto-ds function.

 

In an attempt to isolate the problem, i moved the Linux and Windows machines that were connected to the AP directly onto the GS110TPP.

 

1) Kubuntu 20.10 NFSv4

It seems the linux box causes the shutdown, when going to browse the NFSv4 Share with the Dolpin file manager. Have been able to repeatedly duplicate it. Box works fine and as soon as opening the link to the network share, GS110TPP port shutsdowns.

 

2) Huawei P10 Lite

I shutdown all devices connected to the WiFi on the WR1043ND. Powering on one device at a time, it seems that periodically when the Huawei P10 Lite is connected, the shutdown of the port wher ethe TPLink is connected occurs. (Previously, when the Kubuntu was connected to the switch port on the TPLink this problem was occuring too)

 

From 1) and 2) it seems the issue is not related to the TPLink hardware, but rather the packets it is passing.

 

As i work around, i have left the Kubuntu on the GS110TPP and turned the auto-ds feature off.

 

 

 

 

Message 1 of 5
0 Kudos
Reply
schumaku
Guru Guru
Guru
‎2021-01-12 01:00 PM
‎2021-01-12 01:00 PM

Re: GS110TPP auto-ds continuing shutting down port/s

Talking of Auto-DoS?

 

Doesnt the switch log have an indication which Auto-DoS capability does shut the port?

Message 2 of 5
0 Kudos
Reply
gwaitsi
Guide
Guide
‎2021-01-12 01:34 PM
‎2021-01-12 01:34 PM

Re: GS110TPP auto-ds continuing shutting down port/s

1) In regards to my GS110TPP, the UDP Port and TCP Ports were enabled (not sure how that happened). NFSv4 was causing it, because 2049 is both the source and destination. Once i disabled those two, Kubuntu was fine.

 

2) It is not the Huawei, I have a GS108T and two ports on both are used in a LAGG as a trunk.

While i was down stairs, the TP link connected to the GS108T caused a disable of the Trunk ports. The TP link also had a LG TV and Kodi Box so i still can't be sure what is causing that.

GS108Tv3 Log

<180>1 2021-01-12T19:06:33.176+1:00Z 192.168.xx.10-1 PORT-4-ERR_DISABLE rsd_port.c(950) %% dos error detected on GigabitEthernet8, putting GigabitEthernet8 in err-disable state
<179>1 2021-01-12T19:06:33.176+1:00Z 192.168.xx.10-1 SYSTEM-3 %%  Interface GigabitEthernet8 has been shutdown by DOS attack notification.
<180>1 2021-01-12T19:06:32.006+1:00Z 192.168.xx.10-1 PORT-4-ERR_DISABLE rsd_port.c(950) %% dos error detected on GigabitEthernet7, putting GigabitEthernet7 in err-disable state
<179>1 2021-01-12T19:06:32.006+1:00Z 192.168.xx.10-1 SYSTEM-3 %%  Interface GigabitEthernet7 has been shutdown by DOS attack notification.

 

GS110TPP log

<182>1 2021-01-12T19:06:33.819+1:00Z 192.168.xx.11-1 LLDP-6-NEIGHBOR_DEL proto_lldp.c(4881) %% Neighbor deleted on port GigabitEthernet9: Chassis ID 08:36:xx:xx:xx:xx, Port ID g8
<182>1 2021-01-12T19:06:33.679+1:00Z 192.168.xx.11-1 STP-6-MSTI_PORT_STATE proto_stp.c(810) %% Port LAG1 instance 2 moving from Forwarding to Disabled
<182>1 2021-01-12T19:06:33.679+1:00Z 192.168.xx.11-1 STP-6-MSTI_PORT_STATE proto_stp.c(810) %% Port LAG1 instance 1 moving from Forwarding to Disabled
<182>1 2021-01-12T19:06:33.679+1:00Z 192.168.xx.11-1 STP-6-MSTI_PORT_STATE proto_stp.c(810) %% Port LAG1 instance 0 moving from Forwarding to Disabled
<181>1 2021-01-12T19:06:33.539+1:00Z 192.168.xx.11-1 TRAPMGR-5-PORT_LINK_DOWN ksi_snmp.c(230) %% Interface LAG1 link down
<181>1 2021-01-12T19:06:33.539+1:00Z 192.168.xx.11-1 TRAPMGR-5-PORT_LINK_DOWN ksi_snmp.c(230) %% Interface GigabitEthernet9 link down

I have temporarily disabled the autoDOS on the GS108T to minimize impact, i will try to identify and wifi devices on via the GS110T

Message 3 of 5
0 Kudos
Reply
schumaku
Guru Guru
Guru
‎2021-01-13 02:19 AM
‎2021-01-13 02:19 AM

Re: GS110TPP auto-ds continuing shutting down port/s

Ok, looks like the log is not complete enough - considering the many DoS attributes that can be enabled/disabled in the Web UI. @YeZ something the switch engineering must look into.

 

And then: I'm not sure on how smart it is to shut down a port and expect the admin does manually re-activate...

Message 4 of 5
0 Kudos
Reply
gwaitsi
Guide
Guide
‎2021-01-13 02:24 AM
‎2021-01-13 02:24 AM

Re: GS110TPP auto-ds continuing shutting down port/s

they were all the entries from the specific time the port went down, the other entries, were just standard entries. there were no indications of which rule triggered the port closure (which of course would make a resolution easier). For now i have to disable on both devices so we can continue to work and i will look again on the week. I will setup suricata on the pfsense to try and identify the traffic that is causing the problems.

Message 5 of 5
Reply
Top Contributors
See All
Discussion stats
  • 4 replies
  • ‎2021-01-12 02:56 AM
  • 1343 views
  • 1 kudo
  • 2 in conversation
Announcements